{"report_id":"e1e4ead0-44df-48d3-9a15-3b18ea018473","version":6,"status":"done","tags":["microsoft","phishing","outlook"],"date":"2024-01-20T14:41:18Z","url":{"schema":"https","addr":"pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","fqdn":"pub-9819825e701343cb9146515022975bb4.r2.dev","domain":"pub-9819825e701343cb9146515022975bb4.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","fqdn":"pub-9819825e701343cb9146515022975bb4.r2.dev","domain":"pub-9819825e701343cb9146515022975bb4.r2.dev","tld":"r2.dev"},"title":"Sign in to your Office365 account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T02:55:44Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"pub-9819825e701343cb9146515022975bb4.r2.dev","ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2023-05-01 23:53:29","last_seen":"2024-01-04 19:19:22","alert_count":3,"request_count":2,"received_data":86097,"sent_data":1229,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn-jm-tools.web.app","ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2019-01-08","domain_rank":0,"first_seen":"2021-05-28 22:34:17","last_seen":"2024-01-20 00:15:30","alert_count":0,"request_count":5,"received_data":23887,"sent_data":2592,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2024-01-19 19:08:49","alert_count":0,"request_count":1,"received_data":28984,"sent_data":517,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.213.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2024-01-20 04:45:08","alert_count":0,"request_count":1,"received_data":1454,"sent_data":517,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-01-20","alert":"Office365","trigger":"pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","fqdn":"pub-9819825e701343cb9146515022975bb4.r2.dev","domain":"pub-9819825e701343cb9146515022975bb4.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4d64cf643fb858c43d69adcea230b80","sha1":"071b3370c22a66e229e35ddf3dcc8acabffd6751","sha256":"6b7a3126bfbd6deb7bc9f9f22e56de88ca1577b2a70ee7b7b83d0533fcd9fb5c","sha512":"a06264ad7b0e5208c9264d9fc8c2dcb5c2304a0fe0c6c3fd1f47b1a6e9ed30680f197d40b6092c253559c4ec087b4c47ce73c236cc58c36adf1cbf76e06941ee","ssdeep":"384:4yWxhyvUvO+nNxGjVNN0kfGgy9/DEAtsOa5OLJCr1WOLuPlROH0a9LVoLyFSHr0w:4UvKEXSkOWU+iVFF","tlshash":"1f43a13ca321c44da9736a3bfce42f655109af97edc9b7c9041880973ef067a71146ea","size":58301,"data":"","first_seen":"2023-05-03T16:07:04Z","last_seen":"2024-10-04T10:49:26.877956Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"54b1b766e156a4ace987f390e15baa56","sha1":"0664b73cea5f91d8b732f26ae004f0f33b97ce5b","sha256":"c716013e61bf40208e1749d4ef28acde63856f436fa6194463f0888e8652e731","sha512":"0fda3cb401f77a697598971ca5ffd1a08963322fea3d1a99fc6edf0b8fd88b3feb950a43a9276efc4582a7e1eae21c547644bcb2eb974407011dad12347b73a0","ssdeep":"","tlshash":"33d0a7526b09c430549085816da5d544e9bf344b08a8864cf10c4d6f57016bad4d65c4","size":217,"data":"","first_seen":"2023-05-03T16:07:04Z","last_seen":"2024-10-04T10:49:26.878389Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12108007906290015100837a6a61e9f4","sha1":"1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3","sha256":"c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4","sha512":"93658f3eb4a044523a7136871e125d73c9005da44ce09045103a35a4f18695888ecafe2f9c0d0fa741b95cc618c6000f9ad9affc821a400ea7e5f2c0c8968530","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakF:YYh8eip3hXuf6IidlrvakdtQ47GK1","tlshash":"c393f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89493,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-06T08:49:22.406702Z","times_seen":18424,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e780d495bcd324a4335f0e8925406907","sha1":"e5af8c50973afa854f350e95bf1de6a206093b7d","sha256":"7dbb31d0837d2d2013ab9926a40df7845c3e5e6bafdc7409e387df2ed18db7c1","sha512":"ece13af64cc72e0cea949275228d264d597c4e9cdae3d9a78c5460083772c0e45867cf406f06d1a9e77592d9708486ed8da6c837cead2f9bda23f66fca997a2b","ssdeep":"","tlshash":"7561f18b32050ebb17fbb4a6342b44497d30e0159b05180016b69bedf936fc5a6ebb4b","size":3185,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-03-19T18:05:45.764545Z","times_seen":5733,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"c8fdc24f29131f6188fe712c2cc8b3ca","sha1":"ffa70160a46ea11c0a3ec945ada02cfcbce9ebac","sha256":"0b830e7fe341e1face789cb38200bf2611352ad5bf30e446d8503a8d5cb6b87c","sha512":"57777041a033d45b0fd64437ee677d6bd7695c14c81b0b0ba6e657c9f35703687e5bbf5419af23b352f7d67a216d925f1def2ec01d354027b3f8ab7e59d4d9a6","ssdeep":"384:ea7i76pyKJ7eFJ7ecR7ec47Dd7747R7RqytPhgTwZe08B7W7L7m7J7L7GqGs+7sz:F2OFCDCcRCcQNEldtOi1KCXStXygTf","tlshash":"629209f2b0111e6a539b9df9f033d204313ae64dd3038d60e97c8a9416ffe19f52699a","size":19422,"data":"","first_seen":"2023-05-03T16:07:04Z","last_seen":"2024-10-04T10:49:26.879043Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","fqdn":"pub-9819825e701343cb9146515022975bb4.r2.dev","domain":"pub-9819825e701343cb9146515022975bb4.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-20T14:40:41.938Z","timestamp":1705761641938,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 Dec 2023 16:41:44 GMT","end":"Fri, 08 Mar 2024 16:41:43 GMT"},"fingerprint":{"sha1":"4F:76:7B:87:A0:AD:97:E8:F7:6F:90:89:C3:5D:51:AC:FD:EA:F4:F9","sha256":"41:EA:6B:04:C9:33:BD:19:FC:9A:F8:D6:AB:B1:69:B0:E2:B2:D0:5B:8B:74:CF:19:8C:F9:CF:3F:5B:33:C2:26"}}},"request":{"raw":"GET /allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML HTTP/1.1\r\nHost: pub-9819825e701343cb9146515022975bb4.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 20 Jan 2024 14:40:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 58340\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"89594bab2d78a848f8e83dbe81fb307c\"\r\nLast-Modified: Fri, 28 Apr 2023 13:16:32 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 848812f64d53712b-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58340,"size_decoded":58340,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (58299)","md5":"89594bab2d78a848f8e83dbe81fb307c","sha1":"f285f2f12208fd0d58e06954eef8fec2d828c610","sha256":"ba20cd4b099546662d31b79a104dbaf11add9b274476eb2030a95fd8ed7d634e","sha512":"bae2cf5b512b28600d8d8252d4806c1103f5aee1829909c7e244f40f916ed7c7467fe5f0d0178bc6981fa4e800d2e4aee89d95d4dfedf9e2d560c16f9b1a969a","ssdeep":"384:/yWxhyvUvO+nNxGjVNN0kfGgy9/DEAtsOa5OLJCr1WOLuPlROH0a9LVoLyFSHr0g:/UvKEXSkOWU+iVF3","tlshash":"0843a13ca321c44da9736a3bfce42f655109af97edc9b7c9041880973ef067a71146ea","first_seen":"2023-05-03T16:07:04Z","last_seen":"2024-10-04T10:49:26.872556Z","times_seen":16,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":206,"receive":4,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-01-20","alert":"Office365","trigger":"pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.396Z","timestamp":1705761642396,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 17 Jan 2024 16:11:16 GMT","end":"Tue, 16 Apr 2024 16:11:15 GMT"},"fingerprint":{"sha1":"C9:9B:7B:12:35:DB:EA:43:A5:38:B1:85:49:57:C6:62:C2:AC:02:69","sha256":"91:41:0B:69:6A:6A:E8:1B:AA:E0:16:8C:1F:7C:D5:A2:E0:D9:3D:7E:0E:55:1C:0C:1F:9D:C7:54:27:7D:6A:19"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\netag: \"cf034e803491c0dbb1074332cd18fac418b94b0a139a7ddbf92ec40574951a8a-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\nx-served-by: cache-hel1410022-HEL\r\nx-cache: HIT\r\nx-cache-hits: 8\r\nx-timer: S1705761642.459264,VS0,VE0\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 230\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":230,"size_decoded":915,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2b5d393db04a5e6e1f739cb266e65b4c","sha1":"6a435df5cac3d58ccad655fe022ccf3dd4b9b721","sha256":"16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6","sha512":"3a692635ee8ebd7b15930e78d9e7e808e48c7ed3ed79003b8ca6f9290fa0e2b0fa3573409001489c00fb41d5710e75d17c3c4d65d26f9665849fb7406562a406","ssdeep":"","tlshash":"4211c9bb2f78c66ea09197943762a7791f76a14873883590f3432f11ee44dbb203dc40","first_seen":"2023-04-14T08:32:49Z","last_seen":"2026-04-06T01:33:10.446428Z","times_seen":15497,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.397Z","timestamp":1705761642397,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pub-9819825e701343cb9146515022975bb4.r2.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27964\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec4-15d95\"\r\nlast-modified: Mon, 04 May 2020 16:11:48 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 774711\r\nexpires: Thu, 09 Jan 2025 14:40:42 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=u%2Bek2IN7wSv9zwy%2F9MFh%2FPJ5i29icj%2BF6k9MdXbj6Ir1uRBr4qZrj4dJ04ZJadmW53kkuVpAKOMij0Uw06oLaanfZdbL2NKmnb15JwZdFf4GC%2FZ4lW6jF7SsgHgX3NbdOIfCcviN\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 848812f93fda0b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27964,"size_decoded":89493,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65451)","md5":"12108007906290015100837a6a61e9f4","sha1":"1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3","sha256":"c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4","sha512":"93658f3eb4a044523a7136871e125d73c9005da44ce09045103a35a4f18695888ecafe2f9c0d0fa741b95cc618c6000f9ad9affc821a400ea7e5f2c0c8968530","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakF:YYh8eip3hXuf6IidlrvakdtQ47GK1","tlshash":"c393f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-06T08:49:22.406702Z","times_seen":18424,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":25,"dns":1,"connect":1,"send":0,"wait":41,"receive":2,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.393Z","timestamp":1705761642393,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 17 Jan 2024 16:11:16 GMT","end":"Tue, 16 Apr 2024 16:11:15 GMT"},"fingerprint":{"sha1":"C9:9B:7B:12:35:DB:EA:43:A5:38:B1:85:49:57:C6:62:C2:AC:02:69","sha256":"91:41:0B:69:6A:6A:E8:1B:AA:E0:16:8C:1F:7C:D5:A2:E0:D9:3D:7E:0E:55:1C:0C:1F:9D:C7:54:27:7D:6A:19"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\netag: \"2084deafc36fbaca40a6352319b3c1edb1262245428033547de6b82e0c2dcfe8-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\nx-served-by: cache-hel1410022-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1705761642.459208,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 1274\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1274,"size_decoded":3651,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-04-06T07:57:49.102988Z","times_seen":122415,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.395Z","timestamp":1705761642395,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 17 Jan 2024 16:11:16 GMT","end":"Tue, 16 Apr 2024 16:11:15 GMT"},"fingerprint":{"sha1":"C9:9B:7B:12:35:DB:EA:43:A5:38:B1:85:49:57:C6:62:C2:AC:02:69","sha256":"91:41:0B:69:6A:6A:E8:1B:AA:E0:16:8C:1F:7C:D5:A2:E0:D9:3D:7E:0E:55:1C:0C:1F:9D:C7:54:27:7D:6A:19"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-type: image/png\r\netag: \"a512441fed43fc63c5a2bbce213d4081532632f57c75eb60cb7dd0e4a1126b38\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\nx-served-by: cache-hel1410022-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1705761642.459180,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 240\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":240,"size_decoded":240,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"7cc096da6aa2dba3f81fcc1c8262157c","sha1":"a50776316f0220ed7cd7882a68c742a8861c999d","sha256":"ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83","sha512":"ec046758ec2d6588b9b103e5bb1b035dee57dfbb068ad902c869ed22b14f78282461709bdb20366ee887b814f00ae39a4ebd82db42bd831be85fe5b4bf4037af","ssdeep":"","tlshash":"a0d0979373129c2dcfb4e733920e0c22cc1382a3872ab74c58529050bf18c002a9085d","first_seen":"2023-04-27T20:18:37Z","last_seen":"2026-04-05T10:31:31.440721Z","times_seen":12234,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.390Z","timestamp":1705761642390,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 17 Jan 2024 16:11:16 GMT","end":"Tue, 16 Apr 2024 16:11:15 GMT"},"fingerprint":{"sha1":"C9:9B:7B:12:35:DB:EA:43:A5:38:B1:85:49:57:C6:62:C2:AC:02:69","sha256":"91:41:0B:69:6A:6A:E8:1B:AA:E0:16:8C:1F:7C:D5:A2:E0:D9:3D:7E:0E:55:1C:0C:1F:9D:C7:54:27:7D:6A:19"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=utf-8\r\netag: \"180ed6b42ce49176e493ebf3f2145e670be96178b9e2f60001e81532e32268cb\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\nx-served-by: cache-hel1410022-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1705761642.459240,VS0,VE7\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 18705\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18705,"size_decoded":102041,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (61112)","md5":"53b33b15cf9dff288eda12099e0ee746","sha1":"1748b7bd3b89b84d800374083af646fec11ff082","sha256":"30c90ea15ddeec7d675ed3eaaf26e8283b908265c5a6a5ff00345d03c24233f0","sha512":"8ba4bcbe63b72e6dff001b441d0fe100ecb3a6a6d664816eac7d89e8bb088c6653c9f7bc646f20884842c19c7516ed751332e4585ff49202d4b3f73e6438f24d","ssdeep":"1536:IpHDgWeWJw+k4zazA/PWrF7qvEAFiQcpmeh1+zy35o:ORUyy3+","tlshash":"46a3c8946d243d269037c73561c1bd87a2121503f637aebbf6226db9cf896cb0b31e49","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-04-05T10:31:31.449536Z","times_seen":9903,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":40,"dns":1,"connect":15,"send":0,"wait":39,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-9819825e701343cb9146515022975bb4.r2.dev/*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/","fqdn":"pub-9819825e701343cb9146515022975bb4.r2.dev","domain":"pub-9819825e701343cb9146515022975bb4.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.653Z","timestamp":1705761642653,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 Dec 2023 16:41:44 GMT","end":"Fri, 08 Mar 2024 16:41:43 GMT"},"fingerprint":{"sha1":"4F:76:7B:87:A0:AD:97:E8:F7:6F:90:89:C3:5D:51:AC:FD:EA:F4:F9","sha256":"41:EA:6B:04:C9:33:BD:19:FC:9A:F8:D6:AB:B1:69:B0:E2:B2:D0:5B:8B:74:CF:19:8C:F9:CF:3F:5B:33:C2:26"}}},"request":{"raw":"GET /*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/ HTTP/1.1\r\nHost: pub-9819825e701343cb9146515022975bb4.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sat, 20 Jan 2024 14:40:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 27242\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 848812faab5b712b-OSL\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":27242,"size_decoded":27242,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.213.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.655Z","timestamp":1705761642655,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 29 Oct 2023 00:00:00 GMT","end":"Tue, 29 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C","sha256":"09:32:99:C8:74:C7:C3:CF:73:1C:DD:DA:92:7C:22:1B:DD:53:9C:51:21:D5:10:61:C4:4D:CC:52:56:13:C6:DC"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 673\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 12 Feb 2020 22:01:30 GMT\r\netag: 0x8D7B0071D86E386\r\nx-ms-request-id: f8ad1954-501e-0022-201a-4bf044000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20240120T144042Z-y019x4nb651md9v65hpx3tm3z8000000013g0000000055mz\r\nx-fd-int-roxy-purgeid: 4554691\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":1864,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-04-06T02:04:37.447711Z","times_seen":102182,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":178,"dns":107,"connect":17,"send":0,"wait":31,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/favicon.ico","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-9819825e701343cb9146515022975bb4.r2.dev/allow.html?user-agent=Mozilla/5.0WindowsNT10.0;Win64;x64AppleWebKit/537.36KHTML","date":"2024-01-20T14:40:42.915Z","timestamp":1705761642915,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 17 Jan 2024 16:11:16 GMT","end":"Tue, 16 Apr 2024 16:11:15 GMT"},"fingerprint":{"sha1":"C9:9B:7B:12:35:DB:EA:43:A5:38:B1:85:49:57:C6:62:C2:AC:02:69","sha256":"91:41:0B:69:6A:6A:E8:1B:AA:E0:16:8C:1F:7C:D5:A2:E0:D9:3D:7E:0E:55:1C:0C:1F:9D:C7:54:27:7D:6A:19"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/favicon.ico HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-9819825e701343cb9146515022975bb4.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 421\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/x-icon\r\netag: \"928026765089cd2a4183510ed4f8be0259cd85b776338ee2c337cacc18bdf016-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sat, 20 Jan 2024 14:40:42 GMT\r\nx-served-by: cache-hel1410022-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1705761643.930262,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":421,"size_decoded":17174,"mime_type":"","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-04-06T06:40:17.577302Z","times_seen":163429,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}