firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 11:12:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AyKBaalJtpERx4-5YGjcgGwGkzaQcMfiRjPYjQkMLOY_jMdofDoI3w==
Age: 943
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 11:28:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3704
Expires: Fri, 23 Sep 2022 12:29:46 GMT
Date: Fri, 23 Sep 2022 11:28:02 GMT
Connection: keep-alive
account.mycorporate-rewards.com/d20e6f/895b9c63-147a-4997-9f04-c008152e239d/?
54.83.101.48200 OK 15 kB URL HTTP/1.1 account.mycorporate-rewards.com/d20e6f/895b9c63-147a-4997-9f04-c008152e239d/?
IP 54.83.101.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (505), with CRLF, LF line terminators
Hash 84d0fa0e289a248d73c75a697648d8d4
bb103d93e3e1ad35fb1230013437a6870e8befdc
d94eafaed79c46a5b491499c3f662b61356094697090e17c810d9260f191e1e1
GET /d20e6f/895b9c63-147a-4997-9f04-c008152e239d/? HTTP/1.1
Host: account.mycorporate-rewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 11:28:02 GMT
Server: Apache
Cache-Control: no-store
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 4db0a77b-8d2a-46d8-8392-b5f0feae1f34
X-Frame-Options: DENY
X-Runtime: 0.060146
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Set-Cookie: _phishme.com_session_id=ee7d68437f64219c21573885a1aa16ed; path=/; HttpOnly
ETag: W/"e8075b5b78ced10552310120d65b5aa3-gzip"
Status: 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: http://landing.phishme.com
X-Download-Options: noopen, noopen
Content-Length: 14768
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8VOFcMIkXQm7KBiKM/UIhRk/mxlNHZOBcT23WxJcd/HAeRdXPG14cORs7PPx1lHo8c2XXbeTLMc=
x-amz-request-id: 79A0HP525DJMGFX6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 10:46:57 GMT
age: 2465
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Origin: http://account.mycorporate-rewards.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 11:28:02 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663932482.dop221.sk1.t,1663932482.cds245.sk1.hn,1663932482.cds208.sk1.c
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 11:28:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-126808791-4
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-126808791-4
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 06a044021b9a8cf2c6e3e81b8b301a52
bbe12ba4029bf2e877a4b1a1a859a4a7a6237fd9
5230a32d48e4d163cc1b4fed17dedd90ab4b30bec2224658f07e5e129ca127c1
GET /gtag/js?id=UA-126808791-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 11:28:02 GMT
expires: Fri, 23 Sep 2022 11:28:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
account.mycorporate-rewards.com/javascripts/jquery-latest.min.js
54.83.101.48200 OK 31 kB URL HTTP/1.1 account.mycorporate-rewards.com/javascripts/jquery-latest.min.js
IP 54.83.101.48:0
File type ASCII text, with very long lines (65451)
Hash c65598a79e692c79f732ea0b099f9da7
5459de784144478c4a5088437bf5da4690dbae5f
653cc57da3a15e7ba824119d448c287f3c1a9a0afb400970ed3658d48765984a
GET /javascripts/jquery-latest.min.js HTTP/1.1
Host: account.mycorporate-rewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/d20e6f/895b9c63-147a-4997-9f04-c008152e239d/?
Connection: keep-alive
Cookie: _phishme.com_session_id=ee7d68437f64219c21573885a1aa16ed
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 11:28:02 GMT
Server: Apache
Last-Modified: Thu, 08 Sep 2022 14:41:55 GMT
ETag: "15851-5e82b6e47f2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Fri, 23 Sep 2022 11:28:02 GMT
Access-Control-Allow-Origin: http://landing.phishme.com
X-Download-Options: noopen
Content-Length: 30677
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
account.mycorporate-rewards.com/javascripts/jquery.periodicalupdater.js
54.83.101.48200 OK 2.2 kB URL HTTP/1.1 account.mycorporate-rewards.com/javascripts/jquery.periodicalupdater.js
IP 54.83.101.48:0
Hash 9e7f9a518aef792b3b69c138722dfff8
908c904dbe15e45be5d617ac667f1253682f8a0e
fa951f4a9bdeb46ebbaf1bb60c455a9c77cda6b3b80570798ace5600b6ee07b9
GET /javascripts/jquery.periodicalupdater.js HTTP/1.1
Host: account.mycorporate-rewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/d20e6f/895b9c63-147a-4997-9f04-c008152e239d/?
Connection: keep-alive
Cookie: _phishme.com_session_id=ee7d68437f64219c21573885a1aa16ed
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 11:28:02 GMT
Server: Apache
Last-Modified: Thu, 08 Sep 2022 14:41:55 GMT
ETag: "1a02-5e82b6e47f2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Fri, 23 Sep 2022 11:28:02 GMT
Access-Control-Allow-Origin: http://landing.phishme.com
X-Download-Options: noopen
Content-Length: 2221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.pmeimg.com/javascripts/jquery.periodicalupdater.js
54.230.111.113403 Forbidden 243 B URL HTTP/1.1 images.pmeimg.com/javascripts/jquery.periodicalupdater.js
IP 54.230.111.113:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 7c66d98bbe1ff9a3cd7a46070521626d
fe6e0590b14f7c9c1ddf6365355b349e1ad929f3
700f9ab71bb034d997852c74f726b5ce7d1de2def0b49b98d897be6bb2d23b9e
GET /javascripts/jquery.periodicalupdater.js HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 23 Sep 2022 11:28:02 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4LdLwk1uT0hPLVhXwZB7aBC4_eJq6hR5wXkbNhqHiZI3gN2RuCBwwQ==
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/stay-vigilant-f385cf99.png
54.230.111.113200 OK 15 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/stay-vigilant-f385cf99.png
IP 54.230.111.113:0
File type PNG image data, 400 x 281, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ffb08b49b8244e87da36bb262918cc9
fac4ca507d1f784498bd95f2dc1eda40884f2c31
db666cd5384502bdfb46e04e7a604637ff1ca31c73281aad93651e69aa97f787
GET /public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/stay-vigilant-f385cf99.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Length: 15171
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Wed, 19 Dec 2018 21:33:52 GMT
ETag: "9ffb08b49b8244e87da36bb262918cc9"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6urlglV4DP-B90__oR9PNZ8yzjVQwbzuhOMqklsalYcGGhL_pWJBcA==
Age: 24464
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/arrow-right-8265bb56.png
54.230.111.113200 OK 257 B URL HTTP/1.1 images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/arrow-right-8265bb56.png
IP 54.230.111.113:0
File type PNG image data, 19 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 5da1ebc1d80f5988b121bf38deb73429
f9c7f0fac4e9b264ddc6ee1cb72b58706c1270f7
82f3e0729b69fa41816b709f347ae9c63b85e33e005505886e3bdd7aaae03452
GET /public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/arrow-right-8265bb56.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Length: 257
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Wed, 19 Dec 2018 21:34:49 GMT
ETag: "5da1ebc1d80f5988b121bf38deb73429"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: owZF9Fb5TXuWXfPIPfAyWgMnPCcjRjGwWV85bfUgGP25P3Sc2hRDIg==
Age: 24464
images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0001-ea5e0234.png
54.230.111.113200 OK 338 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0001-ea5e0234.png
IP 54.230.111.113:0
File type PNG image data, 1088 x 612, 8-bit/color RGBA, non-interlaced\012- data
Size 338 kB (338038 bytes)
Hash aa453e16d98e13e82385e38e5422fec6
41b433c67ee0c0624463c4be9d11287379ac3795
7748a2ca14c98b21cc0a83df74ed81619a691599a136db9064f1af54c82fe44e
GET /public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0001-ea5e0234.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 338038
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Fri, 16 Sep 2022 19:01:08 GMT
ETag: "aa453e16d98e13e82385e38e5422fec6"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SESx9mmHe0JVBENsXxr8yG3DnIwxSUgdxvT_N4tDQ9EDAZp7MKA38g==
Age: 24464
images.pmeimg.com/public/user_assets/6f7247b5-130b-4a5e-85ae-5803c3fc128f/sept_se-3988aaa0.jpg
54.230.111.113200 OK 226 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/6f7247b5-130b-4a5e-85ae-5803c3fc128f/sept_se-3988aaa0.jpg
IP 54.230.111.113:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 171x171, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, description=SE - last 12 months], baseline, precision 8, 1414x1049, components 3\012- data
Size 226 kB (226480 bytes)
Hash 06c0bf26f8b092f8e4ca132d2876e7f4
ef7a4e3562116e9664c644a53673931186981815
fb1507ee0b0a3e196ccd2d3db118619f93b98f872addc5ecaf28ff9d339bda70
GET /public/user_assets/6f7247b5-130b-4a5e-85ae-5803c3fc128f/sept_se-3988aaa0.jpg HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 226480
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Tue, 20 Sep 2022 13:47:20 GMT
ETag: "06c0bf26f8b092f8e4ca132d2876e7f4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 31jix2yycKtsCaRcCIWXsS2nTNVU9ZtH9Em9EDvIPtWMHGs7-yk6nw==
Age: 24464
images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0003-008cd3bd.png
54.230.111.113200 OK 206 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0003-008cd3bd.png
IP 54.230.111.113:0
File type PNG image data, 1088 x 608, 8-bit/color RGBA, non-interlaced\012- data
Size 206 kB (206355 bytes)
Hash e50bef42762863c3912b0de68e199e4c
a8e0b90ef608fad525e972d7492b53cdcffcb1c5
c3ec2ab937968ec59b11553e6a0987cc59ee9d2bac8b47f2b3e48754ba61d572
GET /public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0003-008cd3bd.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 206355
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Fri, 16 Sep 2022 18:59:56 GMT
ETag: "e50bef42762863c3912b0de68e199e4c"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MbUCqV028Z-FZU0pijplkDD6u9fayyTE4GnPNm42s64awD_fWIa4ZA==
Age: 24464
images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0006-1f4b0d19.png
54.230.111.113200 OK 634 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0006-1f4b0d19.png
IP 54.230.111.113:0
File type PNG image data, 1088 x 608, 8-bit/color RGBA, non-interlaced\012- data
Size 634 kB (634420 bytes)
Hash a47a0d2a237ab59631fa18b6cff9ccc9
1ba42b735d96e25c936afe89dd5091e3af18fa99
e3dbe2dd32274a5673a96bff0d4d056d596e198ecb4f1f2ea8132862dede865c
GET /public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0006-1f4b0d19.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 634420
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Fri, 16 Sep 2022 19:01:38 GMT
ETag: "a47a0d2a237ab59631fa18b6cff9ccc9"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: inU0aUFkmp1Ek1BwCgC72_3R6Gfy78L6KdQi7S9bAC4s5qQFlq0bYA==
Age: 24464
images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0002-2d6d5943.png
54.230.111.113200 OK 204 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0002-2d6d5943.png
IP 54.230.111.113:0
File type PNG image data, 1088 x 612, 8-bit/color RGBA, non-interlaced\012- data
Size 204 kB (204453 bytes)
Hash 09eb1514a4d09edfc525e0da4fbd6fc4
57a123c9026bc570bf88e004776c25ed710928c9
2174b3dfce656d9f5cb8c09caa131d6228f92be882e3d15d52e08fcead136dd9
GET /public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0002-2d6d5943.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 204453
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Fri, 16 Sep 2022 19:01:59 GMT
ETag: "09eb1514a4d09edfc525e0da4fbd6fc4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0TIBkRabulIaym2KjyKtpCCACuYKe2wkGs9W7dOP3LMPDGhRxScvaQ==
Age: 24464
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/phishing-problem-2348fb7f.jpg
54.230.111.113200 OK 117 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/phishing-problem-2348fb7f.jpg
IP 54.230.111.113:0
File type JPEG image data, baseline, precision 8, 1400x363, components 3\012- data
Size 117 kB (116936 bytes)
Hash bb10df55279a03a71d3141f3059cc5a8
6b88c68038a8e497de7d726ba44bada747175915
598391abcb69cb488dc7e1369ffeec85f116b2da02a31fbdba56fcc9445f165d
GET /public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/phishing-problem-2348fb7f.jpg HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Length: 116936
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Wed, 19 Dec 2018 21:37:53 GMT
ETag: "bb10df55279a03a71d3141f3059cc5a8"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rwd0MN2Dg5ptOR0ByUJRO2Ptne_hm8pO3rU0WGmz-VNA7n0ki5ndgQ==
Age: 24464
images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0004-ce9f4546.png
54.230.111.113200 OK 733 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0004-ce9f4546.png
IP 54.230.111.113:0
File type PNG image data, 1088 x 608, 8-bit/color RGBA, non-interlaced\012- data
Size 733 kB (732662 bytes)
Hash 4339970e1d87d306b98f3fa693775064
f0594ac1bc22ebb21dc0078124d1289e12782ac4
14e528554ceda666e797f0c19becdeeb0dcf9f06cd66cac1be9f2aed6ba58382
GET /public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0004-ce9f4546.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 732662
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Fri, 16 Sep 2022 19:02:25 GMT
ETag: "4339970e1d87d306b98f3fa693775064"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e-5thuScc0Yo4fZ0O5Zw9AAgUXF0FDjDja7W0gJi-u6qpLkZwF-e2g==
Age: 24464
images.pmeimg.com/system/content_fonts/uploads/000/000/175/original/Graphik-Regular.woff
54.230.111.113200 OK 44 kB URL HTTP/1.1 images.pmeimg.com/system/content_fonts/uploads/000/000/175/original/Graphik-Regular.woff
IP 54.230.111.113:0
File type Web Open Font Format, TrueType, length 43884, version 0.0\012- data
Hash ada0bac546989e71ddba6096570203ef
154e76f942bef7da93300d09107fffdb87bb35ff
868d34d2e0e636e0590f587746036bf9009c83b2c48965de48c4c7a804ba1a09
GET /system/content_fonts/uploads/000/000/175/original/Graphik-Regular.woff HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://account.mycorporate-rewards.com/
Origin: http://account.mycorporate-rewards.com
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
Content-Length: 43884
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 60
Last-Modified: Tue, 03 Nov 2020 08:50:06 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 23 Sep 2022 04:53:52 GMT
ETag: "ada0bac546989e71ddba6096570203ef"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bzDoOK7134ewh7UK_ekn8JWoaUNC4yk43U2m_S2Fb0CKLzXvq1ehJg==
Age: 23651
images.pmeimg.com/system/content_fonts/uploads/000/000/163/original/Graphik-Bold.woff
54.230.111.113200 OK 46 kB URL HTTP/1.1 images.pmeimg.com/system/content_fonts/uploads/000/000/163/original/Graphik-Bold.woff
IP 54.230.111.113:0
File type Web Open Font Format, TrueType, length 45884, version 0.0\012- data
Hash 0bd50c6351c54c517572532f251e18f6
7663f590f82355f9388d63433407cfe0043caa38
e733431317cd0be348fa6c25e0794512d20e6b1ad036d597bf2d872324b87d3b
GET /system/content_fonts/uploads/000/000/163/original/Graphik-Bold.woff HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://account.mycorporate-rewards.com/
Origin: http://account.mycorporate-rewards.com
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
Content-Length: 45884
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 60
Last-Modified: Tue, 03 Nov 2020 08:40:07 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 23 Sep 2022 04:53:52 GMT
ETag: "0bd50c6351c54c517572532f251e18f6"
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9fjIMN__hFBoOqfDwdbWyiJrwqBsXBRPKBvA1P1K-sUQdgiFYLMoDA==
Age: 23651
images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0005-e69aab2e.png
54.230.111.113200 OK 914 kB URL HTTP/1.1 images.pmeimg.com/public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0005-e69aab2e.png
IP 54.230.111.113:0
File type PNG image data, 1088 x 608, 8-bit/color RGBA, non-interlaced\012- data
Size 914 kB (913939 bytes)
Hash 0e037315778bbfff9aafc222a7305b15
1d995ef4ac04b7e5d4bec385290fdf389ad38fa9
07b3d8de9942e8fd9908b8e59becbfa68b8714bd969e9dff0e9b0a2485bd520b
GET /public/user_assets/89608e8c-f8ea-4106-8c31-64a37d840a31/0005-e69aab2e.png HTTP/1.1
Host: images.pmeimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 913939
Connection: keep-alive
Date: Fri, 23 Sep 2022 04:40:19 GMT
Last-Modified: Fri, 16 Sep 2022 19:00:36 GMT
ETag: "0e037315778bbfff9aafc222a7305b15"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M01Q-hZVNxia3MykeuK3j2dSvyneIbQRJfE5k3Rdcx_HV_jt5OwHdg==
Age: 24464
player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
162.159.138.60200 OK 5.1 kB URL HTTP/1.1 player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (16078)
Hash 668d2fdfa9f7ae1ea0aa8bcc2c7ee7aa
0815389aa39e4ddbbe4c3adbf079061dc96d707e
525333c3d50c676e0248e797736a6e54c46a8f12ab4cc1c97905b690dbd74024
GET /video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 11:28:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 23 Sep 2022 11:29:50 GMT
x-host: player-84c9846b45-fmkzj
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-84c9846b45-fmkzj
Age: 0
X-Served-By: cache-bma1644-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1663932483.849966,VS0,VE117
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=TnPO8wA8YlkMzuzL6Jc5_5QsR9Klu5hBqKO4C45pzNA-1663932482-0-AbmN3L5CydZ8bx5RpNb7LxHy3GXm72J89UDaT9T7Oq7oaB02xvF6Bx1oXkl3nwBKe8HtG6pNWHzbDKwXsi7QG6E=; path=/; expires=Fri, 23-Sep-22 11:58:02 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 74f2ef41be65b524-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 11:03:22 GMT
Expires: Fri, 23 Sep 2022 11:24:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DR7zjJNQ5AbxEEfP4ys6S8p_HVAKSAEsBRJMjKyXNFA4K0niu3H0Pg==
Age: 1480
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 23 Sep 2022 10:41:09 GMT
expires: Fri, 23 Sep 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 2814
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
account.mycorporate-rewards.com/favicon.ico
54.83.101.48404 Not Found 0 B URL HTTP/1.1 account.mycorporate-rewards.com/favicon.ico
IP 54.83.101.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: account.mycorporate-rewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://account.mycorporate-rewards.com/d20e6f/895b9c63-147a-4997-9f04-c008152e239d/?
Connection: keep-alive
Cookie: _phishme.com_session_id=ee7d68437f64219c21573885a1aa16ed
HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 11:28:03 GMT
Server: Apache
Cache-Control: no-cache
X-Request-Id: 6fed6246-3760-45de-ab07-9c2c39f3c29c
X-Runtime: 0.000391
Status: 404 Not Found
Access-Control-Allow-Origin: http://landing.phishme.com
X-Download-Options: noopen
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
f.vimeocdn.com/p/4.10.1/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.10.1/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 674ea13d207a5c2820c92eb236796548
439a3a05f926e21e43ed043e47197aec6c02358f
99105d0c1f2a3eee4823bc2f2151f1747c3f7fa45df401596bc2273328abc22f
GET /p/4.10.1/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Sep 2022 11:28:03 GMT
age: 229831
x-served-by: cache-iad-kjyo7100154-IAD, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 61, 49661
x-timer: S1663932483.084632,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20284
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:03 GMT
Last-Modified: Fri, 23 Sep 2022 10:10:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash a726e1c270a0429ccce67d981a12ac33
7319cca36fa04ee8d74ea677a0bb5dd113649011
2601818bf89176145a614b0d50b1ef1cd95272a5bc6be5526d54c464f6172dbf
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Sep 2022 11:28:03 GMT
age: 324644
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 59175
x-timer: S1663932483.098564,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
i.vimeocdn.com/video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d.jpg?mw=80&q=85
151.101.86.109200 OK 1.6 kB URL HTTP/2 i.vimeocdn.com/video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 731ad9a2615aba3fa8199ba2431dc874
493cca91465794ecaa9af270e7201354677e8f27
71e2ea005c09d4d92a545c499b87b8a2419f091cf0d060136805bb62c91e59a3
GET /video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 731ad9a2615aba3fa8199ba2431dc874
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-fvdr
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 23 Sep 2022 11:28:03 GMT
age: 859268
x-served-by: cache-dfw-kdfw8210034-DFW, cache-bma1666-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663932483.098312,VS0,VE1
content-length: 1641
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.1/js/player.js
151.101.86.109200 OK 212 kB URL HTTP/2 f.vimeocdn.com/p/4.10.1/js/player.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (64649)
Size 212 kB (212091 bytes)
Hash 0178a74556a8c2ae4b0adc1e5896add3
a2187164dbe08839a3bed391ee10f5b3ef24542b
0ab6e243b2068c5ba3620a078364c9b73c7075d70f8e73a00be48fad7bf707ae
GET /p/4.10.1/js/player.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Sep 2022 11:28:03 GMT
age: 229831
x-served-by: cache-iad-kcgs7200127-IAD, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 38482
x-timer: S1663932483.098426,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 212091
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fZzh7DYyiJMo16tbJ2QeKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lWLjt18uHXDkk5D5sEgB4ajUBQs=
i.vimeocdn.com/video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d?mw=500&mh=281
151.101.86.109200 OK 18 kB URL HTTP/2 i.vimeocdn.com/video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d?mw=500&mh=281
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 25e23fc5743396ab292ed2d80b927acd
b225f063b7efd8e3cfd23f6c3b85dd51caf04074
4a78749b12e0f77ae2c7e14571e66af907556bf7a65fc70d1195a98719a5bdc9
GET /video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d?mw=500&mh=281 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 25e23fc5743396ab292ed2d80b927acd
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-jbnk
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 23 Sep 2022 11:28:03 GMT
age: 1393792
x-served-by: cache-dfw-kdfw8210031-DFW, cache-bma1666-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663932484.547252,VS0,VE1
vary: Accept
content-length: 17686
X-Firefox-Spdy: h2
ts.accenture.com/sites/Information_Security3/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInformation%5FSecurity3%2FSiteAssets%2FPictures%2FGradient1%5Fclean%2Ejpg
13.107.137.11302 Found 346 B URL HTTP/2 ts.accenture.com/sites/Information_Security3/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInformation%5FSecurity3%2FSiteAssets%2FPictures%2FGradient1%5Fclean%2Ejpg
IP 13.107.137.11:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4628a617d06f1ebfb6d1e371407191ba
46286320c15170cbf9e325984f0c4b3e7e25d2f7
a2fe1b4f04853d5c63c015728510e830a15ffb69e04d58f26fd4107e72c4e8b4
GET /sites/Information_Security3/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInformation%5FSecurity3%2FSiteAssets%2FPictures%2FGradient1%5Fclean%2Ejpg HTTP/1.1
Host: ts.accenture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private
content-length: 346
content-type: text/html; charset=utf-8
location: /_forms/default.aspx?ReturnUrl=%2fsites%2fInformation_Security3%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInformation%255FSecurity3%252FSiteAssets%252FPictures%252FGradient1%255Fclean%252Ejpg&Source=cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW5mb3JtYXRpb24lNUZTZWN1cml0eTMlMkZTaXRlQXNzZXRzJTJGUGljdHVyZXMlMkZHcmFkaWVudDElNUZjbGVhbiUyRWpwZw==; expires=Fri, 23-Sep-2022 11:38:03 GMT; path=/; SameSite=None; secure; HttpOnly
x-sharepointhealthscore: 1
x-aspnet-version: 4.0.30319
x-databoundary: None
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 79c467a0-a0f8-2000-603f-ecb15020d81c
request-id: 79c467a0-a0f8-2000-603f-ecb15020d81c
ms-cv: oGfEefigACBgP+yxUCDYHA.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-SVG20r5a&frontEnd=AFD"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
sprequestduration: 13
spiislatency: 1
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22907
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5F458D2177144C08B0556B7C631EE331 Ref B: SVG20EDGE0212 Ref C: 2022-09-23T11:28:03Z
date: Fri, 23 Sep 2022 11:28:03 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126808791-4&cid=1182200171.1663932482&jid=237823859&gjid=711780508&_gid=1508372923.1663932482&_u=YEBAAUAAAAAAAC~&z=1954670981
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126808791-4&cid=1182200171.1663932482&jid=237823859&gjid=711780508&_gid=1508372923.1663932482&_u=YEBAAUAAAAAAAC~&z=1954670981
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126808791-4&cid=1182200171.1663932482&jid=237823859&gjid=711780508&_gid=1508372923.1663932482&_u=YEBAAUAAAAAAAC~&z=1954670981 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Content-Type: text/plain
Content-Length: 0
Origin: http://account.mycorporate-rewards.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://account.mycorporate-rewards.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Sep 2022 11:28:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.1/js/module/sentry.js
151.101.86.109200 OK 19 kB URL HTTP/2 f.vimeocdn.com/p/4.10.1/js/module/sentry.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (50848)
Hash 012ac958edf8f2e92c2f76db40d37e75
44565591d569c2578e26708514d1b7837d14ac68
b0fba5c93c6c156971ec9af04d6c6e011f4a028d351d68cf16b19d425e6a7f35
GET /p/4.10.1/js/module/sentry.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Sep 2022 11:28:03 GMT
age: 229829
x-served-by: cache-iad-kiad7000124-IAD, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 5991
x-timer: S1663932484.617782,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 18774
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ts.accenture.com/_forms/default.aspx?ReturnUrl=%2fsites%2fInformation_Security3%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInformation%255FSecurity3%252FSiteAssets%252FPictures%252FGradient1%255Fclean%252Ejpg&Source=cookie
13.107.137.11302 Found 896 B URL HTTP/2 ts.accenture.com/_forms/default.aspx?ReturnUrl=%2fsites%2fInformation_Security3%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInformation%255FSecurity3%252FSiteAssets%252FPictures%252FGradient1%255Fclean%252Ejpg&Source=cookie
IP 13.107.137.11:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (824), with CRLF line terminators
Hash 15d748f15205f614ce46d21f49c54526
3131989b1a8d9e9cf3eb29dd42d025fb86503d76
f57526b38c6f5a2c135e46baeb8f426362182ee383fad14d40c6263dabe8e642
GET /_forms/default.aspx?ReturnUrl=%2fsites%2fInformation_Security3%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInformation%255FSecurity3%252FSiteAssets%252FPictures%252FGradient1%255Fclean%252Ejpg&Source=cookie HTTP/1.1
Host: ts.accenture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
Cookie: RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW5mb3JtYXRpb24lNUZTZWN1cml0eTMlMkZTaXRlQXNzZXRzJTJGUGljdHVyZXMlMkZHcmFkaWVudDElNUZjbGVhbiUyRWpwZw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
content-length: 896
content-type: text/html; charset=utf-8
expires: -1
location: https://login.microsoftonline.com:443/e0793d39-0939-496d-b129-198edd916feb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=78825D79D1A43189530EC4E0BA2B2C4D78F27D236D04DD46%2D5E3AA1496E44349E974CBC8EA1AA3613A52DDD4711A391D0E1A06307B4C7105A&redirect%5Furi=https%3A%2F%2Fts%2Eaccenture%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=7ac467a0%2D7005%2D2000%2D86e4%2D8663c569d063
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: nSGt-78825D79D1A43189530EC4E0BA2B2C4D78F27D236D04DD46=gYEwMzlBQkNBM0ZEMDAyMUMzMUE0Q0JDMUZDQkRDQjE5RDkwRjgyRTFFRjlGRERGMjMxMDc4ODI1RDc5RDFBNDMxODk1MzBFQzRFMEJBMkIyQzRENzhGMjdEMjM2RDA0REQ0NhIxMzMwODQwNjY4MzcwMjQzMTQQdHMuYWNjZW50dXJlLmNvbSBvw6WOObos7bw4LtyZZ93+bwu0i8HcbPF0y9Qha/ZyVx4lyI1H1ih+bzCPJLiik+G8/8p+L8EIyKb/506yoFEUTX9CuqskTJxhDTSIkBqoj1Id+e2IKvB6jdU/l/1/qsVc6HVEu0pwJosbPCSFB5Wjx+g/r3jR+8/tkVf5E88weknH6ppMmtE0sd2/o11x8VP4rZg3ujOsdMvi2GGdRUtO9tms3CejtHSF2IxXBnqowg8TLzOPTnY7Uld5mAkDgCt75Y5TC+PXhjt/OAVkTzi1YgH5Pg+dgf6p1k/R3fqEoDs27KTpLOZT3TpKTWcbWq7K2rZCu7MZoyWDEWoo4tiIAAAA; expires=Fri, 23-Sep-2022 11:38:03 GMT; path=/; SameSite=None; secure; HttpOnly
RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW5mb3JtYXRpb24lNUZTZWN1cml0eTMlMkZTaXRlQXNzZXRzJTJGUGljdHVyZXMlMkZHcmFkaWVudDElNUZjbGVhbiUyRWpwZyZQcmV2aW91c1JlcXVlc3RDb3JyZWxhdGlvbklkPTdhYzQ2N2EwJTJENzAwNSUyRDIwMDAlMkQ4NmU0JTJEODY2M2M1NjlkMDYzJlJldHVyblVybD0lMkZzaXRlcyUyRkluZm9ybWF0aW9uJTVGU2VjdXJpdHkzJTJGJTVGbGF5b3V0cyUyRjE1JTJGQXV0aGVudGljYXRlJTJFYXNweCUzRlNvdXJjZSUzRCUyNTJGc2l0ZXMlMjUyRkluZm9ybWF0aW9uJTI1NUZTZWN1cml0eTMlMjUyRlNpdGVBc3NldHMlMjUyRlBpY3R1cmVzJTI1MkZHcmFkaWVudDElMjU1RmNsZWFuJTI1MkVqcGc=; expires=Fri, 23-Sep-2022 11:38:03 GMT; path=/; SameSite=None; secure; HttpOnly
x-sharepointhealthscore: 3
x-aspnet-version: 4.0.30319
x-databoundary: None
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 7ac467a0-7005-2000-86e4-8663c569d063
request-id: 7ac467a0-7005-2000-86e4-8663c569d063
ms-cv: oGfEegVwACCG5IZjxWnQYw.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=e0793d39-0939-496d-b129-198edd916feb&destinationEndpoint=Edge-Prod-SVG20r5a&frontEnd=AFD"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
sprequestduration: 41
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22907
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: AED96FA9657740F89FFE7B56741A1B54 Ref B: SVG20EDGE0212 Ref C: 2022-09-23T11:28:03Z
date: Fri, 23 Sep 2022 11:28:03 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 89a1bcca5a21632f31cd85bc37ec5194
081d912ad8d18174313f6e800bbb9100eb81bed8
edc00b146718cbc2f670c39b277100d72cf34609381a893715cfc3a6797d9309
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 89a1bcca5a21632f31cd85bc37ec5194
081d912ad8d18174313f6e800bbb9100eb81bed8
edc00b146718cbc2f670c39b277100d72cf34609381a893715cfc3a6797d9309
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Sep 2022 11:28:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=504239e8fd13c28420a7dce63560bed3b8537c681663932482
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=504239e8fd13c28420a7dce63560bed3b8537c681663932482
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=504239e8fd13c28420a7dce63560bed3b8537c681663932482 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1445
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 23 Sep 2022 11:28:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash 89a1bcca5a21632f31cd85bc37ec5194
081d912ad8d18174313f6e800bbb9100eb81bed8
edc00b146718cbc2f670c39b277100d72cf34609381a893715cfc3a6797d9309
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 11:28:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 11:28:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 11:28:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 11:28:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 11:28:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 11:28:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 48036
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 24908
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 49182
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 47798
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae63806537bc1795029ac9e522b4abb1
47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 48888
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b30784-fdab-4361-be4c-cde3457de8cc.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b30784-fdab-4361-be4c-cde3457de8cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31f182a35c2946cfc0286689b7124c36
9dc2210a6c1d7025080692690f8cf1b064e7af9b
33fbee038d8988be37a223f1b7f3716dcb2473512161cc4dd8d5229d2868c47e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b30784-fdab-4361-be4c-cde3457de8cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9571
x-amzn-requestid: a6825487-dc32-4129-ae63-2aad2bc90833
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHVDIAMFoNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-0669874227a8c7c60b4fb4e3;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GDOiSF2tQYYM1g-HzrOGYRdZhi97vmzrVEGKtwAKVsrd_NtmOUMDFA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:01:51 GMT
age: 48373
etag: "9dc2210a6c1d7025080692690f8cf1b064e7af9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b577444b5b0cf15747fe28a9d7f22d53
e6097275af3204124c48aa0d876eba0d18b26e7e
0f57e130b23b87fa4e1f9c2a2beff54f1ca73d87a244442558209e378befef11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4999
x-amzn-requestid: 6f7b073e-f199-4bfa-8f9c-6688dbfba15a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn7p7GyRIAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263fd8-566d8b3c1c25e3fa36259812;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:44:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: n4w6--Eta_zedQ8EOarLoCGZavQpadMCZnXlhGmQf4vgHZxyBKtRgw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:51 GMT
age: 47780
etag: "e6097275af3204124c48aa0d876eba0d18b26e7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mgfrllmmjiiy.space/HUERuV20Bb/
216.218.185.162200 OK 0 B URL HTTP/1.1 mgfrllmmjiiy.space/HUERuV20Bb/
IP 216.218.185.162:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /HUERuV20Bb/ HTTP/1.1
Host: mgfrllmmjiiy.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 23 Sep 2022 11:28:03 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
login.microsoftonline.com/e0793d39-0939-496d-b129-198edd916feb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=78825D79D1A43189530EC4E0BA2B2C4D78F27D236D04DD46%2D5E3AA1496E44349E974CBC8EA1AA3613A52DDD4711A391D0E1A06307B4C7105A&redirect%5Furi=https%3A%2F%2Fts%2Eaccenture%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=7ac467a0%2D7005%2D2000%2D86e4%2D8663c569d063
20.190.159.22200 OK 0 B URL HTTP/1.1 login.microsoftonline.com/e0793d39-0939-496d-b129-198edd916feb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=78825D79D1A43189530EC4E0BA2B2C4D78F27D236D04DD46%2D5E3AA1496E44349E974CBC8EA1AA3613A52DDD4711A391D0E1A06307B4C7105A&redirect%5Furi=https%3A%2F%2Fts%2Eaccenture%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=7ac467a0%2D7005%2D2000%2D86e4%2D8663c569d063
IP 20.190.159.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /e0793d39-0939-496d-b129-198edd916feb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=78825D79D1A43189530EC4E0BA2B2C4D78F27D236D04DD46%2D5E3AA1496E44349E974CBC8EA1AA3613A52DDD4711A391D0E1A06307B4C7105A&redirect%5Furi=https%3A%2F%2Fts%2Eaccenture%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=7ac467a0%2D7005%2D2000%2D86e4%2D8663c569d063 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://account.mycorporate-rewards.com/
Connection: keep-alive
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1; buid=0.ATkAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrF2Oyj5iEqynHjRXdOCWxx4Eu2qeqaCX0mkV5kwive1gsc1mZ_Uqh6mVQ2ML-TwK12lhfnKUJ2sM78TZvFVw9YttxPHJ34u1XNREJgIXnloUgAA; fpc=AqbH8yePU-9IglWpZUXzZJWCeMQLAQAAAAmBv9oOAAAA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msftauth.net>; rel=dns-prefetch, <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: f1c87fbd-ab56-4161-87e3-3cd296d32300
x-ms-ests-server: 2.1.13672.8 - WEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.AXsAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrzLQqNvhcdbsW2hKWnrMLesj6H6R92HKv6TXvjGjnKuQfNVv7_1Z9x9NAIaXNmPKlbdzRmsx58Bgm8SZFzAGDX5E04j47J8Zd9Ds7l5IWs7IgAA; expires=Sun, 23-Oct-2022 11:28:04 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=AqbH8yePU-9IglWpZUXzZJUNtlwlAQAAAESPv9oOAAAA; expires=Sun, 23-Oct-2022 11:28:04 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrHAITENuZ3toTNwoclgjE4zIbUYBuVsfpqQTfGppjBntPG0KYpPnwHJy2PIbtB9UxwmgRhplpdRPYUiS8v-n4zEEB49IXKf3JHiRl_3ByMl_SqCUrfr25Bb4ADPPN5aCIfKnZweI3KkJ8aXWz_dDSr8DwA-Q_qdjbT5tmN6XAPekgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Fri, 23 Sep 2022 11:28:03 GMT
Content-Length: 49828