r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7954
Expires: Thu, 01 Dec 2022 18:16:18 GMT
Date: Thu, 01 Dec 2022 16:03:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3110
Cache-Control: max-age=155958
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 16:03:44 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:23:02 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14422
Expires: Thu, 01 Dec 2022 20:04:06 GMT
Date: Thu, 01 Dec 2022 16:03:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 15:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2736
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /0Am0179A9PJY2mLv7tmf6f9bv8IuD0kiNrZ58kVLDP1bPWOqpJ8xP9JFI8VLQKi7KSdJCUy01A=
x-amz-request-id: GHSQ3DQKYQJVH6X9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 15:46:19 GMT
age: 1045
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 16:03:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 15:08:56 GMT
cache-control: public,max-age=3600
age: 3289
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3155
Cache-Control: max-age=150939
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 16:03:45 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:59:24 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lz7J8N3zkpi5LiYooHtBrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: slsXJj3YC2mSERHCTTKPiwrqaco=
creator.microsoftstart.com/
40.112.243.98200 OK 27 kB URL HTTP/1.1 creator.microsoftstart.com/
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11795), with CRLF, LF line terminators
Hash cd42ec34b8c25dac950636c2eabd69b7
69cee1fd02ebc5a793a3008932cf28fb471e8839
908a8811e0091c9ae50d8bd3ca19d6014914a460a0a77b513f736599e6905c31
Analyzer Verdict Alert openphish Office365
GET / HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Length: 27428
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 16:03:45 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal; path=/
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30, ASP.NET
Link: <https://creator.microsoftstart.com/wp-json/>; rel="https://api.w.org/", <https://creator.microsoftstart.com/wp-json/wp/v2/pages/115>; rel="alternate"; type="application/json", <https://creator.microsoftstart.com/>; rel=shortlink
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06fc2114946e9805db925bf54fbb908b
2214214619ca63b6cdfad39a231a4aaba6c682c4
884ffbd3c4b70a88cd6b7fb2602b6693e8c1657c8a52a424d46db9e0c671251a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3076
Cache-Control: max-age=171756
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 16:03:46 GMT
Etag: "6388c04a-118"
Expires: Sat, 03 Dec 2022 15:46:22 GMT
Last-Modified: Thu, 01 Dec 2022 14:55:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
23.36.76.200200 OK 473 B URL HTTP/1.1 statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (342), with CRLF line terminators
Hash a40589609d8e75c109e93abbff0dcf60
76ae9c943d54022e24b90467713a73a431eddd6d
2c959c2618be84448b26de18639db8a66126449c6ebb29f4f6d33e00adb5b069
GET /statics/override.css HTTP/1.1
Host: statics-marketingsites-wcus-ms-com.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
ETag: 0x8D6EEC3A2D67C35
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0be3c9b2-601e-001b-2ec3-662498000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 473
Unused62: 8096267
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a4caf608c96f49743a168e19f3b38f99
3519cd559bdd170b20e6486aef16fb6f1e583359
4194a7822e85c12181dead8a7804f1e1707cc585c04def00f6654003152fd32b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4194A7822E85C12181DEAD8A7804F1E1707CC585C04DEF00F6654003152FD32B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8509
Expires: Thu, 01 Dec 2022 18:25:35 GMT
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
13.107.227.53200 OK 82 kB URL HTTP/2 wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (63888), with no line terminators
Hash e51f388b62281af5b4a9193cce419941
364f3d737462b7fd063107fe2c580fdb9781a45a
348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c
GET /mscc/lib/v2/wcp-consent.js HTTP/1.1
Host: wcpstatic.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=43200
content-length: 81726
content-type: application/javascript
content-encoding: gzip
content-md5: X1JOIM5h9UISVFS6+GfEew==
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
age: 14161
etag: 0x8DA85F6EA62BF74
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 86c35651-a01e-0025-4e7d-05214a000000
x-ms-version: 2009-09-19
x-azure-ref: 0YtCIYwAAAACF/gWhLUuVTb5p1UxWqSj+T1NMMjMxMDUwMjA0MDE3ADM5YjQ2MTU3LWNiOWUtNDliNy1hNjVhLTg3MjJhM2Y4MjRlNA==
date: Thu, 01 Dec 2022 16:03:45 GMT
X-Firefox-Spdy: h2
www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ef-a24652?ver=2.0&_cf=02242021_3231
23.38.201.156200 OK 23 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ef-a24652?ver=2.0&_cf=02242021_3231
IP 23.38.201.156:0
File type Unicode text, UTF-8 text, with very long lines (64241)
Hash 42c9e145515c1181de810dca8de80962
2124aa979e0b9df035541fafa3bc29aca7bcf665
335cc2a8c473151675f38c33b2486bebaddce3a0e9192ac89bfa10794bada11b
GET /onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ef-a24652?ver=2.0&_cf=02242021_3231 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Nov 2022 20:24:46 GMT
x-activity-id: dde950d7-71ff-4b5c-b3c7-79d8c3b97bd6
ms-cv: oRoE4eNYbECD9lie.0
x-appversion: 1.0.8335.36378
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-10-28T03:12:36.0000000Z}
ms-operation-id: a8448f896f24c445966ef58e69b443c6
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-11-15T20:24:46
x-s2: 2022-11-15T20:24:46
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 22647
cache-control: public, max-age=30169218
expires: Wed, 15 Nov 2023 20:24:04 GMT
date: Thu, 01 Dec 2022 16:03:46 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
23.38.201.156200 OK 36 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
IP 23.38.201.156:0
File type ASCII text, with very long lines (42133)
Hash aece1107107ca4280de0d98c1855bdbb
b84a2a75eef1fb21dc5dcb1866ec232c0323befa
4f747d96a6976d859279fa30bdc58af942826d562ba3cb14eb0243995fc9ce68
GET /onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 18 Oct 2022 17:39:10 GMT
x-activity-id: b6d3ee50-fcfc-4286-8cd2-662da3f3e5fe
ms-cv: ZDzyws/2PUSznH42.0
x-appversion: 1.0.8301.38639
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-09-24T05:27:58.0000000Z}
ms-operation-id: 670cf0f0a57d4141b0bc0910055ad5ab
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-10-18T17:39:10
x-s2: 2022-10-18T17:39:10
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 35604
cache-control: public, max-age=27740070
expires: Wed, 18 Oct 2023 17:38:16 GMT
date: Thu, 01 Dec 2022 16:03:46 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
152.199.19.161200 OK 2.3 kB URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
IP 152.199.19.161:0
File type ASCII text, with very long lines (5347), with no line terminators
Hash 85b7e8376f33628ff841fa41936b58a9
5596e4b19763b039486d80251bea6a569c06cff0
3095886c089d17d1e4063b88caac067a16aab1989b70937123dbf136096ca480
GET /public/latest/js/ws-tracking.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 531660
content-md5: FjqakIjSeEkZwkM9tXKB2Q==
content-type: application/x-javascript
date: Thu, 01 Dec 2022 16:03:46 GMT
etag: 0x8DACEDF5F5CC871
last-modified: Fri, 25 Nov 2022 12:19:59 GMT
server: ECAcc (ska/F6EF)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8fc27b11-201e-0028-5ac8-00320b000000
x-ms-version: 2009-09-19
content-length: 2325
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
152.199.19.161200 OK 78 kB URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
IP 152.199.19.161:0
File type ASCII text, with very long lines (65494)
Hash bee88fab0bef34c36b2741a197808062
49cd42f19809ab6e3cd622776d3058294d81acec
0a09921fc26a17863dd4264ce94ea91909d538cb110523bce3e49c7a56bb385d
GET /public/latest/js/form-loader.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 531660
content-md5: LcL8NFpRk2NpqGa1adfIug==
content-type: application/x-javascript
date: Thu, 01 Dec 2022 16:03:46 GMT
etag: 0x8DACEDF5F577204
last-modified: Fri, 25 Nov 2022 12:19:59 GMT
server: ECAcc (ska/F762)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: dcb8fdc0-a01e-0054-52c8-001cf4000000
x-ms-version: 2009-09-19
content-length: 78516
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 151.101.66.133:0
Hash caf114ba6239927f2b43eb3244a0c194
dea7877e5261e87439b7078ac7e65cc4994689fe
ab66ecd599486605c9213e1b2b019742ecf857d7cbae4bfc82e74422551d88c5
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "2C7FF39CB989D3020D074BE1E5B0D93C361759B8"
Expires: Fri, 02 Dec 2022 03:00:00 UTC
Last-Modified: Thu, 01 Dec 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Thu, 01 Dec 2022 16:03:46 GMT
Via: 1.1 varnish
Age: 3161
X-Served-By: cache-bma1622-BMA
X-Cache: HIT
X-Cache-Hits: 4
X-Timer: S1669910626.436147,VS0,VE0
creator.microsoftstart.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
40.112.243.98200 OK 12 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (47826)
Hash d963cf5ffb40df66de477b0746be9a2d
762bafeec6d33fbccdf714d23f9033d1c55398e5
bd2bab72fd366c7d3d1c1a248d7b5adee206f1b152ea0d36ed9fc231fd8fbe07
Analyzer Verdict Alert openphish Office365
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 12441
Content-Type: text/css
Date: Thu, 01 Dec 2022 16:03:45 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0824755df9d81:0"
Last-Modified: Wed, 16 Nov 2022 01:48:00 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
40.112.243.98200 OK 4.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (11126)
Hash d7498b2e9a206f75a43170a14cb61710
8705153ace5f41d24fe22cff7d8b8a788107e6c3
314196a1eb0642c6288854149f08530a1c7a8905a8cb983d8a5658f863e39a61
Analyzer Verdict Alert openphish Office365
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4172
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 16:03:45 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80c7a46e355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:59 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash e930409ce6909e3b73ce06e3dd7c42b9
1610f0cd3e24e1c22d2428231795cf1214ed93fb
236f86378ddb79c0161e3f0256fed8558b0f95a8d0eb854e62c2f5281b5f6326
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158212
Date: Thu, 01 Dec 2022 16:03:46 GMT
Etag: "63888812-1d7"
Expires: Sat, 03 Dec 2022 12:00:38 GMT
Last-Modified: Thu, 01 Dec 2022 10:55:14 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oZc1ReJBfvwI5neINschbfvfZrbAHFbtB4cmy7EpLvAP6lTp6NFKhQ==
Age: 3924
creator.microsoftstart.com/wp-content/themes/tailpress-1/js/app.js?ver=3.0.0
40.112.243.98200 OK 311 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/themes/tailpress-1/js/app.js?ver=3.0.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4f30e8224e0ec35208a42471d885f1e4
f9e5f2e2af43c9ff7f1a5ff1cd4a1e6a27c3e247
6fd382a047ff7f029e94c85ab3dd9ccfd6eb40f2b29ff7689a5830d1521f6ee6
Analyzer Verdict Alert openphish Office365
GET /wp-content/themes/tailpress-1/js/app.js?ver=3.0.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 311
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 16:03:45 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "73e87d52355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:11 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/themes/tailpress-1/css/app.css?ver=3.0.0
40.112.243.98200 OK 6.3 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/themes/tailpress-1/css/app.css?ver=3.0.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash a9adba825cef8da3841311c36cd57ac3
afe082eb71a1a11f2160a477241a83dd72d42126
5920e82db9d3e833556b114d08fdeb9f1e151db895e7220c7aba1554bcc662c4
GET /wp-content/themes/tailpress-1/css/app.css?ver=3.0.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6323
Content-Type: text/css
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "808f852355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:11 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 16:03:46 GMT
Connection: keep-alive
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.1.1
40.112.243.98200 OK 999 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 464985df062b4599b838ed2fee132d14
c5af26c62919a45926793cb11085b7babff9d158
a7444cec504d122cfcc0df83082facff7c4accd2055d4c450a590f21bbb9c734
GET /wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 999
Content-Type: text/css
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "08a7131df5d81:0"
Last-Modified: Thu, 10 Nov 2022 15:57:04 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 65939
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/login-page.css?ver=6.1.1
40.112.243.98200 OK 581 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/login-page.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 32a3f1a33c20576e3c3ea1a6e94cdb42
4f43d49c1975861527a7ecf1553e631c364b4865
654900e7461eb2a21517be0dcf1a4d1edc6210e288c9efc67e70cc6543abec3a
Analyzer Verdict Alert openphish Office365
GET /wp-content/plugins/login-with-azure/css/login-page.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 581
Content-Type: text/css
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e48dff131df5d81:0"
Last-Modified: Thu, 10 Nov 2022 15:57:04 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80FCQoAMFs1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:17 GMT
age: 65729
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 12723
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 65666
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 9250
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 65893
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.1.1
40.112.243.98200 OK 7.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 5ac6110046e2b9050633ecf390caea96
232317607e17db9c199606dec6ffe36d21aee1f0
a48324ebebace31d5cf6e7903611f05764c8d7a53fc34fe76b0be5304fca77e8
GET /wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6979
Content-Type: text/css
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "08a7131df5d81:0"
Last-Modified: Thu, 10 Nov 2022 15:57:04 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
40.112.243.98200 OK 5.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (15660)
Hash e919b35467412aa932ace3148fb30425
ac273cb8baf83657108f7bb2406d68b7d1fb15fd
507f2b556e850e651c7048bcd30351ee3da1e8d334c1b7bde1cd303ec5e80148
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4968
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0bbbbdaf06fd81:0"
Last-Modified: Wed, 25 May 2022 04:35:26 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1
40.112.243.98200 OK 1.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 192f497aacae1a97abdd1b6b84fc7737
9ccf73b7c2bc2a04caa02acbe4dbf36dc5e573f6
c3bd18b0b69758cc1c7f26e21e6ae7249081e912a02c888107cf9efa13d9f35a
GET /wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1210
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "848a3c29355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:02 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
40.112.243.98200 OK 31 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 874a5d69891caab86464492ef360dc81
d5101fb3ed501cc4b6fef258c39ba4e490da1b4c
d15bda5c7659b4c9293cb3ee2d92fcad99844a9e079aff090606f3a71270513d
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 31067
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 16:03:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0c66c5b71eed81:0"
Last-Modified: Wed, 02 Nov 2022 04:12:44 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
23.38.201.156200 OK 26 kB URL HTTP/2 www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
IP 23.38.201.156:0
File type Web Open Font Format, TrueType, length 26288, version 0.0\012- data
Hash d0263dc03be4c393a90bda733c57d6db
8a032b6deab53a33234c735133b48518f8643b92
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 14 Jun 2022 13:23:15 GMT
x-activity-id: 433fff9c-ac1c-4827-bb3b-a2ca5fa6dd83
ms-cv: /0+3RKV7ykuNLoKI.0
x-appversion: 1.0.8167.41521
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-05-13T07:04:02.0000000Z}
ms-operation-id: 2f08fc2d143919438bfe914fdfecfc02
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=16838375
expires: Wed, 14 Jun 2023 13:23:22 GMT
date: Thu, 01 Dec 2022 16:03:47 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
fonts.cdnfonts.com/s/15051/Segoe%20UI.woff
104.26.14.62200 OK 20 kB URL HTTP/2 fonts.cdnfonts.com/s/15051/Segoe%20UI.woff
IP 104.26.14.62:0
File type Web Open Font Format, TrueType, length 19904, version 0.0\012- data
Hash 9a2931180d6b1dc7b33052657eef554b
77b8f3cb5410c779206782a310990c19af2b02ca
f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663
GET /s/15051/Segoe%20UI.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://fonts.cdnfonts.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:47 GMT
content-type: font/woff
content-length: 19904
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "4dc0-5d73bbbd3e296"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 10418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgk7qZxs33F2QlYB0VjvYtU5QiFQLuXqWzzp%2FbS3o9adfZp8ppul6SsM0QZmrYJFkMoWaKMo0lbcGIjfIzRchfPENET34raCb83B9sWhdU1xBQXv2rwSLBd3tXMTIXwYakG1Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 772d0e0c380a0b59-OSL
X-Firefox-Spdy: h2
fonts.cdnfonts.com/s/15051/Segoe%20UI%20Bold.woff
104.26.14.62200 OK 20 kB URL HTTP/2 fonts.cdnfonts.com/s/15051/Segoe%20UI%20Bold.woff
IP 104.26.14.62:0
File type Web Open Font Format, TrueType, length 20444, version 0.0\012- data
Hash 52382539737f4e9913e4bf6b9966bee3
d58d3dc5ff86fe8ff594134df53ea9b8074f6bc6
d711a54cb4822ccf7926b1a95b7a43107fcfe8ef99a817e6906a1063657c7b28
GET /s/15051/Segoe%20UI%20Bold.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://fonts.cdnfonts.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:47 GMT
content-type: font/woff
content-length: 20444
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "4fdc-5d73bbbd3deae"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 10418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHVYQjFRy3GvIEk4ZxtcC9qw%2F8O3LuIBQ3bp%2BSWRrmgLee4AIKrSUdVSv9alU7GbRTMO78wo7x2tGEYlvSdKTIYXZJ2hg8OUdp8tjRDl%2BNdLhTpy8%2BmvZzzp0zheiQfnaoDA5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 772d0e0c68370b59-OSL
X-Firefox-Spdy: h2
www.socialintents.com/json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1669910625673
44.241.47.149200 OK 128 B URL HTTP/2 www.socialintents.com/json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1669910625673
IP 44.241.47.149:0
Hash fd0614c274deceba828b50cd0b9dd1a2
3b150ad13bf09f3fc04ade698efb11f5f21596a6
eaf8c9505e4665fb9e74c4ede987c7d7db33f5843e1eeb020a550f46cf396111
GET /json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1669910625673 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=x9e2hWosKmejS6DdJ/WGhuDkCP9YZsUBCYX0acv6Upja4fWML4UE+kuTbSVwlJ97J7/9isTvxPTLaoT5mJ1B0QqU6PKBL+eTH7erG+XPVSx/G3ZirRuh5DNQAO5Z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:47 GMT
content-type: application/json;charset=UTF-8
content-length: 128
set-cookie: AWSALB=YgvUDqZ2ekKkOHZaEE2AgF+lTXnOWHmS77dfzn6Md2MDqGzK5EGpolqVGykZrfgJRRmh44kbUELvVQ89SO/lxv6OLqpjTFdR/lpvbMvz/nUIqRujkeATw/Q1twbY; Expires=Thu, 08 Dec 2022 16:03:47 GMT; Path=/
AWSALBCORS=YgvUDqZ2ekKkOHZaEE2AgF+lTXnOWHmS77dfzn6Md2MDqGzK5EGpolqVGykZrfgJRRmh44kbUELvVQ89SO/lxv6OLqpjTFdR/lpvbMvz/nUIqRujkeATw/Q1twbY; Expires=Thu, 08 Dec 2022 16:03:47 GMT; Path=/; SameSite=None; Secure
JSESSIONID=444A6A21E2C438C1D4E1E1B1E4C4D4F8; Path=/; Secure; SameSite=None; Secure; HttpOnly; SameSite=None
server: nginx/1.20.0
X-Firefox-Spdy: h2
creator.microsoftstart.com/app.css
40.112.243.98404 Not Found 25 kB URL HTTP/1.1 creator.microsoftstart.com/app.css
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11795)
Hash c3071462a991bb44a044f72e84ba1230
3a88840e61cb6b570f7620a4d638b04a14d6cfe7
3c5200e07649cdd6b93753486f9126b0840a74cb340f4a576168d01cb2f7c444
Analyzer Verdict Alert openphish Office365
GET /app.css HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 25030
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Pragma: no-cache
X-Powered-By: PHP/7.4.30, ASP.NET
Link: <https://creator.microsoftstart.com/wp-json/>; rel="https://api.w.org/"
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
23.36.76.200200 OK 4.1 kB URL HTTP/2 img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f14c20150a003d7ce4de57c298f0fba
daa53cf17cc45878a1b153f3c3bf47dc9669d78f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
GET /cms/api/am/imageFileData/RE1Mu3b?ver=5c31 HTTP/1.1
Host: img-prod-cms-rt-microsoft-com.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
last-modified: Thu, 10 Nov 2022 17:11:49 GMT
x-source-length: 4054
x-datacenter: northeu
x-activityid: 3299048c-d60d-46f5-a1f5-a85a9486614a
timing-allow-origin: *
x-frame-options: DENY
x-resizerversion: 1.0
content-length: 4054
cache-control: public, max-age=176954
expires: Sat, 03 Dec 2022 17:13:01 GMT
date: Thu, 01 Dec 2022 16:03:47 GMT
X-Firefox-Spdy: h2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
23.38.201.156200 OK 34 kB URL HTTP/2 c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
IP 23.38.201.156:0
File type Web Open Font Format (Version 2), TrueType, length 34052, version 0.0\012- data
Hash 36397a3bc139c6e9f81d383f060f080a
3f4f86c10920d4ed345f4858b6cde9f93e1aeb81
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
GET /static/fonts/segoe-ui/west-european/normal/latest.woff2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 34052
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "588d483e9c7d51:0"
cache-control: public, max-age=305726
expires: Mon, 05 Dec 2022 04:59:14 GMT
date: Thu, 01 Dec 2022 16:03:48 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/story-background.svg
40.112.243.98200 OK 852 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/story-background.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (492), with CRLF line terminators
Hash 5a536937285b2d1ab10617fbd4174878
07b2c4621df05bb33d16f47ddc6133d3b47f485a
412bae5ce0f1717032f7ab2706b1a99f0aedc40cbfb967c0fd860fa7dec66614
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/story-background.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 852
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "27fb275c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/edge.png
40.112.243.98200 OK 247 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/edge.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 247 kB (246987 bytes)
Hash 7922dc45abf6f6bebf350629e6ebb8ed
6d12fc33e8ed79edfb7946b25b366cbf416afffb
f79d82c0a50950d392b79f3d5d620e666a3fd093381a530da4f3fd239d924d02
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/edge.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 246987
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "405c405b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/msn.png
40.112.243.98200 OK 214 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/msn.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 214 kB (213560 bytes)
Hash 1c150c89d0a4a78006d507fbd646116d
81d1548d953390d06869af017538e498e5660a53
ba1012daa04a936f14b6ac8d3ba5f34b017bd9acfbff84bb5df7db74f5c272ec
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/msn.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 213560
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "44751e5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/banner.png
40.112.243.98200 OK 525 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/banner.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1600 x 788, 8-bit colormap, non-interlaced\012- data
Size 525 kB (525408 bytes)
Hash 1dfab9f95fc510fb538cc0af96014ce9
8c23771fc2413864cd0ebee84cb31ad085a82598
0d3fd94190ffa51a5c4440f2c1999f99f84cadca9c1390d6f41735c8ced9d39b
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/banner.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 525408
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "54aeb35a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/connect.svg
40.112.243.98200 OK 2.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/connect.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1010), with CRLF line terminators
Hash eb5dc0e1905f09808aad0b9a4f5615dc
682be40dfc6e28b69b74865f0563d1838ea2dd52
11005bd96e1d108ddc55dacadcbfb3ea50b2f69feea6d6a9e0f6a63f91981903
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/connect.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2110
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "eb8595b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/mobile.png
40.112.243.98200 OK 137 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/mobile.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 137 kB (137372 bytes)
Hash d96597c5a9698e2a3e783d7d4ad92f37
6f41c4c5665b892dff585697d06d344ac6e549aa
da9bb7c6952e5d5a8d0952b5494538f3c3906a6910b2036f9c923010b5c33d49
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/mobile.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 137372
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "cefaf75b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/create.svg
40.112.243.98200 OK 1.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/create.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (508), with CRLF line terminators
Hash c064ebf61129e717c0090b27f3cb677d
9bec4ea8cd0cef1b6ddbbcd4a7c876be77031158
3c1e09bc4d171035121d72b0ab7c6d1e71a94b1112cfc9c7142e8b396a01241e
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/create.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1588
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "e070155b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/widget.png
40.112.243.98200 OK 268 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/widget.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 268 kB (268105 bytes)
Hash 9f619afc0185cf5c10242b82f81f2977
2d9e446262dafbb0cf0b2f31b486a19580d7c03b
ad3bdda423eb8ed56307d0de294d2c73a451800ee14cab4838e1e5932eecdaa7
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/widget.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 268105
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "b8e99f5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/go-global.svg
40.112.243.98200 OK 5.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/go-global.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5049), with CRLF line terminators
Hash 0e4e4ce3e5ac354ec5d282374c32515c
2b07f75e5720b98fedb30c6078359b97712362a7
db80a6fd749d6313a9bebc98ea2f2df49bd4465a0dbcb39b099ca42a434d7beb
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/go-global.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5156
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "fe58bc5b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/cash.svg
40.112.243.98200 OK 2.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/cash.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1337), with CRLF line terminators
Hash 4a487df08185f0b7c699e1d4dc5f4fc1
4c6ee04056780cd6d7d0cc48bfa295fa842929f5
28e530b34e424d16913a64a097d31e5c30d59fa65b2635f0c7c2595d33e302ad
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/cash.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2436
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "f75d25b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.svg
40.112.243.98200 OK 2.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1526), with CRLF line terminators
Hash a9d28edd90bb3a81da0221739efb31ae
85349b5c92f4e7b917b2b82c0e3867311e03634f
458167ee38f217b85c466deed29e7a6a48bd955369ab7fcb951d02e297e1f333
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/build-your-brand.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2864
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5aaef15a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/whats-in-it.png
40.112.243.98200 OK 510 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/whats-in-it.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1148 x 900, 8-bit colormap, non-interlaced\012- data
Size 510 kB (510253 bytes)
Hash a8e68c0b8fc857ed454faa5cad9c869c
5be8c7a101a12c223b86c62c76e6104a125d748e
cc9aa8fd259c660ba18b0b93754c47e9a324f2aaffcaedae2b5d9bdbfb5ec208
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/whats-in-it.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 510253
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1495795c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.svg
40.112.243.98200 OK 5.8 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5659), with CRLF line terminators
Hash 8a35fbcac86cc7d9a9674e77b48e4986
4f98074ee42113ba8144f486673636312d0e2c6c
636715bed5c7a0312773fc4ffae1920a8e978c1064fe8cab1e611577bab90bf7
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/get-paid.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5766
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "59476b5b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/los-angeles.png
40.112.243.98200 OK 2.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/los-angeles.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 194 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash c54ab89f392e64d47ed4ab9b5b2c25a5
6889092028caada6ffb011460ddbc0d85f97388c
ee2db7658ed3f7f0334608b4b59ac4d135ce0dd8c661b2ff078651ecbcb6bb54
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/los-angeles.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2035
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "032d45b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/usa-today.png
40.112.243.98200 OK 2.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/usa-today.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 121 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e6c75f43447416a5fff9ddff06f0ce1
abd8284784abbec80b84b703112905580a27d258
68789000567b30903d14da6f207c2c0960ae9b31d5644895c75a26e33dc5c957
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/usa-today.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2052
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "27e8495c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/univision.png
40.112.243.98200 OK 2.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/univision.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 159 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 6cf75a2dc00c4aaa672849df41f901cd
f1dc2962a32d220364923ce6ee7855a9d21a20aa
0d15ffc033dcc15878265026608a21591cc82d1de1f4fe3c6fc0e07e243bd930
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/univision.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2220
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5e20455c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/bloomberg.png
40.112.243.98200 OK 2.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/bloomberg.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 133 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eacfa7d66abcc577ef245511358cd69
a1e08be805b13f2f95fc8a391449357cafa75516
7e28c4ab0b9e48d9821fdc26f15d32e508ee3321be203739ef351e4fd5c7153c
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/bloomberg.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2174
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "ced5ba5a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/reuters.png
40.112.243.98200 OK 3.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/reuters.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 146 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 62102294aa1b0579b2c6a3c5add52b53
92f40c07130228c7419a512fc0e08f53a615024f
5151c7945712723b6ac224d010f1fa52d37bd1e8a48a14221a726e6525caaefb
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/reuters.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3235
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "7036235c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/traveler.png
40.112.243.98200 OK 2.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/traveler.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 107 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e56ab46b01dc0b9615f23d750eb7c76
65674c87cb02af6ca74dcf3bac68bd6803a82ddf
2a622b2278b184518c0f600dad5eae7864c23443e732d75476e7d8c0baacdc74
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/traveler.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2625
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "10c12c5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/wordpress.png
40.112.243.98200 OK 9.5 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/wordpress.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 232 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash a52012cb47b36f2c610afbf0481c089c
f0ff1f3feef7c6347d767e019396549ec6805882
edbf851a2253eeb712d35ee7aef31e6a6eb4218d06c7c5a66d23e6804abfc530
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/wordpress.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 9533
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "cd2bc5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/ugc.png
40.112.243.98200 OK 4.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/ugc.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 476 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash f5b6f4b8ad7e1df289c83dd4015f9346
0e9a048e3c348c1a6d1db5458dd4e0a0bd65cbdc
db72a946daec1766460be9d25fe0ecfb0fcf814f6378ae6de70025156e188a8a
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/ugc.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4921
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "15f3b5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.png
40.112.243.98200 OK 334 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1190 x 828, 8-bit colormap, non-interlaced\012- data
Size 334 kB (333709 bytes)
Hash 06354125987528dad64794dfe0bf5464
320e5ccb00edd481595d5fec5d8a0e7f5c036e7e
7a79d57a9440bb5803f227bef463e267c4d286604c8e66a4ed9114c38a3eafcf
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/get-paid.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 333709
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "620645b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/V4OTc6mfHzktcx5SMLVdLm6ToWLwSCGRUVFJkJHn/j-3Hv6i3?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=9935750269
52.159.151.194200 OK 1.9 kB URL HTTP/2 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/V4OTc6mfHzktcx5SMLVdLm6ToWLwSCGRUVFJkJHn/j-3Hv6i3?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=9935750269
IP 52.159.151.194:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- C source text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1861), with no line terminators
Hash b8cfc9e4b47625f2628a037842b37745
26e301c8e03f5cd4a59b82f59a523575d495eb70
cceb6c632a62790fc0cf80bf0409c28f705c54bfcd18461cea14ba5241961d32
GET /t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/V4OTc6mfHzktcx5SMLVdLm6ToWLwSCGRUVFJkJHn/j-3Hv6i3?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=9935750269 HTTP/1.1
Host: 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 1861
content-type: text/html; charset=utf-8
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
set-cookie: 79f08280-5c63-4331-b04d-fb6f39afda51=qZGGEXSCg_iGPkOJsGLYvh67uYMHQMI1L2Ge3Us8q8o; expires=Sat, 30 Nov 2024 16:03:49 GMT; path=/; secure; httponly; SameSite=None
319af4c0-e197-4de9-8a9b-fe98c8a2ca04=qZGGEXSCg_iGPkOJsGLYvh67uYMHQMI1L2Ge3Us8q8o; path=/; secure; httponly; SameSite=None
x-activity-id: 18867c71-2910-4b7a-9d30-88bebc78125b
x-servicefabricrequestid: ac6f2115-53cc-41a5-aa5a-197779f485ee, ad765369-df63-409a-9bce-0bea6eb77cd0
x-ms-activity-id: 18867c71-2910-4b7a-9d30-88bebc78125b
api-deprecated: False
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 16:03:48 GMT
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.png
40.112.243.98200 OK 1.3 MB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1190 x 828, 8-bit/color RGB, non-interlaced\012- data
Size 1.3 MB (1308287 bytes)
Hash a558a67b034909a8e3f5ca4b1223e21f
fc859ece9c39b2633db0302ced4b4802ae95bab0
34135b3bacf539cde2e9518ab805938dc4a56fe41b8e953db58313a086592486
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/build-your-brand.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1308287
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1fe8ec5a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png
40.112.243.98200 OK 2.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 19d3e69ac575036cd017be290595f562
51548f898f815322d53098dbdb83d83408de08fe
4abe4bbebbba439032d8d36fd068948b4d67cd9f6bf5d7b51d26951ee09698b0
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=1c88jp7o4rsphcmvta7df3elal; msd365mkttr=V4OTc6mfHzktcx5SMLVdLm6ToWLwSCGRUVFJkJHn; msd365mkttrs=j-3Hv6i3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2362
Content-Type: image/png
Date: Thu, 01 Dec 2022 16:03:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "71a7342bd75fd81:0"
Last-Modified: Wed, 04 May 2022 16:51:15 GMT
X-Powered-By: ASP.NET
www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1669910625674
44.241.47.149200 OK 54 kB URL HTTP/2 www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1669910625674
IP 44.241.47.149:0
Hash 63c2a746c84b42e1eb74e3b64f18950a
7fa30eecfdd77e12f13955c5333ba4f3f08cda10
cf8c136acfbc0082c6d795f01660f4a4ae5bc532372f8f55715bc5433d19fe32
GET /api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1669910625674 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=CVf2kw3Ev4hlbEfrNFWuLUedftd7cqyeVHI/P5sNBHdFLoa4yGURD+7Q4Dfp74GkXPY9XqzmLJtmJMLjmyTUw4PUeDPJ88kCCU2m5nM5ne3hcbTuSNujhaTPmFgx; JSESSIONID=444A6A21E2C438C1D4E1E1B1E4C4D4F8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:49 GMT
content-type: text/javascript;charset=UTF-8
set-cookie: AWSALB=DzM9qp9TaZV4ev/Wt8FtIkj5OmXM3O17wctZym+KkQw9zr4aRU6QD62ZNwvnPfXPIo9syCuCLaGHoXYVTalpOLkBalsxXsItGez0rAjew9CmHes8fspaCrbsOMf/; Expires=Thu, 08 Dec 2022 16:03:49 GMT; Path=/
AWSALBCORS=DzM9qp9TaZV4ev/Wt8FtIkj5OmXM3O17wctZym+KkQw9zr4aRU6QD62ZNwvnPfXPIo9syCuCLaGHoXYVTalpOLkBalsxXsItGez0rAjew9CmHes8fspaCrbsOMf/; Expires=Thu, 08 Dec 2022 16:03:49 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/socialintents.1.3.js
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/api/chat/socialintents.1.3.js
IP 44.241.47.149:0
GET /api/chat/socialintents.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=YgvUDqZ2ekKkOHZaEE2AgF+lTXnOWHmS77dfzn6Md2MDqGzK5EGpolqVGykZrfgJRRmh44kbUELvVQ89SO/lxv6OLqpjTFdR/lpvbMvz/nUIqRujkeATw/Q1twbY; JSESSIONID=444A6A21E2C438C1D4E1E1B1E4C4D4F8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:47 GMT
content-type: application/javascript
set-cookie: AWSALB=Iy3lVO7d2iKxyoC20mkFUxPNrdweaRyneIkPzS14EKXS8y7bKeO9G6wjoYDaQ5CDWh6PBZTb6t61jh5n6Ue/bcSgykd/lXdn0w6c2h1QAyuqTqveXYTxpEmbb1mL; Expires=Thu, 08 Dec 2022 16:03:47 GMT; Path=/
AWSALBCORS=Iy3lVO7d2iKxyoC20mkFUxPNrdweaRyneIkPzS14EKXS8y7bKeO9G6wjoYDaQ5CDWh6PBZTb6t61jh5n6Ue/bcSgykd/lXdn0w6c2h1QAyuqTqveXYTxpEmbb1mL; Expires=Thu, 08 Dec 2022 16:03:47 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
etag: W/"8854-1668526892000"
last-modified: Tue, 15 Nov 2022 15:41:32 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.socialintents.com/assets/css/si-include-chat.min.css
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/assets/css/si-include-chat.min.css
IP 44.241.47.149:0
GET /assets/css/si-include-chat.min.css HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=Iy3lVO7d2iKxyoC20mkFUxPNrdweaRyneIkPzS14EKXS8y7bKeO9G6wjoYDaQ5CDWh6PBZTb6t61jh5n6Ue/bcSgykd/lXdn0w6c2h1QAyuqTqveXYTxpEmbb1mL; JSESSIONID=444A6A21E2C438C1D4E1E1B1E4C4D4F8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:48 GMT
content-type: text/css
set-cookie: AWSALB=CVf2kw3Ev4hlbEfrNFWuLUedftd7cqyeVHI/P5sNBHdFLoa4yGURD+7Q4Dfp74GkXPY9XqzmLJtmJMLjmyTUw4PUeDPJ88kCCU2m5nM5ne3hcbTuSNujhaTPmFgx; Expires=Thu, 08 Dec 2022 16:03:48 GMT; Path=/
AWSALBCORS=CVf2kw3Ev4hlbEfrNFWuLUedftd7cqyeVHI/P5sNBHdFLoa4yGURD+7Q4Dfp74GkXPY9XqzmLJtmJMLjmyTUw4PUeDPJ88kCCU2m5nM5ne3hcbTuSNujhaTPmFgx; Expires=Thu, 08 Dec 2022 16:03:48 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
etag: W/"5777-1668526892000"
last-modified: Tue, 15 Nov 2022 15:41:32 GMT
cache-control: max-age=864000
expires: Sun, 11 Dec 2022 16:03:48 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/alpinejs@3.7.1/dist/cdn.min.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/alpinejs@3.7.1/dist/cdn.min.js
IP 104.16.126.175:0
GET /alpinejs@3.7.1/dist/cdn.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"91b0-4rQh4geG7pykXp4ge/uD1c4uE6k"
via: 1.1 fly.io
fly-request-id: 01G4XF127DR67PH99Z1T9RWFXY-fra
cf-cache-status: HIT
age: 15359477
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d0e066b1e0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.cdnfonts.com/css/segoe-ui-4
104.26.14.62200 OK 0 B URL HTTP/2 fonts.cdnfonts.com/css/segoe-ui-4
IP 104.26.14.62:0
GET /css/segoe-ui-4 HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:46 GMT
content-type: text/css;charset=UTF-8
cf-bgj: minify
cf-polished: origSize=786
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 3010407
last-modified: Thu, 27 Oct 2022 19:50:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfBElm3%2FxrQuHAjx8G66QMVm9QNM%2BFYrrTV%2FDzh4wUBFK1tRkgf%2FesQnsbDdhgfjIInIUfIWrKOEB945%2BiHaD4V1EiWP5rB4aFgfQpdIMfXuLGJkOuCUzbx%2FKkAEYeXbUVoGEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 772d0e068d58b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.socialintents.com/api/socialintents.1.3.js
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/api/socialintents.1.3.js
IP 44.241.47.149:0
GET /api/socialintents.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 16:03:46 GMT
content-type: application/javascript
set-cookie: AWSALB=x9e2hWosKmejS6DdJ/WGhuDkCP9YZsUBCYX0acv6Upja4fWML4UE+kuTbSVwlJ97J7/9isTvxPTLaoT5mJ1B0QqU6PKBL+eTH7erG+XPVSx/G3ZirRuh5DNQAO5Z; Expires=Thu, 08 Dec 2022 16:03:46 GMT; Path=/
AWSALBCORS=x9e2hWosKmejS6DdJ/WGhuDkCP9YZsUBCYX0acv6Upja4fWML4UE+kuTbSVwlJ97J7/9isTvxPTLaoT5mJ1B0QqU6PKBL+eTH7erG+XPVSx/G3ZirRuh5DNQAO5Z; Expires=Thu, 08 Dec 2022 16:03:46 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
etag: W/"5483-1668526892000"
last-modified: Tue, 15 Nov 2022 15:41:32 GMT
content-encoding: gzip
X-Firefox-Spdy: h2