r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11727
Expires: Sun, 09 Oct 2022 18:30:09 GMT
Date: Sun, 09 Oct 2022 15:14:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 14:47:55 GMT
Expires: Sun, 09 Oct 2022 15:25:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _yohkXZqOBTF_csxD0RClQrnAK5K49mDISvVkPkbg8ARfakcswb9dA==
Age: 1607
mailwizz.xclbtfdc.com/index.php/campaigns/mm912y0y03897/track-url/pl2724la74b3b/7d41c11405541ed4c9c1ac1aabfacfd203a6fbbf
188.119.65.131301 Moved Permanently 0 B URL HTTP/1.1 mailwizz.xclbtfdc.com/index.php/campaigns/mm912y0y03897/track-url/pl2724la74b3b/7d41c11405541ed4c9c1ac1aabfacfd203a6fbbf
IP 188.119.65.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /index.php/campaigns/mm912y0y03897/track-url/pl2724la74b3b/7d41c11405541ed4c9c1ac1aabfacfd203a6fbbf HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 09 Oct 2022 15:14:42 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Sun, 09 Oct 2022 15:14:42 GMT
Location: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Content-Length: 0
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6316
Expires: Sun, 09 Oct 2022 16:59:58 GMT
Date: Sun, 09 Oct 2022 15:14:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pNn609bpKT3dcUc8RxxymCMCzh73ip6f+Utjn3lHd07uLhcxnvNteFQEFH9Lk6ZgAQxnGwOWND4=
x-amz-request-id: 1MHNP2M2G779B4MM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 14:32:06 GMT
age: 2556
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 15:14:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
188.119.65.131404 Not Found 1.5 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
IP 188.119.65.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash a190b4f76d0a2f272699a523792d61cf
e5397d3a2028da485c4f087c4644668a27114c70
140122aad49c34726fd11cba2a68572b9054906df57849b2bc5b41b83b2349f5
Analyzer Verdict Alert fortinet Phishing
GET /index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Sun, 09 Oct 2022 15:14:42 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; path=/; HttpOnly; SameSite=Lax
mwsid=h1dr1mut4rsc3bq59cmqdfljun; path=/; HttpOnly
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1545
Content-Type: text/html; charset=UTF-8
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=0c3d6746
104.17.24.14200 OK 5.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=0c3d6746
IP 104.17.24.14:0
File type ASCII text, with very long lines (27303)
Hash fb68fcb5e0519fb76559c9ab267f8f3f
b96c07f9ef44dbecb4ec4d1cb4a0b30a210f9825
8d0f29c4b3a8b511e6a46bc29ab3d96566fb244fdca5003156c04ea6b65cdd71
GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=0c3d6746 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 15:14:43 GMT
content-type: text/css; charset=utf-8
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10614078
expires: Fri, 29 Sep 2023 15:14:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mllAaMcfz5O08iKfTlb42I9PubD2zROIgNLDNs4qi4uwXUZVhpBBDGBULaPEvurlk7LsOu05UvuX7KawbYuGpX90xyraMPPowfvSCR5eaz9tStdLpCnK3Kx%2FIG7U4z9ttT9UNDVM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7578114c3eb0b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=0c3d6746
104.17.24.14200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=0c3d6746
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (50806)
Hash 0db2e85f504f65d4eba65a3a3176b99e
49445ca83b52538d5fb8f4ef3c5ed0bee904dc81
0153ed381a818cbc0ddab7d832c84bc3aae2aed1ccbe9821d625d6637046c953
GET /ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=0c3d6746 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 15:14:43 GMT
content-type: text/css; charset=utf-8
content-length: 6642
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea8-c854"
last-modified: Mon, 04 May 2020 16:11:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5180897
expires: Fri, 29 Sep 2023 15:14:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNZIK244Qeaep94AP4K8V3e37q3w0d3ijfcwZ%2BeuMS5MmRHceOkUuRBoKBGEdrxVwUh7r19xBH8eEAOWcWrhlYFYoqzrXpx2va%2BAlNFWem2uG5RQwqVuc3H2eLoRfyhF9oTWq8It"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7578114c3eb5b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80398e65c98d84250756256d31eed2d
3cc23d1d91745ddd04ee676f51762f37c0bcdbd3
f2cb6fda3fdbd8f04d380e7841875d322353864124bb5b25ce36fb327a2bfded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mailwizz.xclbtfdc.com/assets/js/bootstrap.min.js?av=0c3d6746
188.119.65.131200 OK 7.7 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/js/bootstrap.min.js?av=0c3d6746
IP 188.119.65.131:0
File type ASCII text, with very long lines (28941)
Hash 18c650acaadcdf582747aea91bebda89
254df0d455514d4888e4906993b3e72d5f56d2d0
cd2d43b5075c59279839a156425c64abefa206144a4e7ee4a9c35c1157e1217a
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/bootstrap.min.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:56 GMT
ETag: "71b6-5d33a9a6dbc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7679
Content-Type: application/javascript
mailwizz.xclbtfdc.com/frontend/assets/css/style.css?av=0c3d6746
188.119.65.131200 OK 2.5 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/frontend/assets/css/style.css?av=0c3d6746
IP 188.119.65.131:0
Hash 9fd90fcf7b71eca519fbd1a4552f4a71
e10bc1e81bc6b90c6095295eb3e02867c7e11cd5
a59b020f703458a66190250ac67121bfda7109d87d31614a2db4b7b0e09907b2
Analyzer Verdict Alert fortinet Phishing
GET /frontend/assets/css/style.css?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:58 GMT
ETag: "3fc6-5d33a9a8c4080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2467
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 09 Oct 2022 14:41:06 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 15:26:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zE2VA8gourcdisssZFhhUnLXfMIg_LNjQGgKl6bHva82qdHi1x3bhA==
Age: 2702
mailwizz.xclbtfdc.com/assets/css/skin-blue.css?av=0c3d6746
188.119.65.131200 OK 791 B URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/css/skin-blue.css?av=0c3d6746
IP 188.119.65.131:0
Hash dcdfd461d00fd7b6f41db086c1252e33
01911f5945313ed1bce5a01a51be71253d570bc7
fcda6f65c583bef5f70089b5b2fa2c5b9f175b15bf10cdf150938c27ce31189a
Analyzer Verdict Alert fortinet Phishing
GET /assets/css/skin-blue.css?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:56 GMT
ETag: "e04-5d33a9a6dbc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 791
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mailwizz.xclbtfdc.com/assets/css/adminlte.css?av=0c3d6746
188.119.65.131200 OK 29 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/css/adminlte.css?av=0c3d6746
IP 188.119.65.131:0
Hash 663a1dfb33606e6fd649e91abe2a6cb6
2a6208f565b40704ce207f62a0e8d06e3d7bb8d8
522e2fdc3f2b0fec03740730006e2b48d71f928cdc157b28c7eb4bf4254dace4
Analyzer Verdict Alert fortinet Phishing
GET /assets/css/adminlte.css?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:54 GMT
ETag: "3538e-5d33a9a4f3780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28699
Content-Type: text/css
mailwizz.xclbtfdc.com/assets/css/bootstrap.min.css?av=0c3d6746
188.119.65.131200 OK 17 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/css/bootstrap.min.css?av=0c3d6746
IP 188.119.65.131:0
File type ASCII text, with very long lines (65366)
Hash 880be6b5689a3210358a57c82ac46120
cabb02eefdad4c0c7efd0a2c9b034430dcdab615
736332062f5050ed383e6fce028bbaca33b0b15cb999f7123acf82dc12e88747
GET /assets/css/bootstrap.min.css?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:54 GMT
ETag: "18679-5d33a9a4f3780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17162
Content-Type: text/css
mailwizz.xclbtfdc.com/frontend/assets/cache/441ee684/jquery.min.js
188.119.65.131200 OK 34 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/frontend/assets/cache/441ee684/jquery.min.js
IP 188.119.65.131:0
File type ASCII text, with very long lines (32077)
Hash 80d1dd9af25530bfdce03bb756a910c6
7ab11f9172cfcea2192ab692cb11d8cdd8cfca7b
bb097e24acfc011547bcf25dbe5b4563712f0699c97e2eff26ee134270990a4e
Analyzer Verdict Alert fortinet Phishing
GET /frontend/assets/cache/441ee684/jquery.min.js HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 19 Sep 2022 08:34:56 GMT
ETag: "17b8a-5e9039619f6ee-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33758
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0e2d9e91637474eeaf391312eed441bd
5d29603c731b75308f7d1f584b3ac4c263c96a9e
7da864345088083e1a6fec2d95e07186ef8dbcef8505570e547844c556dfe3be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4496
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Last-Modified: Sun, 09 Oct 2022 13:59:47 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
mailwizz.xclbtfdc.com/assets/js/notify.js?av=0c3d6746
188.119.65.131200 OK 1.2 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/js/notify.js?av=0c3d6746
IP 188.119.65.131:0
Hash 86ed5f42acd333412579fb8ec2a70c74
22d9b698441bd93a214496245472341506d961f0
e3863c24aeae7ede7f4955d19924edc282ceee8796d3417dd523ce3fe5b36cc8
GET /assets/js/notify.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:58 GMT
ETag: "15d9-5d33a9a8c4080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1228
Content-Type: application/javascript
mailwizz.xclbtfdc.com/assets/js/adminlte.js?av=0c3d6746
188.119.65.131200 OK 3.0 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/js/adminlte.js?av=0c3d6746
IP 188.119.65.131:0
File type ASCII text, with very long lines (9373)
Hash d92aa5042a44694e1e5b92039153dbf9
a4caf186151c00eaa9d8d398b6d1877c15f9ecad
5e5fec05f9c57d264a2223ad40688118ef0b11d364f20f7055d7ccb68f18314c
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/adminlte.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:56 GMT
ETag: "262e-5d33a9a6dbc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2986
Content-Type: application/javascript
mailwizz.xclbtfdc.com/assets/js/app.js?av=0c3d6746
188.119.65.131200 OK 923 B URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/js/app.js?av=0c3d6746
IP 188.119.65.131:0
Hash cf57723bb526c3a6de7484a992e4b9e9
3f5040b7e437fd9ef685f04e19dc742fa2121c29
06087e413354a83ca989b2674e4b5f9829c7add188b334ac8140ad7f5f96421c
GET /assets/js/app.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:56 GMT
ETag: "94b-5d33a9a6dbc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 923
Content-Type: application/javascript
mailwizz.xclbtfdc.com/frontend/assets/js/app.js?av=0c3d6746
188.119.65.131200 OK 286 B URL HTTP/1.1 mailwizz.xclbtfdc.com/frontend/assets/js/app.js?av=0c3d6746
IP 188.119.65.131:0
Hash 701abd554bf0d4d1690ee06164f3c964
c18a3746a26d7454d976dcbe0bedf1910124942f
6a008db0a8c5a3cf349f786df5ff4e96cbdb03378c35cb1700dca333c9b4b4a6
GET /frontend/assets/js/app.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:58 GMT
ETag: "1d0-5d33a9a8c4080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 286
Content-Type: application/javascript
mailwizz.xclbtfdc.com/assets/js/cookie.js?av=0c3d6746
188.119.65.131200 OK 1.5 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/js/cookie.js?av=0c3d6746
IP 188.119.65.131:0
Hash 94f6c24dce4142d9422050d2d7337d24
3c8f7c1c03ca148da6d7fd506f8e468922b18d6b
fe445a5d631511d6e58d504434bceb4a007830bb46e9dde7f5e786853229a35e
GET /assets/js/cookie.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:56 GMT
ETag: "134a-5d33a9a6dbc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1500
Content-Type: application/javascript
mailwizz.xclbtfdc.com/assets/js/knockout.min.js?av=0c3d6746
188.119.65.131200 OK 22 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/js/knockout.min.js?av=0c3d6746
IP 188.119.65.131:0
File type ASCII text, with very long lines (564)
Hash 4b00be6fa1b3e1e373f8ab60fba414f2
8318368f6bfb69ed205af4fccf73822409d7cf52
ebbdfa22da94aeadc4e2dbb291aec6d647f34a1f85134e27b5091cbd8769b7f2
GET /assets/js/knockout.min.js?av=0c3d6746 HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:58 GMT
ETag: "e9ae-5d33a9a8c4080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22093
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mailwizz.xclbtfdc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 16:40:18 GMT
expires: Fri, 06 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 254065
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mailwizz.xclbtfdc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 293512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 29a32d9388903ec730ac67b6b1f10269
6d54710f2bf0b284533005d8c783f3f15c9920af
cd03b8d5ae307fb1b3d976457c9762a743d5268ddd1f82c1fb5ae2fcd3e3d6d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 15:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.165.143.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.143.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GTpErOfDEpk5MGhxh3Lzxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qgGMpbpNNlAw953jSx4Zxh0VXhA=
mailwizz.xclbtfdc.com/assets/fonts/glyphicons-halflings-regular.woff
188.119.65.131200 OK 23 kB URL HTTP/1.1 mailwizz.xclbtfdc.com/assets/fonts/glyphicons-halflings-regular.woff
IP 188.119.65.131:0
File type Web Open Font Format, TrueType, length 23320, version 1.0\012- data
Hash 68ed1dac06bf0409c18ae7bc62889170
22037a3455914e5662fa51a596677bdb329e2c5c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/assets/css/bootstrap.min.css?av=0c3d6746
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 16 Dec 2021 02:58:56 GMT
ETag: "5b18-5d33a9a6dbc00"
Accept-Ranges: bytes
Content-Length: 23320
Vary: Accept-Encoding
Content-Type: font/woff
mailwizz.xclbtfdc.com/favicon.ico
188.119.65.131200 OK 101 B URL HTTP/1.1 mailwizz.xclbtfdc.com/favicon.ico
IP 188.119.65.131:0
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash ca09553f0197f5e5bb68d60bf5ea2ab1
b6e8ddfe5a351a5401f7a0aec3c9ae10c548e86c
7ee7a51ca928e42ed47b3a66960e1ed2720f8d8b5642a65f35f2690a160df006
GET /favicon.ico HTTP/1.1
Host: mailwizz.xclbtfdc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/index.php/lists/hx343c8svx101/unsubscribe/pl2724la74b3b/mm912y0y03897/unsubscribe-direct
Cookie: csrf_token=271a05f0ab0ffebcd9572a9ac8ce27721a88298ds%3A88%3A%22a3hqY05yanp0VUpLRWhCSjkxbVoxS19SRnE1VzlUZXUoA6hM4bvnMfVP4rTpg7jACFXoB7UGUC1wJIhVeWAyYg%3D%3D%22%3B; mwsid=h1dr1mut4rsc3bq59cmqdfljun
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 15:14:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 19 Sep 2022 08:31:25 GMT
ETag: "c6-5e903898e25f1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 101
Content-Type: image/x-icon
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11626
Expires: Sun, 09 Oct 2022 18:28:30 GMT
Date: Sun, 09 Oct 2022 15:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11626
Expires: Sun, 09 Oct 2022 18:28:30 GMT
Date: Sun, 09 Oct 2022 15:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11626
Expires: Sun, 09 Oct 2022 18:28:30 GMT
Date: Sun, 09 Oct 2022 15:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11626
Expires: Sun, 09 Oct 2022 18:28:30 GMT
Date: Sun, 09 Oct 2022 15:14:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff8cfe3904cca89e3bdfa8186ae382ba
0b9dce744f5facad9a0a136d81cf24e928211856
a6f0925a9666a43d018c05d717310f57b86316290fb4a7cdd309c35842e557a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7674
x-amzn-requestid: 126f9400-fa43-413b-b496-338908efb777
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZeqScHUVoAMFrRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633c240f-1b7cff3e3415299a4d17e19e;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 12:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BjBiRKpvs2LQznegxhvMFrczSZGWXGSMvk3bxR8UPpcthRUUA2eTBg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:56:13 GMT
age: 62311
etag: "0b9dce744f5facad9a0a136d81cf24e928211856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F146807d4-3f30-4caa-aa1f-2b7890bec7f5.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F146807d4-3f30-4caa-aa1f-2b7890bec7f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3b74c93b6981236040ebf4134e04f55
c31c8db9e51872d0a28a3798ebd0f6f2abe993cb
8a48bd2b67104ad81b00a7882dbecd7d8b664056dd180483090d10a4c7c66960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F146807d4-3f30-4caa-aa1f-2b7890bec7f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: cbe8c575-cda7-49af-9b12-e4f7c2b362c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHkeF43IAMFv9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec82-1afe0e72794ddcd10c76dd4a;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NbpU2O7ByYcHSc5ExCSbHf4wGS9R1IS1K_xOVAu5qmSCmtqR2T2oMg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:08:41 GMT
etag: "c31c8db9e51872d0a28a3798ebd0f6f2abe993cb"
content-type: image/jpeg
age: 61563
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24091eb-e938-48e0-9fb8-79f02e0cab61.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24091eb-e938-48e0-9fb8-79f02e0cab61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce49a7a41382dc582440d497afb9ca5e
37cdb545e4a8be57aa4d5d9545adc0f934545f74
c026d3f791cb5c186a916f60d9c01b36b46b7cab476e0a7260b1a7332cde0f53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24091eb-e938-48e0-9fb8-79f02e0cab61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5851
x-amzn-requestid: af2c5f7e-b9b6-4bc4-bfdc-0f2043ce4478
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnSMfG-DoAMFi1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f971c-355de3da1bfd68f768bb381e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:03:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: R6wcyKrY8dT2yE_s-wYEj3mKcF9XB0l3Y0AzAUIK_cCDEqvfTJPXug==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 03:41:13 GMT
age: 41611
etag: "37cdb545e4a8be57aa4d5d9545adc0f934545f74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jm9hynO1KfuT2luShwOU_Ps2ZHxUAPwymP1Bi-V49MWWJ3ooQq7qVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:26:18 GMT
age: 60506
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee802dc4a72f3824dcab31ef95c48936
f987fdbbb21538b6f55f7dae713b59e234882456
0b6ce28ab1428c11ea6d215b3d21b44b85ca101b4885bf27f633153014ed1cf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8295
x-amzn-requestid: 0240dc68-f509-4a1f-a1c1-cd75e43d04d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHcHFuVoAMF-Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec4d-74e538af2f56b9271f6370c1;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dR53uFDN1I7R9H7r2fmkEGIXuCY5FHGQd7LKz-H02trcasl3NoG2PA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:18 GMT
age: 63026
etag: "f987fdbbb21538b6f55f7dae713b59e234882456"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 7bfb4e15-ea64-48b6-9e38-5d3e2d553863
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQObZFveoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63365de2-620d4fc015ad475203e906e9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 03:09:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: btYc3mHTigZv3Bzl32D1z777hMKwf-pstyTS7Bp2eGmzbmGI4pIQXA==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:42:19 GMT
age: 63145
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0dcb48b-0130-4cdf-ae99-cc88e25a0aa3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0dcb48b-0130-4cdf-ae99-cc88e25a0aa3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4477f73f9434520af92a60b9408f7dcb
908256154e9d6be4b6f3aefb6f858d423a15e4ff
d62d78e1968eb63da3a8ffb2548f4e794f7c4dc3bf7445b6ff5260a9a27e4e25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0dcb48b-0130-4cdf-ae99-cc88e25a0aa3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10951
x-amzn-requestid: 66472d50-ecbc-49a2-8c9b-eeba526d1a9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtINAHdFIAMF6eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ed86-473293cb3348b8d67932a017;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:37:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i8GkkSsJC814IV9BBsD2UmofwdRG1tiane1V4GedGO5uF48BYyEziQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:18 GMT
age: 63032
etag: "908256154e9d6be4b6f3aefb6f858d423a15e4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=0c3d6746
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=0c3d6746
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,700,900&av=0c3d6746 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 15:14:43 GMT
date: Sun, 09 Oct 2022 15:14:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=0c3d6746
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=0c3d6746
IP 142.250.74.10:0
GET /css?family=Open+Sans:300,400,700&av=0c3d6746 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 15:14:43 GMT
date: Sun, 09 Oct 2022 15:14:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=0c3d6746
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=0c3d6746
IP 142.250.74.10:0
GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=0c3d6746 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mailwizz.xclbtfdc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 15:14:43 GMT
date: Sun, 09 Oct 2022 15:14:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2