r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8afcbdfc50b3ac9488d629a1a4923b81
933fe7b84c2fbd931da70e92c86fa89110e7cfe7
9857b3b813177c23f90a7e53c7ec1f878362b1da27bc19493bebffc358a4b852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9857B3B813177C23F90A7E53C7EC1F878362B1DA27BC19493BEBFFC358A4B852"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5514
Expires: Mon, 02 Jan 2023 08:23:49 GMT
Date: Mon, 02 Jan 2023 06:51:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 116c0a4485584a949c2edff4a949549f
de064c35dd7ce008d69932915ddb3d04fe7f2eeb
4fc3e38254e220857100a1b2a7c96209fc9d1141ccfb9057181da9745e78fb8e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FC3E38254E220857100A1B2A7C96209FC9D1141CCFB9057181DA9745E78FB8E"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11078
Expires: Mon, 02 Jan 2023 09:56:33 GMT
Date: Mon, 02 Jan 2023 06:51:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 02 Jan 2023 06:47:23 GMT
content-type: application/json
age: 272
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b0a4b7e28ad3a91135d52c7457790b5
075f22ab45d169766252467ae44903250e480f9b
312744aeb6fcc4296025205bc70c40316dd3c8a4b626669ac43e32c33104473a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312744AEB6FCC4296025205BC70C40316DD3C8A4B626669AC43E32C33104473A"
Last-Modified: Sat, 31 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9245
Expires: Mon, 02 Jan 2023 09:26:00 GMT
Date: Mon, 02 Jan 2023 06:51:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UBqvOGHy48eRUanC0b6yYUT24jpA2vv4z8ASnbDF3rHxLcvvtbbULmQmxBqWt3vQC40jqNWVUdU=
x-amz-request-id: YMHD3V8JKJ2HN11D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 02 Jan 2023 06:00:22 GMT
age: 3093
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 347678baa0c50dc590d2c2b0ca943127
c0066c90c761f944380207219f1519a6235b79bf
6aa1984bad18e34e4796ad9ba160fff9db1cf0c1a9e3c78343edebcc5a3faf57
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6AA1984BAD18E34E4796AD9BA160FFF9DB1CF0C1A9E3C78343EDEBCC5A3FAF57"
Last-Modified: Sun, 01 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 02 Jan 2023 12:51:55 GMT
Date: Mon, 02 Jan 2023 06:51:55 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jan 2023 06:51:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 02 Jan 2023 06:33:35 GMT
age: 1100
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2a99db6956684dc306ada584f1907d8
21c3fc85b00308907c1cffcb36b1ba1a4617f613
cf568c4a26fb352228e849b18fbca0f6fd3b3a89055cd5f4fc0cdd11f9b9733e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2294
Cache-Control: max-age=96787
Content-Type: application/ocsp-response
Date: Mon, 02 Jan 2023 06:51:56 GMT
Etag: "63b14d29-1d7"
Expires: Tue, 03 Jan 2023 09:45:03 GMT
Last-Modified: Sun, 01 Jan 2023 09:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LYrXDgO/Ddgg5b9//c5gLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yuYXR9XrIdunVB8Ioaeu+mSLz78=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21476
Expires: Mon, 02 Jan 2023 12:49:53 GMT
Date: Mon, 02 Jan 2023 06:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21476
Expires: Mon, 02 Jan 2023 12:49:53 GMT
Date: Mon, 02 Jan 2023 06:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21476
Expires: Mon, 02 Jan 2023 12:49:53 GMT
Date: Mon, 02 Jan 2023 06:51:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d70b7e-1974-4723-891e-b098c2494df9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d70b7e-1974-4723-891e-b098c2494df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4beaa41b47b8d7a83ee27374c72d83fb
7cdb4bdf49a3dd32340820ea7b18ff4df6312200
98de607e701402c547df168dae1741a9429c2bbfff8b31405a474a7936c588f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d70b7e-1974-4723-891e-b098c2494df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10523
x-amzn-requestid: 73ae93a0-6482-4f63-b063-d47b23284ce1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d8Dn6Fh2oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae4c98-4c175ff776540fe904b1f469;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 02:27:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fg1fJ_o1iLOcmetdhkf7UYt861cJvEjce6p6UgRmOKQYtAA_XWt00Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 22:09:22 GMT
age: 31355
etag: "7cdb4bdf49a3dd32340820ea7b18ff4df6312200"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 978a4b33-aded-49d7-a4a8-2ff5ee894b02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0Oh0EhpIAMFyYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab2ad8-485bd7767c2ad3756ae98e7d;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 17:26:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bcdvyTj9Ys4hBF3rNrUfgzes7CLPom3b4l5S2NLa_8VM__qQdg9Vkw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:57:02 GMT
age: 32095
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4257ad28-284d-4097-833e-46c10e7e821c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4257ad28-284d-4097-833e-46c10e7e821c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24938cd841215227aa0cf216dd3fe03
10be50c441c19542d419bb103499cb7460735f54
b5cd96b6ee8799ccea59abd1129e1599b5f682604c48c54126fd6c8ccef1f492
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4257ad28-284d-4097-833e-46c10e7e821c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9461
x-amzn-requestid: 88757846-7eae-4cfe-941b-20ad5a1ca562
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRxsHSWoAMFscQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcd7-3790be59473b7101219694fa;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uxq5NPtIpQX20p8DYrhu22eyD9KRaWJ0oLj8WzrqSZjraFBYNq2D8Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:58:42 GMT
age: 31995
etag: "10be50c441c19542d419bb103499cb7460735f54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f863eb68713f937898561731454ef32e
b0ca943b8ca57da9cf2c69384e5c598bdfb48d33
4af7b5228d39d0e47a159422483fa6ccf683920241a50e4c6348d176a2783a6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7755
x-amzn-requestid: 8a52ee34-c50c-4a05-9fa3-17770c3d61ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFSNAFbJoAMFu8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fd86-09de8074042bc69045896070;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AwE7pLbWK6Q22wWyQjk_c2sRMBrSsV-SiZoyNdGKqYc5QTafBfuJsA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:58:11 GMT
age: 32026
etag: "b0ca943b8ca57da9cf2c69384e5c598bdfb48d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10ff957-5c4b-4503-8a93-c156251c7d8c.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10ff957-5c4b-4503-8a93-c156251c7d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5cba3e16ed43e2d6fdab08958cd1a2e9
580e9e9c2cf164a36b963c4d13ebf21ee20d000e
fe97aea99a0cfc1add09c0ad655867e49a662aaad2f6902431f67f016bdf63de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10ff957-5c4b-4503-8a93-c156251c7d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8042
x-amzn-requestid: f4ff8469-ddb1-4303-a552-a8e00eeb7e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFSNuFS3oAMFRow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fd8a-160adaf35160829903fc48d9;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1mjKIP-yW1zxakP9mf1bM37QDrTYffT_k7STwABRb7bup-1beQkS9w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:58:25 GMT
age: 32012
etag: "580e9e9c2cf164a36b963c4d13ebf21ee20d000e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 637fa2e4a9d13d27b853f79963fcaf66
864eb6eedab1c17c5d36458b6ed318ece61d62d9
34cee03b8390cfdff3a51509c494464c3db241508e152df54d922485392c029f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9553
x-amzn-requestid: 872aef94-65be-4b4e-b904-fb6be8d7ba80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRxiHnXoAMFzyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcd6-681bbf9b4c10237842ac5e6e;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fs0gFGup81X3pc17a7iwWcVc_uQTSNKn_tjCTGaubAVsw4KQue9vfQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:53:02 GMT
age: 32335
etag: "864eb6eedab1c17c5d36458b6ed318ece61d62d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 347678baa0c50dc590d2c2b0ca943127
c0066c90c761f944380207219f1519a6235b79bf
6aa1984bad18e34e4796ad9ba160fff9db1cf0c1a9e3c78343edebcc5a3faf57
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6AA1984BAD18E34E4796AD9BA160FFF9DB1CF0C1A9E3C78343EDEBCC5A3FAF57"
Last-Modified: Sun, 01 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Mon, 02 Jan 2023 12:51:55 GMT
Date: Mon, 02 Jan 2023 06:51:58 GMT
Connection: keep-alive
aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
13.107.237.53200 OK 113 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (64616)
Size 113 kB (112662 bytes)
Hash cdcc167c5323538b05d11dd1fb0262a7
ec39a502bc1509fdb9343839eda51cc46cb64c1f
6557474086918569bb179ee2cec3dcc5036ee0125cdcff4749aa79f11f783267
GET /shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Origin: https://onedrive.mirmarkt.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 112662
content-type: application/x-javascript
content-encoding: gzip
content-md5: zcwWfFMjU4sF0R3R+wJipw==
last-modified: Thu, 17 Nov 2022 22:31:46 GMT
etag: 0x8DAC8EB82F7AC92
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 5b7df3e1-d01e-003a-0e94-111877000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0AAqhYwAAAADUniVkGIkISJ/ianXcK/P7QU1TMDRFREdFMTgwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0Dn+yYwAAAAAsLQS3q/DBTKdh5qJfQyQlU1ZHMjBFREdFMDYxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
13.107.237.53200 OK 61 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 45a8e1f0928d9b3c781473490e3952e0
8075d1c01d7a5811dbc8db6e5a66ace72580c362
fc8f6b5a4fe93401e52955c1968e843a5cc60c47e304852a291e9f31b022f3e8
GET /shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 61054
content-type: application/x-javascript
content-encoding: gzip
content-md5: Rajh8JKNmzx4FHNJDjlS4A==
last-modified: Thu, 27 Oct 2022 14:24:13 GMT
etag: 0x8DAB826EBE74413
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 0e42e53d-901e-002e-7d4d-15045d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0FketYwAAAADMJ3weFpJsSoEvsmNYKsdJQU1TMDRFREdFMTgxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAACYYBG5wvZqRrRRjpg/OZF8U1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
13.107.237.53200 OK 17 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: ed416d25-b01e-002c-30d5-165259000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0wDSmYwAAAABBYy+6T1gHTZvWjPw+9eqTQU1TMDRFREdFMTgwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAADdQVp7ww3rT7yVQw01OXPlU1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
13.107.237.53200 OK 20 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (61177)
Hash f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 19970
content-type: text/css
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6e61aedf-b01e-0000-1163-123773000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0CeqxYwAAAABzYzvOlhjbR7m4GhnzjP6ZQU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAAA2PQ6jBPZ/SbzJzqr7vUM2U1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
onedrive.mirmarkt.workers.dev/
172.67.130.67200 OK 64 kB URL HTTP/2 onedrive.mirmarkt.workers.dev/
IP 172.67.130.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24451), with CRLF, LF line terminators
Hash 2d2923542699b7712d00474c7e637760
9424f303ff1d51a01df645923ac77a268d01f2ae
bc846abc9efecc0e521fa15a2c358102f56e3e66ce5edbf500330a3686548656
Analyzer Verdict Alert openphish Outlook
fortinet Phishing
GET / HTTP/1.1
Host: onedrive.mirmarkt.workers.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 02 Jan 2023 06:51:58 GMT
content-type: text/html; charset=utf-8
cf-ray: 783191a88e35b52d-OSL
access-control-allow-origin: *
cache-control: no-store, no-cache
expires: -1
link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
set-cookie: buid=0.AUoAhGWOB716AUWeiRoFWdH6UAMAAAAAAPEPzgAAAAAAAACJAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrtJCRS81SyvXg63_Dynq89Cf0ptE1Q3pwthCJvp2170I3QnCOPdnxyIqzi1lyIOSYl4So4RZ8_vAIZRVA9j8M76Afk3A3G_uLNdIQfcO48jcgAA; expires=Wed, 01-Feb-2023 06:51:58 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=AshnM2AsS_dBqDA4zliv80tljaX2AQAAAA12RNsOAAAA; expires=Wed, 01-Feb-2023 06:51:58 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr-G2JmPBgsxarJjYSNWga6iM_VddpoIHUNjoEX6UuhIEmQElX1yPMbkV5FGwwpB54BJLKjUM33UMfxk_VVHwt1MfEJJzE6RWrQX4QRRNMnZeHZEBlrU6vLFN2dUTUUpyvEr3sao-vAWQTKnjXevdPsssbLsSOYT70b2aVgCu68l4gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: DENY
x-ms-ests-server: 2.1.14357.7 - SEASLR1 ProdSlices
x-ms-request-id: 9e6ddcd7-8b8f-4a0b-84ac-e0b964d95102
x-xss-protection: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIIyfXPA8%2FJluDHll26RDNCNF1zo%2FZ5azE2O8tvY5dvTj6sF3Q1HF%2BpCkROvDl6Q%2FBoAImhAr3QCUqe0kIfpg80fcQQpyidfHFowGxTpTnUbfH3RT%2Fx9vkJOe1akdR1C0lPIYKKRiJtIwuZGietRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
13.107.237.53200 OK 1.4 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash 9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1435
content-type: image/svg+xml
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373CB2849
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: c35462f7-701e-000c-6cd5-0fc36a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0RyajYwAAAADSMreRKvLiSJmuiDUChu53QU1TMDRFREdFMTgxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAADGJ2T2swf7R7ZaqvsWOhNZU1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
13.107.237.53200 OK 673 B URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Hash 0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: ccbbdb61-201e-0055-6bdb-14d34a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0b9unYwAAAACPlo/kvdPNSbAZl+tll48MQU1TMDRFREdFMTkwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAACB3jjFDr5vTrnHfTnXcK5KU1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
13.107.237.53200 OK 32 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32960)
Hash 5bc954c38f7abb373384bd2eef7ef6ca
b2e47dadfcb3a8a3ac3eb28db47cd87337d8b8f5
86df831a580538db87d472152bbf0381b814a216cd962476deb1317cb9e4b839
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 32191
content-type: application/x-javascript
content-encoding: gzip
content-md5: W8lUw496uzczhL0u7372yg==
last-modified: Tue, 15 Nov 2022 20:12:19 GMT
etag: 0x8DAC745B324D8CE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: f2fb41fd-901e-0056-74ac-18ae4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0kdWuYwAAAADTwACuoYRXQoYDbwUSieeCQU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAAD/avfiKOp1Rr/tKaVFgGMUU1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=1104&hpgact=1800&client-request-id=d23688a0-806f-1000-f22b-777c94a01c09&hpgrequestid=9e6ddcd7-8b8f-4a0b-84ac-e0b964d95102
20.190.159.72200 OK 264 B URL HTTP/1.1 login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=1104&hpgact=1800&client-request-id=d23688a0-806f-1000-f22b-777c94a01c09&hpgrequestid=9e6ddcd7-8b8f-4a0b-84ac-e0b964d95102
IP 20.190.159.72:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b13827337cf3ba8056e8fb9ae88e692
bb18f1f00da181b8b6c8eb80b238ec820c5c78e7
40f9fbb1b1176c913c0bffc336b3bec6e3fa38637ab0e7e812b26087999437eb
POST /common/instrumentation/reportbssotelemetry?hpgid=1104&hpgact=1800&client-request-id=d23688a0-806f-1000-f22b-777c94a01c09&hpgrequestid=9e6ddcd7-8b8f-4a0b-84ac-e0b964d95102 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 217
Origin: https://onedrive.mirmarkt.workers.dev
Connection: keep-alive
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 4778e002-a9ea-43ee-b9ff-dfe8f185fc02
x-ms-ests-server: 2.1.14357.7 - NEULR2 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: fpc=Aqs5DwACBl9GruAAlV6Eht0; expires=Wed, 01-Feb-2023 06:51:59 GMT; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Mon, 02 Jan 2023 06:51:59 GMT
Content-Length: 264
aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
13.107.237.53200 OK 621 B URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators
Hash 4761405717e938d7e7400bb15715db1e
76fed7c229d353a27db3257f5927c1eaf0ab8de9
f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf
GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 621
content-type: image/svg+xml
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 5334feb8-401e-006f-23f3-13fc4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0KBWwYwAAAADBp0AYVlhGRInqa8N4zsvGQU1TMDRFREdFMTkxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0D3+yYwAAAABW9lsbpbvKS77c4JuR69chU1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:51:58 GMT
X-Firefox-Spdy: h2
login.live.com/Me.htm?v=3
20.190.159.69200 OK 1.1 kB URL HTTP/1.1 login.live.com/Me.htm?v=3
IP 20.190.159.69:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
Hash 9c08f0f5b411918572bb176b56d4b747
12814f1ffd1c414337cfc57da7561f4386ec8b67
d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 30 Dec 2032 06:51:59 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 1230082b-3b30-43d3-baa9-9dfeda462283
PPServer: PPV: 30 H: BL02PF886F326E5 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=6bb5456521f54f4bba2d58fe38bbdde1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1672642319&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Mon, 02 Jan 2023 06:51:59 GMT
Content-Length: 1132
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
13.107.237.53200 OK 20 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (61177)
Hash f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Origin: https://onedrive.mirmarkt.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 19970
content-type: text/css
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6e61aedf-b01e-0000-1163-123773000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0CeqxYwAAAABzYzvOlhjbR7m4GhnzjP6ZQU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0FH+yYwAAAAA5j/gNYeXxToxBNTay6lxdU1ZHMjBFREdFMDYxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:52:04 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js
13.107.237.53200 OK 14 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (32022)
Hash 3d02b7c2f6d372c8f32b7d46d14651b6
917fbe497e821224f76eda2e8db81bc95257d4e2
2a97674e39df1d5918ea6388508db228b035cf874feebb2bd86363fdeb81007d
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.mirmarkt.workers.dev/
Origin: https://onedrive.mirmarkt.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 13854
content-type: application/x-javascript
content-encoding: gzip
content-md5: PQK3wvbTcsjzK31G0UZRtg==
last-modified: Wed, 16 Nov 2022 00:33:54 GMT
etag: 0x8DAC76A3E0B4BE5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: d388aafc-501e-000e-1a70-14956e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0JuSmYwAAAAA31D6IZAl3QprfyvdTwnajQU1TMDRFREdFMTkxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0FH+yYwAAAABRHy3vdpoOQqB3PMAsoQEDU1ZHMjBFREdFMDYxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 02 Jan 2023 06:52:04 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4715843-f86f-4313-a03b-4ea87041590f.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4715843-f86f-4313-a03b-4ea87041590f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f9b10e546165fc604aa458552ac37c2
3b98c9e0491a9f7813721e317d25ba843a625cc7
a82ed93d151587dc1ac30eaff081e5d1a2b74c22b3b6483b8c3556d4acc0d48a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4715843-f86f-4313-a03b-4ea87041590f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4676
x-amzn-requestid: 3aadc3a4-635c-45d1-acd5-1ae504fbb563
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d8Iz1FkuoAMFg6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae54e5-1193711624c01ef05a7007aa;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 03:03:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lXaYa1QTL97zvQGnfaIOawKeLnqfR04qZyDm_B_IqIZ5yavMxJm6xw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 04:13:56 GMT
age: 9488
etag: "3b98c9e0491a9f7813721e317d25ba843a625cc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2