webmail.queens.org/
64.75.214.26 0 B IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET / HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Moved Temporarily
Location: https://webmail.queens.org/owa/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
webmail.queens.org/owa/
64.75.214.26 6.2 kB IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
File type HTML document, ASCII text, with very long lines (917), with CRLF, LF line terminators
Hash 39190e314e0cb02bdacd8c78b9d84785
9dfec9f1722ee948db945119792662a045dad326
bb9fafc022dad32f99a2469fc1b3713783a111c9a0d3476c5346d55cc9a42040
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/ HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Set-Cookie: TSb988d7be029=08e550f4cbab280048da05153b2a3f2f3fb6423606253f1c60dfd7d0aebee4a61a9297065cc75f789d37ef57c0f1f216; Max-Age=30; Path=/
TSb988d7be029=08e550f4cbab280054c53023b7678e78e6b06057d1f9da5d85b0a10aa3ff9cf94449260501cafade18abc40196f8933d; Max-Age=30; Path=/
TS7fbdf033027=08e550f4cbab2000c1264d8bc81d374a99f6d8bf70468a84196f6f0ca379c4e35bce5b90b9c50637085367cbcd113000100c163a542cd7e35ec617483550f839f09c7b6bcf1144919247e4d430cb80455162f6dc50afefcf3cb6c1258f24b02c; Path=/
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Type: text/html
Content-Length: 6157
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/TSPD/08e550f4cbab200024349161eeb497773eee14fefebb37eae23b91936d538511aaec88cb61021db0?type=8
64.75.214.26 86 kB URL webmail.queens.org/TSPD/08e550f4cbab200024349161eeb497773eee14fefebb37eae23b91936d538511aaec88cb61021db0?type=8
IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
File type JavaScript source, ASCII text, with very long lines (660)
Hash eb80038d5bea353283aabba4493d9832
1f82e07801ea04c2d2279ee10ec9cc066ea9a49d
8fd10588973d59ace22e822f21af513d2435703c6671ce6b6297a589c7aaa953
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /TSPD/08e550f4cbab200024349161eeb497773eee14fefebb37eae23b91936d538511aaec88cb61021db0?type=8 HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/
Cookie: TSb988d7be029=08e550f4cbab280054c53023b7678e78e6b06057d1f9da5d85b0a10aa3ff9cf94449260501cafade18abc40196f8933d; TS7fbdf033027=08e550f4cbab2000c1264d8bc81d374a99f6d8bf70468a84196f6f0ca379c4e35bce5b90b9c50637085367cbcd113000100c163a542cd7e35ec617483550f839f09c7b6bcf1144919247e4d430cb80455162f6dc50afefcf3cb6c1258f24b02c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Cache-Control: public, max-age=86400
Content-Type: text/javascript
Content-Length: 85789
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/TSPD/08e550f4cbab200024349161eeb497773eee14fefebb37eae23b91936d538511aaec88cb61021db0?type=12
64.75.214.26 38 kB URL webmail.queens.org/TSPD/08e550f4cbab200024349161eeb497773eee14fefebb37eae23b91936d538511aaec88cb61021db0?type=12
IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
Hash c2e3dd5a6731ab68f051021eff499f4f
6739b37fb552d92db4ca07e5f25e783950b0ec75
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /TSPD/08e550f4cbab200024349161eeb497773eee14fefebb37eae23b91936d538511aaec88cb61021db0?type=12 HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/
Cookie: TSb988d7be029=08e550f4cbab280054c53023b7678e78e6b06057d1f9da5d85b0a10aa3ff9cf94449260501cafade18abc40196f8933d; TS7fbdf033027=08e550f4cbab2000c1264d8bc81d374a99f6d8bf70468a84196f6f0ca379c4e35bce5b90b9c50637085367cbcd113000100c163a542cd7e35ec617483550f839f09c7b6bcf1144919247e4d430cb80455162f6dc50afefcf3cb6c1258f24b02c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Cache-Control: public, max-age=86400
Content-Type: text/javascript
Content-Length: 37876
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/TSPD/08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d60236?type=13
64.75.214.26 566 B URL webmail.queens.org/TSPD/08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d60236?type=13
IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
File type ASCII text, with very long lines (566), with no line terminators
Hash 009e5d2c75c7d42dca6926af3c1e1a21
ab483b36a03047b8faccdf5252ebcd8ccb2718a6
507db67c37c4c574d72d4a6c0c0969d78d9e589963ae101988d3e429c0114b65
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /TSPD/08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d60236?type=13 HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/
Cookie: TSb988d7be029=08e550f4cbab280054c53023b7678e78e6b06057d1f9da5d85b0a10aa3ff9cf94449260501cafade18abc40196f8933d; TS7fbdf033027=08e550f4cbab2000c1264d8bc81d374a99f6d8bf70468a84196f6f0ca379c4e35bce5b90b9c50637085367cbcd113000100c163a542cd7e35ec617483550f839f09c7b6bcf1144919247e4d430cb80455162f6dc50afefcf3cb6c1258f24b02c; TS00000000074=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1707e0006f6a42c1f7cdd14ddac7519a749e7fa1977d6040be549457a43f8704be4097b2ec5bc9a8e6879b5ddba9423b2ea58636b61e83e3bb72cb0327afc381f02ac7cf2d387df4e8dd886ff686149d23d8ff54de85439230ea460fcba0dd55cecfdebf022697ff2c91147e50d9a125e7e9dee0299a1ad59454e782f21368ce0975bf55f49563b3701cbff216e4effad2b45e4bbadff82e3677fee9bf9cc5000b2af0990b5e9e4131e395634f5a124a2022de1a291914ee5c759baee08ec1e558124051f7977ba00df32e2aba69b307b0a9683141ecf6ceb9343a590683f283b848e3dd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Type: text/html
Content-Length: 566
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/owa/
64.75.214.26 222 B IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
File type HTML document, ASCII text, with CRLF line terminators
Hash 2e7e739682cb8a22d599f548bf81cbaf
1c49cd96ebc4e926f6f818b9a048c090c1ae73b6
bd6684cf76bce337e01baf5ff4d566e00a5acb396de18e227002db02fa709f36
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/ HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: TSb988d7be075=0402b10008e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d60236:08ebe7bc170320003af1fcb8c7a1a9cfbb7d57610234459fc8d431c17926ec49e31ad724053232a3a00108e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17109800b6698128e0f758fd01cf781eacc14abeb9e0af04bf5723a305167f80eb85ab12865a1082348a68d5e80abb43a3d7591fee8bfea98dd887796ccb564d518c1a2874fe903a845012238690f6df019d4b6ec9be0cb7fd0ce78b21627cfa5929af511bb27f59c464546d95f7c3eb0cd820c2eee4ea080b56c19846373646e7142aff91fa5243565688b5ba13d89273be179603294d1c11220b4a0001000b00008e550f4cbab2000cecc479904a83cedcd80189455aada2b99a8028c06dd2bd779d40f9bb3192b4e082b4d68d30a280067244997dc7b57da0402dc802591fd63fed74d79842aec6d6f58233bd2b1e51c1d78afb035384d9c01000; TSb988d7be029=08e550f4cbab280054c53023b7678e78e6b06057d1f9da5d85b0a10aa3ff9cf94449260501cafade18abc40196f8933d; TS7fbdf033027=08e550f4cbab2000c1264d8bc81d374a99f6d8bf70468a84196f6f0ca379c4e35bce5b90b9c50637085367cbcd113000100c163a542cd7e35ec617483550f839f09c7b6bcf1144919247e4d430cb80455162f6dc50afefcf3cb6c1258f24b02c; TS00000000076=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1709d0008882b09a90b3e5f08597169458a6ed3d9ba1d5f3c2bceb56e0cd4d3d85f5d8f8cc6b363a3da4def790b1e7b4eb1e3aa9d7d0c3d2b332a2f1bfd159cba698021f4e1735876d802ea0fda80284b3c8828e67328b624a669f5410364c9dc796a4617301b8fef7ffd54ab28497b8490c06b8a7f767468454da08decfdbd86b99e1a388e7142fa22c38fa2f00e98ddea0c2d44ddd6d62d788c66d0d53e7ac3d1317c3731a9381d87e07149e37f988395e70f69284b2033689d6eee708078575ef0a362e0cf78fe69a79aa59879fe16ec81f30; TSPD_101_DID=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17063800d7d5bea14eded13598fa2302f4e65a33dd255ea63df7e5852279037fc3b7090840631ca648e4c97492b3bb59ccac740ba85e088e051c4e7c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: https://webmail.queens.org/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.queens.org%2fowa%2f&reason=0
request-id: ef603087-62e4-4e10-b061-dad1ff26aef9
X-OWA-Version: 15.1.2507.37
X-FEServer: EXCHCAS02WP
Date: Wed, 08 May 2024 21:26:24 GMT
Content-Length: 222
Set-Cookie: TS0125ca28=01dd4efaa220bd5fe8f17167d5ac99c665348aa5493bfed56e0ef5425887d69864cfba96da51dd990d28f0fae7c047263d9f32331c; Path=/; Domain=.webmail.queens.org
TSb988d7be029=08e550f4cbab2800aade68e9d456bee29ab216c097a81b30fa5244af5de8da5cdf4d469c21310f78e409d022488fa698; Max-Age=30; Path=/
TSb988d7be075=deleted; Expires=Thu, 01-Jan-1970 00:00:00 GMT
TS7fbdf033027=08e550f4cbab2000cae8b6236aa38f313072330dca95c0486af4d31ae529ffafdcc26dc03108923b0881ffde81113000258d27ac03d53352633394cb5e2623e0d62b64ca294821243049441167a5900945aad1d446764c1adbf1e215a2a7c4c9; Path=/
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.queens.org%2fowa%2f&reason=0
64.75.214.26 28 kB URL webmail.queens.org/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.queens.org%2fowa%2f&reason=0
IP 64.75.214.26:0
ASN #395618 QUEENS-HEALTH-SYSTEM
File type HTML document, ASCII text, with very long lines (1062), with CRLF, LF line terminators
Hash 9820f1f632ab767c7aa3121a91844563
8ffeeb1966e900a668a5df2b2c5f51b972cf23e5
e3739d1df728696ea8736fb3673b3944ff52e8dd4c8a9a807449506d6cf92113
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.queens.org%2fowa%2f&reason=0 HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: TSb988d7be029=08e550f4cbab2800aade68e9d456bee29ab216c097a81b30fa5244af5de8da5cdf4d469c21310f78e409d022488fa698; TS7fbdf033027=08e550f4cbab2000cae8b6236aa38f313072330dca95c0486af4d31ae529ffafdcc26dc03108923b0881ffde81113000258d27ac03d53352633394cb5e2623e0d62b64ca294821243049441167a5900945aad1d446764c1adbf1e215a2a7c4c9; TS00000000076=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1709d0008882b09a90b3e5f08597169458a6ed3d9ba1d5f3c2bceb56e0cd4d3d85f5d8f8cc6b363a3da4def790b1e7b4eb1e3aa9d7d0c3d2b332a2f1bfd159cba698021f4e1735876d802ea0fda80284b3c8828e67328b624a669f5410364c9dc796a4617301b8fef7ffd54ab28497b8490c06b8a7f767468454da08decfdbd86b99e1a388e7142fa22c38fa2f00e98ddea0c2d44ddd6d62d788c66d0d53e7ac3d1317c3731a9381d87e07149e37f988395e70f69284b2033689d6eee708078575ef0a362e0cf78fe69a79aa59879fe16ec81f30; TSPD_101_DID=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17063800d7d5bea14eded13598fa2302f4e65a33dd255ea63df7e5852279037fc3b7090840631ca648e4c97492b3bb59ccac740ba85e088e051c4e7c; TS0125ca28=01dd4efaa220bd5fe8f17167d5ac99c665348aa5493bfed56e0ef5425887d69864cfba96da51dd990d28f0fae7c047263d9f32331c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
request-id: 6f4ddb68-21b2-455a-9d8c-8726d9f206bc
X-Frame-Options: SAMEORIGIN
Date: Wed, 08 May 2024 21:26:25 GMT
Content-Length: 27982
Set-Cookie: TS7fbdf033027=08e550f4cbab2000b36ff0694319e0a784401422bcf6fcab4eb65fd92c039e41197947d1754ba9a0086a0a8049113000be225513931e4e24dd39b12e17c15192399b030ca836f14b37bc85aad8139e1aa57adaffeb2990760ea8c0afe11a3aa6; Path=/
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
64.75.214.26200 OK 63 kB URL User Request GET HTTP/1.1 webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
IP 64.75.214.26:443
ASN #395618 QUEENS-HEALTH-SYSTEM
Certificate IssuerSectigo Limited
Subjectoa.queens.org
FingerprintD0:D4:CA:F8:57:49:48:7E:32:BA:2F:DB:C4:04:3F:E2:4E:87:B5:59
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (10414), with CRLF, LF line terminators
Hash 9918a4ccf817803c13fd2b707fc40460
9f1ea67c3e0a04ba38e258257e6a4420d19c6160
5fbd295f530bbea634ab1956f9479e608df10aa625eb94b16de212df04e3aa21
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.queens.org%2fowa%2f&reason=0
Cookie: TSb988d7be029=08e550f4cbab2800aade68e9d456bee29ab216c097a81b30fa5244af5de8da5cdf4d469c21310f78e409d022488fa698; TS7fbdf033027=08e550f4cbab2000b36ff0694319e0a784401422bcf6fcab4eb65fd92c039e41197947d1754ba9a0086a0a8049113000be225513931e4e24dd39b12e17c15192399b030ca836f14b37bc85aad8139e1aa57adaffeb2990760ea8c0afe11a3aa6; TS00000000076=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1709d0008882b09a90b3e5f08597169458a6ed3d9ba1d5f3c2bceb56e0cd4d3d85f5d8f8cc6b363a3da4def790b1e7b4eb1e3aa9d7d0c3d2b332a2f1bfd159cba698021f4e1735876d802ea0fda80284b3c8828e67328b624a669f5410364c9dc796a4617301b8fef7ffd54ab28497b8490c06b8a7f767468454da08decfdbd86b99e1a388e7142fa22c38fa2f00e98ddea0c2d44ddd6d62d788c66d0d53e7ac3d1317c3731a9381d87e07149e37f988395e70f69284b2033689d6eee708078575ef0a362e0cf78fe69a79aa59879fe16ec81f30; TSPD_101_DID=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17063800d7d5bea14eded13598fa2302f4e65a33dd255ea63df7e5852279037fc3b7090840631ca648e4c97492b3bb59ccac740ba85e088e051c4e7c; TS0125ca28=01dd4efaa220bd5fe8f17167d5ac99c665348aa5493bfed56e0ef5425887d69864cfba96da51dd990d28f0fae7c047263d9f32331c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
request-id: 8a57771e-867a-41ad-bf7e-5d38687e43bb
X-Frame-Options: SAMEORIGIN
Date: Wed, 08 May 2024 21:26:26 GMT
Content-Length: 62831
Set-Cookie: TS7fbdf033027=08e550f4cbab20008ea9db12f1cd849c067ac322421678f13dbac2d494e0aa5603b6619a8d27843d087875439b113000e5374fbce25fed85119080702e21ded7e10d415090a9f88bc8761caaa66c78d3b1c68c7e35835ce04e4cfa08745af755; Path=/
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
userservices.vip.symantec.com/vipuserservices/resources/js/v_1_0/vip?appId=0820771875&idpURL=https://vipssp.queens.org/vipssp/login&autoIntegration=manual
144.49.243.43 156 kB URL GET userservices.vip.symantec.com/vipuserservices/resources/js/v_1_0/vip?appId=0820771875&idpURL=https://vipssp.queens.org/vipssp/login&autoIntegration=manual
IP 144.49.243.43:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerDigiCert Inc
Subjectuserservices.vip.symantec.com
Fingerprint15:C6:B0:5D:76:58:2A:78:0F:A1:CA:12:46:2D:E6:F8:CB:15:7C:6C
ValidityWed, 25 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32341)
Size 156 kB (156036 bytes)
Hash 734636bec221fddcd01392bebea2701e
b46f8dc13ae2c6fdf4f12562190ee38a44296765
c47ef036d99e5a4280ad8fc3c4b5f6daddc0ac4272fdd023df30e386c2c1e332
GET /vipuserservices/resources/js/v_1_0/vip?appId=0820771875&idpURL=https://vipssp.queens.org/vipssp/login&autoIntegration=manual HTTP/1.1
Host: userservices.vip.symantec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Wed, 08 May 2024 21:26:27 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 156036
Connection: keep-alive
Set-Cookie: JSESSIONID=9C6B8A8D4133C3E4D89105BBE5CC2F30.vipuserservices-be; Path=/vipuserservices; Secure; HttpOnly
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Language, User-Agent, Origin
ETag: "a2a259bde64401276d785ec97f6087f5"
Cache-Control: max-age=300
Expires: Wed, 08 May 2024 21:31:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
userservices.vip.symantec.com/vipuserservices/static/v_1_0/styles/vipbox.css
144.49.243.43200 7.1 kB URL GET HTTP/1.1 userservices.vip.symantec.com/vipuserservices/static/v_1_0/styles/vipbox.css
IP 144.49.243.43:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerDigiCert Inc
Subjectuserservices.vip.symantec.com
Fingerprint15:C6:B0:5D:76:58:2A:78:0F:A1:CA:12:46:2D:E6:F8:CB:15:7C:6C
ValidityWed, 25 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 67d7abfe72c9d59e70ca2596cb3ee59d
0d0e90b1c9844a837b982e9dae9142e8368eba86
bff343ff30e57fe17dfdea73701f2edf2448f3f30400ca818a1971459a023d25
GET /vipuserservices/static/v_1_0/styles/vipbox.css HTTP/1.1
Host: userservices.vip.symantec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Wed, 08 May 2024 21:26:28 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 7093
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"7093-1712008294000"
Last-Modified: Mon, 01 Apr 2024 21:51:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
userservices.vip.symantec.com/vipuserservices/static/v_1_0/styles/vipbox2.css
144.49.243.43200 16 kB URL GET HTTP/1.1 userservices.vip.symantec.com/vipuserservices/static/v_1_0/styles/vipbox2.css
IP 144.49.243.43:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerDigiCert Inc
Subjectuserservices.vip.symantec.com
Fingerprint15:C6:B0:5D:76:58:2A:78:0F:A1:CA:12:46:2D:E6:F8:CB:15:7C:6C
ValidityWed, 25 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT
Hash 934ed15755ca453407b55c56b0aefff5
c56f4e4c4ae5973e051222ef3d720a882290e433
a9a3762a840f0a6f028b5b323b18a5660d54e9f11911fcfa05b6c9b995b02f4e
GET /vipuserservices/static/v_1_0/styles/vipbox2.css HTTP/1.1
Host: userservices.vip.symantec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Wed, 08 May 2024 21:26:28 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 16161
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"16161-1712008294000"
Last-Modified: Mon, 01 Apr 2024 21:51:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
userservices.vip.symantec.com/vipuserservices/static/v_1_0/styles/vipbox-quirks.css
144.49.243.43200 155 B URL GET HTTP/1.1 userservices.vip.symantec.com/vipuserservices/static/v_1_0/styles/vipbox-quirks.css
IP 144.49.243.43:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerDigiCert Inc
Subjectuserservices.vip.symantec.com
Fingerprint15:C6:B0:5D:76:58:2A:78:0F:A1:CA:12:46:2D:E6:F8:CB:15:7C:6C
ValidityWed, 25 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash f99610fe2168a74d03ca7070921afbe1
833db8c81445417420ef2e20b37e70a671349e69
ca9e6de50a907e2f7371ecfb0212ac6bab050700f819e05dcb1325dbc6075649
GET /vipuserservices/static/v_1_0/styles/vipbox-quirks.css HTTP/1.1
Host: userservices.vip.symantec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Wed, 08 May 2024 21:26:28 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 155
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"155-1712008294000"
Last-Modified: Mon, 01 Apr 2024 21:51:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
webmail.queens.org/owa/auth/15.1.2507/themes/resources/segoeui-semilight.ttf
64.75.214.26200 OK 42 kB URL GET HTTP/1.1 webmail.queens.org/owa/auth/15.1.2507/themes/resources/segoeui-semilight.ttf
IP 64.75.214.26:443
ASN #395618 QUEENS-HEALTH-SYSTEM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerSectigo Limited
Subjectoa.queens.org
FingerprintD0:D4:CA:F8:57:49:48:7E:32:BA:2F:DB:C4:04:3F:E2:4E:87:B5:59
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.1.2507/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Cookie: TSb988d7be029=08e550f4cbab2800aade68e9d456bee29ab216c097a81b30fa5244af5de8da5cdf4d469c21310f78e409d022488fa698; TS7fbdf033027=08e550f4cbab20008ea9db12f1cd849c067ac322421678f13dbac2d494e0aa5603b6619a8d27843d087875439b113000e5374fbce25fed85119080702e21ded7e10d415090a9f88bc8761caaa66c78d3b1c68c7e35835ce04e4cfa08745af755; TS00000000076=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1709d0008882b09a90b3e5f08597169458a6ed3d9ba1d5f3c2bceb56e0cd4d3d85f5d8f8cc6b363a3da4def790b1e7b4eb1e3aa9d7d0c3d2b332a2f1bfd159cba698021f4e1735876d802ea0fda80284b3c8828e67328b624a669f5410364c9dc796a4617301b8fef7ffd54ab28497b8490c06b8a7f767468454da08decfdbd86b99e1a388e7142fa22c38fa2f00e98ddea0c2d44ddd6d62d788c66d0d53e7ac3d1317c3731a9381d87e07149e37f988395e70f69284b2033689d6eee708078575ef0a362e0cf78fe69a79aa59879fe16ec81f30; TSPD_101_DID=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17063800d7d5bea14eded13598fa2302f4e65a33dd255ea63df7e5852279037fc3b7090840631ca648e4c97492b3bb59ccac740ba85e088e051c4e7c; TS0125ca28=01dd4efaa220bd5fe8f17167d5ac99c665348aa5493bfed56e0ef5425887d69864cfba96da51dd990d28f0fae7c047263d9f32331c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Sun, 20 Mar 2022 14:41:26 GMT
Accept-Ranges: bytes
ETag: "0efb793683cd81:0"
request-id: 12f0d92b-9dab-410b-b994-57a50fab444e
Connection: Keep-Alive
Date: Wed, 08 May 2024 21:26:28 GMT
Age: 82602
Content-Length: 41560
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/owa/auth/15.1.2507/themes/resources/favicon.ico
64.75.214.26200 OK 7.9 kB URL GET HTTP/1.1 webmail.queens.org/owa/auth/15.1.2507/themes/resources/favicon.ico
IP 64.75.214.26:443
ASN #395618 QUEENS-HEALTH-SYSTEM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerSectigo Limited
Subjectoa.queens.org
FingerprintD0:D4:CA:F8:57:49:48:7E:32:BA:2F:DB:C4:04:3F:E2:4E:87:B5:59
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.1.2507/themes/resources/favicon.ico HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Cookie: TSb988d7be029=08e550f4cbab2800aade68e9d456bee29ab216c097a81b30fa5244af5de8da5cdf4d469c21310f78e409d022488fa698; TS7fbdf033027=08e550f4cbab20008ea9db12f1cd849c067ac322421678f13dbac2d494e0aa5603b6619a8d27843d087875439b113000e5374fbce25fed85119080702e21ded7e10d415090a9f88bc8761caaa66c78d3b1c68c7e35835ce04e4cfa08745af755; TS00000000076=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1709d0008882b09a90b3e5f08597169458a6ed3d9ba1d5f3c2bceb56e0cd4d3d85f5d8f8cc6b363a3da4def790b1e7b4eb1e3aa9d7d0c3d2b332a2f1bfd159cba698021f4e1735876d802ea0fda80284b3c8828e67328b624a669f5410364c9dc796a4617301b8fef7ffd54ab28497b8490c06b8a7f767468454da08decfdbd86b99e1a388e7142fa22c38fa2f00e98ddea0c2d44ddd6d62d788c66d0d53e7ac3d1317c3731a9381d87e07149e37f988395e70f69284b2033689d6eee708078575ef0a362e0cf78fe69a79aa59879fe16ec81f30; TSPD_101_DID=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17063800d7d5bea14eded13598fa2302f4e65a33dd255ea63df7e5852279037fc3b7090840631ca648e4c97492b3bb59ccac740ba85e088e051c4e7c; TS0125ca28=01dd4efaa220bd5fe8f17167d5ac99c665348aa5493bfed56e0ef5425887d69864cfba96da51dd990d28f0fae7c047263d9f32331c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/x-icon
Last-Modified: Sat, 26 Mar 2022 18:40:39 GMT
Accept-Ranges: bytes
ETag: "806d40fd4041d81:0"
request-id: bc8b0ecc-436b-4980-830e-1c610467d565
Connection: Keep-Alive
Date: Wed, 08 May 2024 21:26:29 GMT
Age: 85070
Content-Length: 7886
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
webmail.queens.org/owa/auth/15.1.2507/themes/resources/segoeui-regular.ttf
64.75.214.26200 OK 57 kB URL GET HTTP/1.1 webmail.queens.org/owa/auth/15.1.2507/themes/resources/segoeui-regular.ttf
IP 64.75.214.26:443
ASN #395618 QUEENS-HEALTH-SYSTEM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerSectigo Limited
Subjectoa.queens.org
FingerprintD0:D4:CA:F8:57:49:48:7E:32:BA:2F:DB:C4:04:3F:E2:4E:87:B5:59
ValidityWed, 17 Jan 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
File type TrueType Font data, 18 tables, 1st "LTSH", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S
Hash 8af990b6ad3ba192c2dd6a193890bf5f
4db5bf117ff8f1392fab3b438216d7cff4ae4976
c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.1.2507/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: webmail.queens.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Cookie: TSb988d7be029=08e550f4cbab2800aade68e9d456bee29ab216c097a81b30fa5244af5de8da5cdf4d469c21310f78e409d022488fa698; TS7fbdf033027=08e550f4cbab20008ea9db12f1cd849c067ac322421678f13dbac2d494e0aa5603b6619a8d27843d087875439b113000e5374fbce25fed85119080702e21ded7e10d415090a9f88bc8761caaa66c78d3b1c68c7e35835ce04e4cfa08745af755; TS00000000076=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc1709d0008882b09a90b3e5f08597169458a6ed3d9ba1d5f3c2bceb56e0cd4d3d85f5d8f8cc6b363a3da4def790b1e7b4eb1e3aa9d7d0c3d2b332a2f1bfd159cba698021f4e1735876d802ea0fda80284b3c8828e67328b624a669f5410364c9dc796a4617301b8fef7ffd54ab28497b8490c06b8a7f767468454da08decfdbd86b99e1a388e7142fa22c38fa2f00e98ddea0c2d44ddd6d62d788c66d0d53e7ac3d1317c3731a9381d87e07149e37f988395e70f69284b2033689d6eee708078575ef0a362e0cf78fe69a79aa59879fe16ec81f30; TSPD_101_DID=08e550f4cbab28008f382ff159792c426ef2d6b46e5c8c5e65295f4510c31839383a7b96ffa1d3e0a6cdc8c7b6d6023608ebe7bc17063800d7d5bea14eded13598fa2302f4e65a33dd255ea63df7e5852279037fc3b7090840631ca648e4c97492b3bb59ccac740ba85e088e051c4e7c; TS0125ca28=01dd4efaa220bd5fe8f17167d5ac99c665348aa5493bfed56e0ef5425887d69864cfba96da51dd990d28f0fae7c047263d9f32331c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Sun, 20 Mar 2022 14:39:34 GMT
Accept-Ranges: bytes
ETag: "017f650683cd81:0"
request-id: 9a304fdf-bb16-4378-834c-f75ace51ed92
Connection: Keep-Alive
Date: Wed, 08 May 2024 21:26:29 GMT
Age: 81518
Content-Length: 56760
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
userservices.vip.symantec.com/vipuserservices/static/v_1_0/fonts/NotoSans-Light.woff2
144.49.243.43200 204 kB URL GET HTTP/1.1 userservices.vip.symantec.com/vipuserservices/static/v_1_0/fonts/NotoSans-Light.woff2
IP 144.49.243.43:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://webmail.queens.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.queens.org%2fowa%2f
Certificate IssuerDigiCert Inc
Subjectuserservices.vip.symantec.com
Fingerprint15:C6:B0:5D:76:58:2A:78:0F:A1:CA:12:46:2D:E6:F8:CB:15:7C:6C
ValidityWed, 25 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 204436, version 1.0
Size 204 kB (204436 bytes)
Hash 0def4fe79deacfb8708c10c6c83b96bd
b50cadea1dd5c9f0fb7fd76c363c8fedecf2c11e
e94810da52b3e1c67bb06572d6129a1211c71343ebcfe3b5777c8cecc91926d5
GET /vipuserservices/static/v_1_0/fonts/NotoSans-Light.woff2 HTTP/1.1
Host: userservices.vip.symantec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://webmail.queens.org
DNT: 1
Connection: keep-alive
Referer: https://userservices.vip.symantec.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Wed, 08 May 2024 21:26:29 GMT
Content-Type: font/woff2;charset=UTF-8
Content-Length: 204436
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"204436-1712008294000"
Last-Modified: Mon, 01 Apr 2024 21:51:34 GMT
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000; includeSubDomains