Overview

URL https://work-72218518.facebook.com/work/email_notif/?groups%2F337464866704672%2F&aref=1560762410795416&medium=email&mid=58b81077cfec6G5afbe253edf4G58b8151130198G9dd&bcode=2.1560762410.AbyWQLlpOe3uT_3xLtM&n_m=rafal.lewicki%40perkinelmer.com&atwork_nonce=KoBFy8Ij
IP31.13.72.8
ASNAS32934 Facebook, Inc.
Location Ireland
Report completed2019-06-17 15:01:43 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 31.13.72.8

Date UQ / IDS / BL URL IP
2019-06-27 12:36:08 +0200
0 - 0 - 0 portal.fb.com 31.13.72.8
2019-06-26 13:44:45 +0200
0 - 0 - 0 portal.fb.com 31.13.72.8
2019-06-25 05:03:44 +0200
0 - 0 - 0 security@facebookmail.com 31.13.72.8
2019-06-23 14:45:09 +0200
0 - 0 - 0 https://it-it.facebook.com/facebook/ 31.13.72.8
2019-06-20 01:41:22 +0200
0 - 0 - 0 https://m.me/stevenjohnstve 31.13.72.8
2019-06-15 20:57:54 +0200
0 - 0 - 0 edge-chat.facebook.com 31.13.72.8
2019-06-08 22:28:17 +0200
0 - 0 - 0 Graph.facebook.com 31.13.72.8
2019-05-31 15:49:50 +0200
0 - 0 - 0 https://apps.facebook.com/797990950335125/?=c (...) 31.13.72.8
2019-05-19 04:56:16 +0200
0 - 0 - 0 portal.facebook.com 31.13.72.8
2019-05-17 16:52:23 +0200
0 - 0 - 0 https://touch.facebook.com/events/292100741735952/ 31.13.72.8

Last 10 reports on ASN: AS32934 Facebook, Inc.

Date UQ / IDS / BL URL IP
2019-07-04 10:47:34 +0200
0 - 0 - 0 https://www.facebook.com/events/1859205577515952/ 31.13.72.36
2019-07-04 10:47:33 +0200
0 - 0 - 0 https://www.facebook.com/events/2010186875793230/ 31.13.72.36
2019-07-04 10:47:31 +0200
0 - 0 - 0 https://www.facebook.com/events/727508070999085/ 31.13.72.36
2019-07-02 09:53:04 +0200
0 - 0 - 0 https://www.facebook.com/French-Throwdown-201 (...) 31.13.72.36
2019-07-02 09:52:39 +0200
0 - 0 - 0 https://www.facebook.com/CrossFit-French-Thro (...) 31.13.72.36
2019-07-02 09:52:21 +0200
0 - 0 - 0 https://www.facebook.com/Ironman-France-2019- (...) 31.13.72.36
2019-07-02 09:52:17 +0200
0 - 0 - 0 https://www.facebook.com/IMFranceLive2019/ 31.13.72.36
2019-07-02 09:51:13 +0200
0 - 0 - 0 https://www.facebook.com/nybcigars/ 31.13.72.36
2019-07-02 09:50:51 +0200
0 - 0 - 0 https://www.facebook.com/Ironman-Frankfurt-20 (...) 31.13.72.36
2019-07-02 09:50:42 +0200
0 - 0 - 0 https://www.facebook.com/Oktagon-13-Live-stre (...) 31.13.72.36

No other reports on domain: facebook.com



JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (25)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=116337
Date: Mon, 17 Jun 2019 13:01:10 GMT
Etag: "5d069fce-1d7"
Expires: Tue, 18 Jun 2019 21:20:07 GMT
Last-Modified: Sun, 16 Jun 2019 20:00:14 GMT
Server: ECS (lcy/1D75)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3747e2936bd8694550b7884b7327dfd1
Sha1:   0aae690167f14116b4407d3081baad69c844881d
Sha256: 864f062e87d3a65b1571d193900b808d3e648bc58e56c071e6e3d3eda2b0c4f1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=89604
Date: Mon, 17 Jun 2019 13:01:10 GMT
Etag: "5d063422-1d7"
Expires: Tue, 18 Jun 2019 13:54:34 GMT
Last-Modified: Sun, 16 Jun 2019 12:20:50 GMT
Server: ECS (lcy/1D57)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2ab1bcd449129597ff1c6a758af497c1
Sha1:   705b943cefeb557073ac52a1223e44f19fa5b8f5
Sha256: b508216a108ac8cec82e709ecc7dd96c2dd5714548d9e3ae320e603cd5483c25
                                        
                                            GET /work/email_notif/?groups%2F337464866704672%2F&aref=1560762410795416&medium=email&mid=58b81077cfec6G5afbe253edf4G58b8151130198G9dd&bcode=2.1560762410.AbyWQLlpOe3uT_3xLtM&n_m=rafal.lewicki%40perkinelmer.com&atwork_nonce=KoBFy8Ij HTTP/1.1 
Host: work-72218518.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         31.13.72.8
HTTP/1.1 302 Found
Content-Type: text/html; charset="utf-8"
                                        
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-XSS-Protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Location: https://work-72218518.facebook.com/work/goclaim/?enc=58b81077cfec6G5afbe253edf4G58b8151130198G9dd&nonce=KoBFy8Ij&notif_type=campaign_group_activity
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Vary: Origin
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://work-72218518.facebook.com
Access-Control-Allow-Methods: OPTIONS
X-FB-Debug: EMexc1scCeVz/XDaXtr57RcmKa1joaA0pRqcNb5KElrP9BCP4oJHmXd4Uhgz//IR68YY3MX/+AbZ+eQLJfgHlw==
Date: Mon, 17 Jun 2019 13:01:11 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /work/goclaim/?enc=58b81077cfec6G5afbe253edf4G58b8151130198G9dd&nonce=KoBFy8Ij&notif_type=campaign_group_activity HTTP/1.1 
Host: work-72218518.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         31.13.72.8
HTTP/1.1 302 Found
Content-Type: text/html; charset="utf-8"
                                        
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-XSS-Protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Location: https://work-72218518.facebook.com/work/sso/claim/?uid=100037880442356&notif_data=AYYjoC2AEafcNcVAUbIUxxYDEMz0MMiqi6SnKW_UO13x06q2GfT2ETMBTDF-3PJcsOn0oWsaNYAXpXx2-W0YT6DYMgr0YCOM9fCsO3QEQm2BeW7gbgnCnuTwSKmOsBoE0e-4EsYoAJ_pDYkufFcNZFo5YPOptuGaiC-TIBIi5Np_mAdqurr-z87qSsvET0K9LQ1VvePX29zBFdC_FAKrDHisT-Ctryl4snlbtYV5WEVuXA
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Vary: Origin
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://work-72218518.facebook.com
Access-Control-Allow-Methods: OPTIONS
X-FB-Debug: TevcP9PLFUX2Gcm65Gd+eAR4lmPGiCU+5ccPXFXCz8ur+APEpeHjmMWYhknA1oOq9Zas1zruJ3qfdwXPMZCqqw==
Date: Mon, 17 Jun 2019 13:01:11 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /work/sso/claim/?uid=100037880442356&notif_data=AYYjoC2AEafcNcVAUbIUxxYDEMz0MMiqi6SnKW_UO13x06q2GfT2ETMBTDF-3PJcsOn0oWsaNYAXpXx2-W0YT6DYMgr0YCOM9fCsO3QEQm2BeW7gbgnCnuTwSKmOsBoE0e-4EsYoAJ_pDYkufFcNZFo5YPOptuGaiC-TIBIi5Np_mAdqurr-z87qSsvET0K9LQ1VvePX29zBFdC_FAKrDHisT-Ctryl4snlbtYV5WEVuXA HTTP/1.1 
Host: work-72218518.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         31.13.72.8
HTTP/1.1 302 Found
Content-Type: text/html; charset="utf-8"
                                        
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-XSS-Protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Location: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Vary: Origin
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://work-72218518.facebook.com
Access-Control-Allow-Methods: OPTIONS
X-FB-Debug: EJbG+muKZzO9KeydbMZjQ3oFSpwEbUoX7BSICzn+hQHUqej8WZC902UUhOsON896MLB7a0GfYMuA7a8fE0uIRA==
Date: Mon, 17 Jun 2019 13:01:11 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         104.18.25.243
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 17 Jun 2019 13:01:11 GMT
Content-Length: 1831
Connection: keep-alive
Set-Cookie: __cfduid=d87f5154c1d7c825c1aae2a8bd4ab34df1560776471; expires=Tue, 16-Jun-20 13:01:11 GMT; path=/; domain=.msocsp.com; HttpOnly
Expires: Fri, 21 Jun 2019 12:39:33 GMT
X-Powered-By: Undertow/1
Etag: "06d0ee0995f9ec31c970e49daeae8d37f2d86b63"
Last-Modified: Mon, 17 Jun 2019 12:39:33 GMT
X-Cache: HIT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e8535f40867428f-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    1056418f3a85956fc13e3b179384cfe8
Sha1:   06d0ee0995f9ec31c970e49daeae8d37f2d86b63
Sha256: 905b1ee90b39723e4369644c37849590ad28f824aa26ebaa0d531c043e68613c
                                        
                                            GET /f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ HTTP/1.1 
Host: login.microsoftonline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         40.126.1.135
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
x-ms-request-id: fae97bbc-f015-434f-b0ec-ec010789db00
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: buid=AQABAAEAAADCoMpjJXrxTq9VG9te-7FXAGTlrBQmeSiQ1HSReeKWqH8BVU2GuMYupbWT-DGFB6U5MQggDXAJ3dWovLFocTnjUJeJY-xHawKLIFYXrEeIuN-TzJvf_t7ACux9XpIalkQgAA; expires=Wed, 17-Jul-2019 13:01:11 GMT; path=/; secure; HttpOnly ExternalIdpStateHash=DqZrGcVwiYUIwRruwdx-YkUUqib3ZWf7VnA2PTULGik; path=/; secure; HttpOnly fpc=AvQ7vlq6-2lDsumQMdv0wpl7hQaMAQAAABeGmdQOAAAA; expires=Wed, 17-Jul-2019 13:01:11 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAADCoMpjJXrxTq9VG9te-7FXwQZ37rHyx_Xhaz4WwMjDyWGInzYRxGgpJrJ_IF2ygSeOm9YoBBjaT6no5k82nRd0Z_skswRKzqupSk6BWKntskOhzEGZs5EVZj7mkObdeeDAehrgkTW2HumiT2hD8e76BqlLEzce3l2O01o6gosYnAdwMaVhTyivinpszzrQIzQgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=prod; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Date: Mon, 17 Jun 2019 13:01:11 GMT
Content-Length: 15843


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   15843
Md5:    2a82ec9d142302b68a97d9df4e83188a
Sha1:   28117240bcffceb6837b45d4b3a41d385c13479f
Sha256: d62b7f2a46b72471a32428a68081ad4a428b33771eaada51c0458f552a7cad8e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request
Cookie: __cfduid=d87f5154c1d7c825c1aae2a8bd4ab34df1560776471

                                         
                                         104.18.25.243
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 17 Jun 2019 13:01:12 GMT
Content-Length: 1831
Connection: keep-alive
Expires: Fri, 21 Jun 2019 12:23:24 GMT
X-Powered-By: Undertow/1
Etag: "fc2a9a136a53186434bd569b8d07ab37da8438a9"
Last-Modified: Mon, 17 Jun 2019 12:23:24 GMT
X-Cache: HIT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e8535f74b5b428f-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    dc4ae20a7192fec163d723670f1bd93c
Sha1:   fc2a9a136a53186434bd569b8d07ab37da8438a9
Sha256: cc0a4ea1db814f890a72bf64eaeca8e343d2a6c25093d655416bed1629be5aa7
                                        
                                            GET /ests/2.1/content/cdnbundles/converged.v2.login.min_z1htakqfwzrhpmx9_wmc6w2.css HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Cache-Control: public, max-age=31536000
Content-Length: 18716
Content-Encoding: gzip
Content-MD5: whcd84i9hBldgXcC4B+QZQ==
Last-Modified: Mon, 13 May 2019 22:56:47 GMT
Etag: 0x8D6D7F647566C25
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a20700de-b01e-0000-67ed-213773000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0bdQCXQAAAAAdI8r/A65cTYYhx45F+b6YQU1TRURHRTA0MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GI8HXQAAAAA/08KV5OcbQ5OBKOUA1FxNU1RPRURHRTA4MTgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:12 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   18716
Md5:    c2171df388bd84195d817702e01f9065
Sha1:   868cfe564890d26aa6ab1c350cd285cb72818a27
Sha256: fb411898470c858255f31662418f7f3e279e9225922f0f23ca05a8cc59c5c766
                                        
                                            GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Cache-Control: public, max-age=604800
Content-Length: 17174
Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
Last-Modified: Fri, 02 Nov 2018 20:25:25 GMT
Etag: 0x8D6410152A9D7E1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d8b2cf8b-901e-0002-1a93-216177000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0dKUCXQAAAACnEbwu3r0vSKVj012WO07mQU1TRURHRTA1MTEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GI8HXQAAAADUqqFm4s7mR4YQp/uMCDQlU1RPRURHRTA4MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:11 GMT


--- Additional Info ---
Magic:  MS Windows icon resource - 6 icons, 16-colors
Size:   17174
Md5:    12e3dac858061d088023b2bd48e2fa96
Sha1:   e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
Sha256: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
                                        
                                            GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_ll9-c1j1nju3y_dxmtyxnq2.js HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: public, max-age=31536000
Content-Length: 10250
Content-Encoding: gzip
Content-MD5: y/Y9zz+BKktXNn8fy7Of1Q==
Last-Modified: Thu, 16 May 2019 02:11:32 GMT
Etag: 0x8D6D9A3D0C927D5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 62cfab0d-e01e-0075-5795-214279000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0AbACXQAAAACR2syZ79SLRYh6bV4HzV1YQU1TRURHRTA2MTIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GI8HXQAAAAD+/WoK6lU7TYY/3n/c2U5vU1RPRURHRTA4MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:11 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   10250
Md5:    cbf63dcf3f812a4b57367f1fcbb39fd5
Sha1:   6255598c0e30b6665dfe9f6ad60aa9f2712ca968
Sha256: 6babbcd82a7a8a5193e9bc9944b07fcd386ccd8f4c0c6e250311b1d04282a762
                                        
                                            GET /ests/2.1/content/cdnbundles/ux.converged.login.pcore.min_qsib_xcszy_tpu0gidz6sq2.js HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: public, max-age=31536000
Content-Length: 147076
Content-Encoding: gzip
Content-MD5: mA5E76sf2qQWkf9sa5WhuQ==
Last-Modified: Thu, 16 May 2019 02:11:30 GMT
Etag: 0x8D6D9A3CF6B5418
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f858182-301e-004c-65a6-21107b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0LJ4CXQAAAAATkpR5IaSwTJHDiNX02ez2QU1TRURHRTA2MTUAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GI8HXQAAAAB6Z/bTn19ZSrbnkUZJo/pkU1RPRURHRTA4MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:12 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   147076
Md5:    980e44efab1fdaa41691ff6c6b95a1b9
Sha1:   5e716902063808238a5cb48c17fc206c821a5236
Sha256: 693e58cb52b1282ed6d3a6f269f3792618088d7bd2963defb0963283c938befd
                                        
                                            GET /ests/2.1/content/images/info_f80c92602db0428ef47b2bb71ea236b4.png HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Content-Length: 692
Content-MD5: +AySYC2wQo70eyu3HqI2tA==
Last-Modified: Fri, 02 Nov 2018 20:25:27 GMT
Etag: 0x8D64101537D60FC
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fa8c6d5f-b01e-0068-72a5-212d40000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0sb0CXQAAAACBiO+pa6LVTI/QyFeHxmEtQU1TRURHRTA2MDYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAAD6P/4ndLZyRJAo0rfzIaBWU1RPRURHRTA4MTgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:12 GMT


--- Additional Info ---
Magic:  PNG image, 30 x 30, 8-bit/color RGBA, non-interlaced
Size:   692
Md5:    f80c92602db0428ef47b2bb71ea236b4
Sha1:   73529c10d2f60a2bf6c8c69a1f39cb7e4e93692b
Sha256: afcc7e04ef61367cec19a31abefa971a5239130ece1a09dc0ea50fe55599c08c
                                        
                                            GET /ests/2.1/content/images/ellipsis_grey_5bc252567ef56db648207d9c36a9d004.png HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Content-Length: 262
Content-MD5: W8JSVn71bbZIIH2cNqnQBA==
Last-Modified: Fri, 02 Nov 2018 20:25:23 GMT
Etag: 0x8D641015170BD44
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 230a0f55-a01e-005d-48ba-218b5b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 02sYCXQAAAAB85iavjjKgQqbAIILml2L3QU1TRURHRTA1MTEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAAB7j5XBKcyxTr9PJ3IdELsPU1RPRURHRTA4MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:13 GMT


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit gray+alpha, non-interlaced
Size:   262
Md5:    5bc252567ef56db648207d9c36a9d004
Sha1:   130a5c2367c1a9d0b6cb700e400eb9b96274fa0d
Sha256: 280eeeba7da255e0fbe039cadb63aede300d0c68a5c322035b89d39b12af8916
                                        
                                            GET /ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Content-Length: 1057
Content-MD5: 7ZyesNzhfXUr7eprWs2m2Q==
Last-Modified: Fri, 02 Nov 2018 20:25:31 GMT
Etag: 0x8D641015620C409
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6a564835-701e-001c-1094-217348000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 048cCXQAAAABbjwwqC+MAS6pldddIArUmQU1TRURHRTA1MTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAAAw+2CESQN7TadeFALp2upEU1RPRURHRTA4MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:12 GMT


--- Additional Info ---
Magic:  PNG image, 108 x 24, 8-bit/color RGBA, non-interlaced
Size:   1057
Md5:    ed9c9eb0dce17d752bedea6b5acda6d9
Sha1:   eca56c4904354eed5da0debcd6bd66856ab4784d
Sha256: f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
                                        
                                            GET /ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Content-Length: 207
Content-MD5: CtQwhIAP2LUKJXa1FzdG/g==
Last-Modified: Fri, 02 Nov 2018 20:25:24 GMT
Etag: 0x8D6410151EBB082
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cbb41f8f-101e-004e-6e95-21467f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0UqUCXQAAAACeBW2VjGF0Q6AdJbhjkZ3IQU1TRURHRTA0MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAADktZyD/v4sQadZYVMbbFhpU1RPRURHRTA4MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:12 GMT


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   207
Md5:    0ad43084800fd8b50a2576b5173746fe
Sha1:   97c08e6062ff37f6e7a6c65e94d693ccc9ccd443
Sha256: 2c03ee38a4eba6a047c3a5bacb3eb461efe14be8acd46ae772350a4dea2f0175
                                        
                                            GET /ests/2.1/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=604800
Content-Length: 2672
Content-MD5: Fm3lNHEmUlOrOkVt7+baIw==
Last-Modified: Fri, 02 Nov 2018 20:25:29 GMT
Etag: 0x8D6410154F5B6A5
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3527ae30-201e-0055-4db3-21d34a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0lacCXQAAAADLZ0hZhQ8MSJLWPjxzyXigQU1TRURHRTA2MTIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAADw50kG2J4RSKG+4QhPOg7AU1RPRURHRTA4MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:13 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 352 x 3
Size:   2672
Md5:    166de53471265253ab3a456defe6da23
Sha1:   17c6df4d7ccf1fa2c9efd716fbae0fc2c71c8d6d
Sha256: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
                                        
                                            GET /ests/2.1/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=604800
Content-Length: 3620
Content-MD5: tUCo5RgDcZLjLE/li/Lbqw==
Last-Modified: Fri, 02 Nov 2018 20:25:29 GMT
Etag: 0x8D6410154B877AA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ab021209-201e-0011-029e-21ac53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0rMACXQAAAADouccgujX4RoJqpBTK5XQpQU1TRURHRTA1MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAAAbVYmBxQkWT5jd8yVRc6xKU1RPRURHRTA4MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:12 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 352 x 3
Size:   3620
Md5:    b540a8e518037192e32c4fe58bf2dbab
Sha1:   3047c1db97b86f6981e0ad2f96af40cdf43511af
Sha256: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
                                        
                                            GET /ests/2.1/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=604800
Content-Length: 283351
Content-MD5: pdvUOT/2pyXH5ith335y8A==
Last-Modified: Fri, 02 Nov 2018 20:26:29 GMT
Etag: 0x8D6410178E329F6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a2403755-701e-001c-319a-217348000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0BJ8CXQAAAADToozi3hpfTrFPh1vT3qACQU1TRURHRTA2MjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0GY8HXQAAAACebNVjDMlERYjIZTd+vcBbU1RPRURHRTA4MTgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:13 GMT


--- Additional Info ---
Magic:  JPEG image data
Size:   283351
Md5:    a5dbd4393ff6a725c7e62b61df7e72f0
Sha1:   55b292f885ffc92abce18750b07aa4acfa4e903e
Sha256: 211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request
Cookie: __cfduid=d87f5154c1d7c825c1aae2a8bd4ab34df1560776471

                                         
                                         104.18.25.243
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 17 Jun 2019 13:01:14 GMT
Content-Length: 1831
Connection: keep-alive
Expires: Fri, 21 Jun 2019 12:23:15 GMT
X-Powered-By: Undertow/1
Etag: "c1b5a67c52f899f9407145ae247daed79514322b"
Last-Modified: Mon, 17 Jun 2019 12:23:15 GMT
X-Cache: HIT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e853607dee1428f-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    7866de79ed0999123ff344e59951ff74
Sha1:   c1b5a67c52f899f9407145ae247daed79514322b
Sha256: 0a53855bb1268089652051b2d66ccb71ca1ce76e5a16d86482269d38d9634448
                                        
                                            POST / HTTP/1.1 
Host: ocsp.msocsp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request
Cookie: __cfduid=d87f5154c1d7c825c1aae2a8bd4ab34df1560776471

                                         
                                         104.18.25.243
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 17 Jun 2019 13:01:14 GMT
Content-Length: 1831
Connection: keep-alive
Expires: Fri, 21 Jun 2019 11:25:13 GMT
X-Powered-By: Undertow/1
Etag: "7dd8e14f65ecfa55294f8344bcdb86b472ef0321"
Last-Modified: Mon, 17 Jun 2019 11:25:13 GMT
X-Cache: HIT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e8536086f3c428f-OSL


--- Additional Info ---
Magic:  data
Size:   1831
Md5:    58c3f0934f441f099a7bb07e21f73321
Sha1:   7dd8e14f65ecfa55294f8344bcdb86b472ef0321
Sha256: 2cf75377503e5188085adf31ad5e7d9149b24a3c37437244f3d3f61e6211e66b
                                        
                                            GET /dbd5a2dd-n2gkjn8j-qcl-mx-ls-dutpi4rg-cvz7jrs-m4emmnw/logintenantbranding/0/bannerlogo?ts=636795548618958207 HTTP/1.1 
Host: secure.aadcdn.microsoftonline-p.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         104.122.233.122
HTTP/1.1 200 OK
Content-Type: image/*
                                        
Content-Length: 4269
Content-MD5: aiycchfaP6U5DDtphiiP0w==
Last-Modified: Tue, 04 Dec 2018 21:14:22 GMT
Cache-Control: public, max-age=74209
Date: Mon, 17 Jun 2019 13:01:14 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   4269
Md5:    6a2c9c7217da3fa5390c3b6986288fd3
Sha1:   5b2ffeaae265da7c3362f1e27660367b3ed014d6
Sha256: 6b356283e8defd6d459b596e52c4c16d6edfbdb5f1218e0636ee4848c1f04636
                                        
                                            GET /f9f27055-d80d-47df-abb2-fa20cc88e4e1/winauth/iframe?client-request-id=c3715989-be52-44e5-920f-fff9b7f99cef&isAdalRequest=False HTTP/1.1 
Host: autologon.microsoftazuread-sso.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.microsoftonline.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/saml2?SAMLRequest=fZLLbtswEEX3%2FgpBe0mkHiZF2AbUuA8Drm3EbhfdFBQ5iolIpEpSdfL3haU2aQIk3HFmzsWdi1k43rU9qwZ%2F1rfwawDnZ0EQBA9dqx0bm8twsJoZ7pRjmnfgmBfsWH3dsjRGrLfGG2Ha8BX2PsWdA%2BuV0RO2WS%2FD%2Fe7jdv95s%2FtZ14QUgqI5mecoS2VRljLHFFHICeFlKUmW54WQE%2FodrFNGL8M0RuFsUnNugI12nmu%2FDFOEywjNI0xOOGMIM4x%2FTOganFea%2BxE%2Fe987liStuVM67pSwxpnGG90qDbEwXdKUTUpQUUSSIhnlRDYRr%2Bs0aniKhKAUcsDJdfV0kj%2F8TeaD0lLpu%2FcDqachx76cTofosD%2BeJpHqX1A3RruhA3sE%2B1sJ%2BHa7ffZ8MfY%2BImmKaYFp3HABtTH3o%2BlrazQV9%2Bc%2BXI2ai%2BufjSnZ1ZPG5fKSFKbruX5MMC5QjuZFQSnJcLZI%2Fqef9Xq24x1s1gfTKvE41q%2Fvk7Ed92%2FvjmM8VpSMmnGUQcdVW0lpwbnwSadqW3O5scA9LENvBwiDZDWbTW5e3u%2FqDw%3D%3D&RelayState=AbnNdamYyGHJypbsrocRELtcKH4xVXevVyYbnuxcHw0dYfMRuubFM-Gm0XgSQ2-jlsqnPXgevTQiSygg3Go2MaGEXI9YO0BosPsjRjmQ8ddoLEa48Fz-4Rz_Gji4HMuCe3VjEzJ3U56Di4vfXkOmI4oTNhhum3ihUuH2eRK9wkUESKMkEO4kQANvWjHXIj-dj1GqMAeMS0KMJdA0upLIfY-9HxVhnsZXC7LkFskgOxYGdRbw8_a1C29zIB6O3lGzUyQp5NgwD9OVR5gcu415xiUKxdJ8M7ctH2wfJDIaYR3By5hp0TRYFpS5hSWZh7CRDSmzLvfqQAJVtfQIcYz9eF3Q4WnxDRO2QtqNKRnc7mQ0dea-F8_jWefALf6PBjDmUuMTMcTDzzyyx_cAA4CfRe9SPEGBp9Nlx_qI7vBlpkRbHr7i2wURpKQmL5QvjbVuabRDNwJQnvIqAGUa1quRQ7gPAvUtbfmmAK4EueXDjHx2mwUfC2Orxf0YdvzniOFDNOpIdVVBK-2gVjv6cBCkOqoe8TfgtZoboxPwMuLEzWbuC3mciO5QRMVC0gAcvl4QTBQ

                                         
                                         40.126.9.65
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
x-ms-request-id: 59a15a19-cae5-4438-92d1-437dfe273400
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: fpc=Apopfr5_ZPtKhspLftjco9k; expires=Wed, 17-Jul-2019 13:01:15 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAADCoMpjJXrxTq9VG9te-7FXVcNTZVF7OA4eF70YQrU4pXrb4eaJ2PgDm49sgz18PD1kG935Xg36gTh0n9mZhTR9yfW26JsvLnijSEs1bBsMSjo77g2hfUcnFeCDB6DOTsvyiThte2WOuUIKIkY-eKsBqnobDcnEDt5tSTG-K6cjhN4cgiF2bmiwMSG_Q-7kHB0gAA; domain=.autologon.microsoftazuread-sso.com; path=/; secure; HttpOnly x-ms-gateway-slice=prod; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Date: Mon, 17 Jun 2019 13:01:14 GMT
Content-Length: 6239


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   6239
Md5:    8ac3e764a3d847cc50582d3f079174da
Sha1:   172506ed06fd26e1c8be4fd59572e7f31d45aca1
Sha256: c2135f1ad5a4c274ab4b1f9e66e994867e36f9bff22ce4fe973ea3827331134a
                                        
                                            GET /ests/2.1/content/cdnbundles/dsso.iframe.min_k0k4jk97xjqn1aqaq1xgvg2.js HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://autologon.microsoftazuread-sso.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/winauth/iframe?client-request-id=c3715989-be52-44e5-920f-fff9b7f99cef&isAdalRequest=False

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: public, max-age=31536000
Content-Length: 4462
Content-Encoding: gzip
Content-MD5: A3Kbh2gn78E4Vx1MqEBBuA==
Last-Modified: Fri, 26 Apr 2019 02:48:07 GMT
Etag: 0x8D6C9F19CD43830
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b88d631c-b01e-0044-6eb9-21486a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0HdMCXQAAAABVqx+DeV7tR4QRs5Pz6Y4YQU1TRURHRTA0MTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0G48HXQAAAABonhSeakUFSLNhurWWLIprU1RPRURHRTA4MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:15 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   4462
Md5:    03729b876827efc138571d4ca84041b8
Sha1:   0ff355ae560fac60775c045807d5def28f0a0fcf
Sha256: 0076e8db424ca2f96d8aef67f128b3a8990c0a105efff764654a50efa027f5de
                                        
                                            GET /ests/2.1/content/cdnbundles/jquery.1.11.min_3z194vh3l5oibjd0ejgm-q2.js HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://autologon.microsoftazuread-sso.com/f9f27055-d80d-47df-abb2-fa20cc88e4e1/winauth/iframe?client-request-id=c3715989-be52-44e5-920f-fff9b7f99cef&isAdalRequest=False

                                         
                                         13.107.246.10
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: public, max-age=31536000
Content-Length: 38881
Content-Encoding: gzip
Content-MD5: brVxodcwJD/zDpCOZlq9qA==
Last-Modified: Fri, 26 Apr 2019 02:48:10 GMT
Etag: 0x8D6C9F19EC86CCC
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0258995d-c01e-009b-6cb2-21f513000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
X-Azure-Ref-OriginShield: 0fa8CXQAAAADPyPCCCemNS7Wk1J2HwbQbQU1TRURHRTA0MTcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
X-Azure-Ref: 0G48HXQAAAAC/2tH4FC1VTYVSSpZev73lU1RPRURHRTA4MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
Date: Mon, 17 Jun 2019 13:01:14 GMT


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   38881
Md5:    6eb571a1d730243ff30e908e665abda8
Sha1:   5eaeeaf57e61311c8cbd751d215dc929fcba3d22
Sha256: c4c03f6859525ecb173a1bfb0b83d482ad2f7eb11c94e3987e433118f33c23e4