Overview

URL https://tinyurl.com/ya3cuxm6
IP104.20.218.42
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-06-13 22:50:47 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-06-13 2 cllawcollege.com/me/office/office Phishing
2018-06-13 2 cllawcollege.com/me/office/office/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.20.218.42

Date UQ / IDS / BL URL IP
2018-10-18 20:14:46 +0200
0 - 0 - 0 https://tinyurl.com/ybwqqpnc 104.20.218.42
2018-10-18 20:02:08 +0200
0 - 0 - 0 https://tinyurl.com/y96pdx5y 104.20.218.42
2018-10-18 15:28:21 +0200
0 - 0 - 0 https://tinyurl.com/jdjhgbg?rid=LGFfFg1 104.20.218.42
2018-10-18 06:37:41 +0200
2 - 0 - 0 https://tinyurl.com/y94hapdd 104.20.218.42
2018-10-18 02:09:40 +0200
0 - 0 - 0 https://tinyurl.com/ProjectSelf6 104.20.218.42
2018-10-17 22:54:38 +0200
1 - 0 - 0 tinyurl.com/y7o68hn6 104.20.218.42
2018-10-17 19:01:25 +0200
0 - 0 - 0 https://tinyurl.com/ybwnn4uw 104.20.218.42
2018-10-16 18:36:12 +0200
0 - 0 - 0 tinyurl.com/yc9jzm83 104.20.218.42
2018-10-16 11:32:38 +0200
0 - 0 - 0 https://tinyurl.com/yb2kcwqk 104.20.218.42
2018-10-16 10:10:42 +0200
0 - 0 - 0 https://tinyurl.com/ycuagf7y 104.20.218.42

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-10-18 22:52:16 +0200
0 - 0 - 0 https://www.lepotcommun.fr/pot/2a8b2k6p 104.25.54.104
2018-10-18 22:51:39 +0200
0 - 0 - 0 https://www.lepotcommun.fr/pot/2a8b2k6p 104.25.54.104
2018-10-18 22:47:36 +0200
0 - 0 - 0 https://www.lepotcommun.fr/pot/8mnc0pk0 104.25.53.104
2018-10-18 22:45:54 +0200
0 - 0 - 0 https://www.lepotcommun.fr/pot/8mnc0pk0 104.25.54.104
2018-10-18 22:45:14 +0200
0 - 0 - 0 r.enewsib.apsleytailors.com.hk 104.16.233.163
2018-10-18 22:35:14 +0200
0 - 0 - 0 https://www.wattpad.com/story/164873747-watch (...) 104.16.108.12
2018-10-18 22:31:16 +0200
0 - 0 - 0 https://turl.ca/zfmmr 104.18.57.2
2018-10-18 22:28:46 +0200
2 - 0 - 0 www.cdcovers.cc/search/all/thenotebook 104.28.4.81
2018-10-18 22:24:34 +0200
0 - 0 - 0 https://www.wattpad.com/643993659-sports%5E%5 (...) 104.16.111.12
2018-10-18 22:23:57 +0200
0 - 0 - 0 lyfbuzz.com/new/ 104.28.24.149

Last 10 reports on domain: tinyurl.com

Date UQ / IDS / BL URL IP
2018-10-18 20:38:38 +0200
0 - 0 - 0 https://tinyurl.com/y89hnpav 104.20.219.42
2018-10-18 20:14:46 +0200
0 - 0 - 0 https://tinyurl.com/ybwqqpnc 104.20.218.42
2018-10-18 20:02:08 +0200
0 - 0 - 0 https://tinyurl.com/y96pdx5y 104.20.218.42
2018-10-18 18:06:48 +0200
0 - 0 - 0 https://tinyurl.com/Y89HNPAV 104.20.219.42
2018-10-18 17:58:13 +0200
0 - 0 - 0 https://tinyurl.com/jdjhgbg?rid=p2NzjKq 104.20.219.42
2018-10-18 16:07:45 +0200
0 - 1 - 0 https://tinyurl.com/ya4o48x9 104.20.219.42
2018-10-18 15:28:21 +0200
0 - 0 - 0 https://tinyurl.com/jdjhgbg?rid=LGFfFg1 104.20.218.42
2018-10-18 06:37:41 +0200
2 - 0 - 0 https://tinyurl.com/y94hapdd 104.20.218.42
2018-10-18 02:09:40 +0200
0 - 0 - 0 https://tinyurl.com/ProjectSelf6 104.20.218.42
2018-10-17 22:54:38 +0200
1 - 0 - 0 tinyurl.com/y7o68hn6 104.20.218.42


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (3)

#1 JavaScript::Write (size: 119, repeated: 1) - SHA256: f5a4f050d191396649b31ed0cfdeac069879197895989e4b1f000a7db788813d

                                        < script type = "text/javascript"
src = "https://auth.gfx.ms/16.000.27486.00/ConvergedLoginPaginatedStrings.EN.js" > < /script>
                                    

#2 JavaScript::Write (size: 106, repeated: 1) - SHA256: d95ee9adf4541c03656fc8c2f327f41581a1171de644126802adf93c02750e82

                                        < script type = "text/javascript"
src = "https://auth.gfx.ms/16.000.27486.00/ConvergedLogin_PCore.js" > < /script>
                                    

#3 JavaScript::Write (size: 62, repeated: 1) - SHA256: 9060f7f21935005d8aa85f5d626dcdc17518492b8f3f6c7208b9f2dfc3db68ce

                                        < style type = "text/css" > body {
    display: block!important;
} < /style>
                                    


HTTP Transactions (19)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 11 Jun 2018 08:35:02 GMT
Etag: E8798D6B71FEBBB4A38ACA493C18E82D62A20667
X-OCSP-Responder-ID: rmdccaocsp1
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=1800
Expires: Wed, 13 Jun 2018 21:20:16 GMT
Date: Wed, 13 Jun 2018 20:50:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    0a9a59985a5bd82415ae1adc1f44c34c
Sha1:   e8798d6b71febbb4a38aca493c18e82d62a20667
Sha256: ecbd547af7d4f13eef40f328d343792234e88c3a950829c4d0695b2ebe34fe96
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Etag: AA24BC0AB6199DB26754048E01DEABEC8865E132
X-OCSP-Responder-ID: rmdccaocsp1
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=630
Expires: Wed, 13 Jun 2018 21:00:46 GMT
Date: Wed, 13 Jun 2018 20:50:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    ffe8ad370cab78d4371f0e117a2b7b3b
Sha1:   aa24bc0ab6199db26754048e01deabec8865e132
Sha256: a141ea45dcd11600e92172ef17c0671de74d8af3f7d0ae14a8cbbebeb1c44e5e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 13 Jun 2018 20:50:16 GMT
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Expires: Tue, 19 Jun 2018 01:16:20 GMT
Etag: AE4B185B2ECC39CC7C8F4124E5AEB796F5ECC58F
Cache-Control: max-age=447363,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp8
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e21c39af1710d2a6de021715d268f796
Sha1:   ae4b185b2ecc39cc7c8f4124e5aeb796f5ecc58f
Sha256: eee7a074c25f2f892d51e619013f11662e8783769f8b1573b1dca114d77632f5
                                        
                                            GET /ya3cuxm6 HTTP/1.1 
Host: tinyurl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.20.218.42
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 13 Jun 2018 20:50:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de3a9c54a9fe1656b4711b408ec973b551528923016; expires=Thu, 13-Jun-19 20:50:16 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=b21838cc732c4d28817b0000; expires=Thu, 13-Jun-2019 20:50:15 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
Location: https://cllawcollege.com/me/office/office
X-tiny: cache 0.01112699508667
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 42a76db7082b42c1-OSL


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 13 Jun 2018 20:50:17 GMT
Server: Apache
Last-Modified: Wed, 13 Jun 2018 13:37:45 GMT
Expires: Wed, 20 Jun 2018 13:37:45 GMT
Etag: 37FC0B678969BA177ECC5BFB4324B7E54F6D4750
Cache-Control: max-age=578247,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp8
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    6ad9c800c6de9c6dc6ba43f530c64a10
Sha1:   37fc0b678969ba177ecc5bfb4324b7e54f6d4750
Sha256: 25d4805b7eb0e029319c86055629b1101bc597f0f577184e374999c67ffa05e0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 13 Jun 2018 20:50:18 GMT
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Expires: Tue, 19 Jun 2018 01:16:20 GMT
Etag: 503D771A30034A961F01554CF96D1C0D83E8BC47
Cache-Control: max-age=447361,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp25
Content-Length: 728
Connection: close


--- Additional Info ---
Magic:  data
Size:   728
Md5:    7c0081c9e1b0ff1b5c70c1d4f9800402
Sha1:   503d771a30034a961f01554cf96d1c0d83e8bc47
Sha256: 0a24b970b6791aae695aa4456e6f6e2fbc606e16e974590a7ecf45b41e30a3ae
                                        
                                            GET /me/office/office HTTP/1.1 
Host: cllawcollege.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         115.124.114.46
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 13 Jun 2018 20:50:18 GMT
Server: Apache
Location: https://cllawcollege.com/me/office/office/
Content-Length: 250
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   250
Md5:    968a4861a751d9ef1664c2673dc077ac
Sha1:   63e43ebe6d5792eddcd1d5c784d917733a20ddb2
Sha256: 6c72050ea6bd76f660e31d6c7f8561fa70c77ffa44f4c7677e5b8bce6eb170d0

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /me/office/office/ HTTP/1.1 
Host: cllawcollege.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         115.124.114.46
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 13 Jun 2018 20:50:18 GMT
Server: Apache
Last-Modified: Sat, 25 Nov 2017 11:37:28 GMT
Accept-Ranges: bytes
Content-Length: 17593
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text
Size:   17593
Md5:    c02d1d743d742a0e6321b83237e2fd36
Sha1:   68b44e5401e3b573b9fd08484bca1abb7c10a1f2
Sha256: 5aaaf19b68b5e7ec8fa8e289716886bad68873b6a98e3f7ddbfea6f5b58ffea7

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         104.18.24.243
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 13 Jun 2018 20:50:18 GMT
Content-Length: 1831
Connection: keep-alive
Set-Cookie: __cfduid=ddbdef4c108b8a2a81f2923261633c0bf1528923018; expires=Thu, 13-Jun-19 20:50:18 GMT; path=/; domain=.msocsp.com; HttpOnly
Last-Modified: Wed, 13 Jun 2018 16:52:57 GMT
Expires: Sun, 17 Jun 2018 16:52:57 GMT
Etag: "8a47d243746a89a95f4bdedf40565bf8a12713c2"
X-Cache: HIT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 42a76dc483c442bb-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    ac2fcaff212cd20a032bc63f4ba930d7
Sha1:   8a47d243746a89a95f4bdedf40565bf8a12713c2
Sha256: efd96c9d3f7264c9d34ce560cd0c297f9571c3e4531c328b6a27acc7515ce187
                                        
                                            GET /16.000.27486.00/images/favicon.ico HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1A003 V: 0
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=502182
Date: Wed, 13 Jun 2018 20:50:19 GMT
Content-Length: 540
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   540
Md5:    a6c82159d8c8b565f8fe916b6598ad7f
Sha1:   ad8137f1fe2e4d750b287cec1ccc67dfc11e49d6
Sha256: bc1a59d73d119c45a5201f5140103cee788c3b6adf62f6954687e2d0205da413
                                        
                                            GET /16.000.27486.00/Converged1033.css HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C003 V: 0
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16598
Cache-Control: max-age=67131
Date: Wed, 13 Jun 2018 20:50:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   16598
Md5:    e63f7b0b15ef1b5de85b54104a1b40fe
Sha1:   c22315b2d38d9614b46d2f35695344e3aa85a726
Sha256: ea300656604880002a598182d75b762d7b779104f19d341bbbe23bfe485cea9a
                                        
                                            GET /16.000.27486.00/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1A002 V: 0
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1435
Cache-Control: max-age=534918
Date: Wed, 13 Jun 2018 20:50:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1435
Md5:    1ea9a5ae0b2025e472d0afb30ef385af
Sha1:   0fe07bae4a2d10d4a5bc356d6baa8f851fbf4143
Sha256: 72fc9e1cc2a27060a4288017d1921368289ba55ee5f1c79f6dd4bef7bf3b7e8c
                                        
                                            GET /16.000.27486.00/ConvergedLoginPaginatedStrings.EN.js HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:16 GMT
Accept-Ranges: bytes
Etag: "03637ce71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1A002 V: 0
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4328
Cache-Control: max-age=67132
Date: Wed, 13 Jun 2018 20:50:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   4328
Md5:    a2fc1c4424fbaed10fa23fa3aba07454
Sha1:   7ff7fae24bcc6f8f1011ca5c5220ef1dfc3b5b34
Sha256: 1f6baae139cc92e5faf3ebeb433b4cdd50f44532fd1855100ee978ac982ba733
                                        
                                            GET /16.000.27486.00/ConvergedLogin_PCore.js HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:16 GMT
Accept-Ranges: bytes
Etag: "03637ce71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C003 V: 0
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 77698
Cache-Control: max-age=534919
Date: Wed, 13 Jun 2018 20:50:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   77698
Md5:    0fee18bafb2af6d98dd0184f6fcf0ce7
Sha1:   3093b485c8a8fd0e06289feb0e8f1476efce29a7
Sha256: c88f22ebda559ae4d5d27dbaac62f6a553572c0c88fa448a182e22d3275b1844
                                        
                                            GET /16.000.27486.00/images/Backgrounds/0-small.jpg?x=12f4b8b543125cc986c79cd85320812f HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1A002 V: 0
Access-Control-Allow-Origin: *
Content-Length: 1029
Cache-Control: max-age=534919
Date: Wed, 13 Jun 2018 20:50:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   1029
Md5:    12f4b8b543125cc986c79cd85320812f
Sha1:   e3142c687fe873e1a6a7d29016c7a451b8a2850f
Sha256: c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
                                        
                                            POST / HTTP/1.1 
Host: ocspx.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=518400, public, no-transform
Date: Wed, 13 Jun 2018 20:50:19 GMT
Expires: Tue, 19 Jun 2018 16:30:22 GMT
Last-Modified: Wed, 13 Jun 2018 18:26:54 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b410572003e473120630ffbf2ec0c6f5
Sha1:   447e7985d0e3cfa0c47206f820a676577b61849a
Sha256: e833c6a616e48075d24f704f43700dab1cdd82208c28b1bdadebc0582c69598b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=154898
Date: Wed, 13 Jun 2018 20:50:19 GMT
Etag: "5b213177-1d7"
Expires: Fri, 15 Jun 2018 15:47:25 GMT
Last-Modified: Wed, 13 Jun 2018 15:00:07 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4ea8dfc45e7e9dfbc6c49af3eeb6ac51
Sha1:   579f0d5b71fcf4e951ce561ab8db960173b28eb6
Sha256: 809b28e76754de675581ffa478c284038773cc0347183341ef8e6c176127b789
                                        
                                            GET /16.000.27486.00/images/Backgrounds/0.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5 HTTP/1.1 
Host: auth.gfx.ms
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         2.19.112.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 20 Jul 2017 03:25:15 GMT
Accept-Ranges: bytes
Etag: "809f9ecd71d31:0"
Server: Microsoft-IIS/8.5
PPServer: PPV: 30 H: BL2IDSPRTS1C003 V: 0
Access-Control-Allow-Origin: *
Content-Length: 298105
Cache-Control: max-age=521733
Date: Wed, 13 Jun 2018 20:50:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   298105
Md5:    f5a9a9531b8f4bcc86eabb19472d15d5
Sha1:   0aac0b09708622c679768aa62b11d95f0e8388de
Sha256: 62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214
                                        
                                            GET /owa/prefetch.aspx?id=292841&mkt=EN-US HTTP/1.1 
Host: outlook.office365.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://cllawcollege.com/me/office/office/

                                         
                                         40.101.9.178
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Cache-Control: private, no-store
Server: Microsoft-IIS/10.0
request-id: 2d41c19e-3a70-4914-96ac-d9bba143cc15
X-CalculatedFETarget: VI1PR02CU002.internal.outlook.com
X-BackEndHttpStatus: 200, 200
Set-Cookie: ClientId=C575527301AE4CBB9573A07EFF48F9DE; expires=Thu, 13-Jun-2019 20:50:19 GMT; path=/; secure ClientId=C575527301AE4CBB9573A07EFF48F9DE; expires=Thu, 13-Jun-2019 20:50:19 GMT; path=/; secure OIDC=1; expires=Thu, 13-Dec-2018 20:50:19 GMT; path=/; secure; HttpOnly
X-FEProxyInfo: VI1PR02CA0060.EURPRD02.PROD.OUTLOOK.COM
X-CalculatedBETarget: VI1PR02MB3069.eurprd02.prod.outlook.com
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-OWA-Version: 15.20.841.19
X-OWA-DiagnosticsInfo: 1;0;0
X-BackEnd-Begin: 2018-06-13T20:50:19.966
X-BackEnd-End: 2018-06-13T20:50:19.968
X-DiagInfo: VI1PR02MB3069
X-BEServer: VI1PR02MB3069
x-ua-compatible: IE=EmulateIE7
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-FEServer: VI1PR02CA0060, AM5PR0201CA0012
X-Powered-By: ASP.NET
Date: Wed, 13 Jun 2018 20:50:19 GMT
Content-Length: 0


--- Additional Info ---