{"report_id":"396a2938-b5e4-4aea-b58e-d3bfc1b90f17","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2023-10-20T13:37:00Z","url":{"schema":"http","addr":"go.skimresources.com/?id=129857X1600501\u0026url=https://r.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"go.skimresources.com","domain":"skimresources.com","tld":"com"},"ip":{"addr":"35.190.25.30","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","domain":"renshawauto.com","tld":"r2.dev"},"title":"Sign in to your Microsoft account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T18:57:57Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"google.com","ip":{"addr":"216.58.207.206","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":1,"first_seen":"2013-10-02 17:25:49","last_seen":"2023-10-17 18:16:37","alert_count":0,"request_count":1,"received_data":1333,"sent_data":603,"comment":"","tags":null,"fingerprints":null},{"fqdn":"a4fnxpxeijbxkhyu.colplat.com","ip":{"addr":"198.54.120.90","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":524,"sent_data":435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","ip":{"addr":"104.18.2.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2023-07-11 08:36:29","last_seen":"2023-10-20 03:17:49","alert_count":2,"request_count":2,"received_data":131303,"sent_data":1112,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2023-10-19 20:01:49","alert_count":0,"request_count":1,"received_data":30657,"sent_data":439,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.ipify.org","ip":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"domain_registered":"2014-01-05","domain_rank":3267,"first_seen":"2014-10-06 14:38:43","last_seen":"2023-10-19 18:12:44","alert_count":0,"request_count":1,"received_data":205,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.smore.com","ip":{"addr":"52.37.216.177","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2003-04-06","domain_rank":16660,"first_seen":"2013-01-09 20:50:21","last_seen":"2023-10-19 14:56:30","alert_count":0,"request_count":1,"received_data":1136,"sent_data":574,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.35","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-10-19 18:12:01","alert_count":0,"request_count":3,"received_data":2098,"sent_data":999,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.100","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2023-09-20 20:05:47","alert_count":0,"request_count":1,"received_data":1488,"sent_data":628,"comment":"","tags":null,"fingerprints":null},{"fqdn":"smtpjs.com","ip":{"addr":"109.169.71.112","port":443,"asn":20860,"as":"Iomart Cloud Services Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2016-01-30","domain_rank":309535,"first_seen":"2016-02-01 17:59:05","last_seen":"2023-10-19 19:05:57","alert_count":0,"request_count":1,"received_data":1180,"sent_data":425,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.sectigo.com","ip":{"addr":"104.18.15.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-08-16","domain_rank":487,"first_seen":"2019-11-29 12:50:24","last_seen":"2023-10-20 02:02:14","alert_count":0,"request_count":1,"received_data":963,"sent_data":330,"comment":"","tags":null,"fingerprints":null},{"fqdn":"go.skimresources.com","ip":{"addr":"35.190.25.30","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2010-07-14","domain_rank":39908,"first_seen":"2015-11-12 02:55:41","last_seen":"2023-10-19 23:38:18","alert_count":0,"request_count":1,"received_data":514,"sent_data":610,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.r2m03.amazontrust.com","ip":{"addr":"143.204.53.97","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-05-11","domain_rank":0,"first_seen":"2023-02-21 01:06:24","last_seen":"2023-10-20 01:09:32","alert_count":0,"request_count":1,"received_data":942,"sent_data":340,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r.smore.com","ip":{"addr":"52.37.216.177","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2003-04-06","domain_rank":90859,"first_seen":"2016-10-15 00:41:28","last_seen":"2023-10-19 15:00:32","alert_count":0,"request_count":1,"received_data":434,"sent_data":558,"comment":"","tags":null,"fingerprints":null},{"fqdn":"login.microsoftonline.com","ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"domain_registered":"2002-07-09","domain_rank":25,"first_seen":"2017-02-19 08:06:40","last_seen":"2019-07-18 10:58:27","alert_count":0,"request_count":3,"received_data":39330,"sent_data":4018,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.office.com","ip":{"addr":"13.107.6.156","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"1999-04-20","domain_rank":2755,"first_seen":"2014-02-12 02:02:36","last_seen":"2023-10-20 00:53:36","alert_count":0,"request_count":2,"received_data":2722,"sent_data":1146,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2023-10-19 18:12:35","alert_count":0,"request_count":15,"received_data":312353,"sent_data":7842,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-20T13:36:45Z","timestamp":1697809005,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51800,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup","source":"{\"timestamp\":\"2023-10-20T13:36:45.011024+0000\",\"flow_id\":1576006077721360,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.136\",\"src_port\":51800,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047702,\"rev\":1,\"signature\":\"ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":4919,\"rrname\":\"api.ipify.org\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-10-20T13:36:45.011024+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-10-20T13:36:45Z","timestamp":1697809005,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup","source":"{\"timestamp\":\"2023-10-20T13:36:45.011281+0000\",\"flow_id\":1663756554546193,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.136\",\"src_port\":39679,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047702,\"rev\":1,\"signature\":\"ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13770,\"rrname\":\"api.ipify.org\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-10-20T13:36:45.011281+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-10-20T13:36:45Z","timestamp":1697809005,"ip_dst":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":32800,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2023-10-20T13:36:45.407546+0000\",\"flow_id\":816917852787674,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.136\",\"src_port\":32800,\"dest_ip\":\"173.231.16.77\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2023-10-20T13:36:45.070618+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-10-20","alert":"Outlook","trigger":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html","verdict":"phishing","severity":"medium","comment":"Outlook","link":"https://openphish.com","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-10-20","alert":"Outlook","trigger":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html","verdict":"phishing","severity":"medium","comment":"Outlook","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"078aa0c0095bf30146cec4488ac9fc95","sha1":"456db9ce2d4bc93494e522b80f1cc42345278cd4","sha256":"15aaa7575c45564fca086bbc3ef04bef2758533deaa42c35d41a614136bc2874","sha512":"f48874584b39621f8a586d326524a7d8a3b5806fffe0d427267c67e2a973a8e841f5fee1bb574d4597cc21856a0d706f56f633ac6a91046661c76c00429518d8","ssdeep":"","tlshash":"eac00003e0c2aa22a80ea03e0200a002008a0008ca0c032800b00302880a8808a220c2","size":181,"data":"","first_seen":"2023-06-21T13:07:48Z","last_seen":"2024-08-21T09:27:39.762356Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","domain":"renshawauto.com","tld":"r2.dev"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d54c89caf7ad42caecf967f12b54fc8","sha1":"992797781098304f6723e5c6df8ee6d382d7299a","sha256":"938e33e25ebc215ae86e2c35ba3ecab9143875e058a5df1eafbcc63a64fcbf39","sha512":"d12f2f79d08794e8212fb131e5352f58bfc81ce06d27ec7d34004f815a00ba4b8e8bca063186f4e3cf73fd8a0f734f3ed73141bcbd56e9ef0de7b35672a63b6b","ssdeep":"","tlshash":"98610fb2f3bd321324b2f52810b576d7932ec5f3e54d5c69fe32a0a86a0d759790b806","size":3230,"data":"","first_seen":"2023-10-19T19:06:25Z","last_seen":"2024-08-21T04:06:22.111771Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf22ac0ac1f3f5a771c0b80602cd5655","sha1":"1612a52885f188d5fbf14be28405d40191c8975f","sha256":"2d9f8a8c280a971e3342782ced670d2343c975a8a7aab22a9f356c8bc1214f72","sha512":"5f3efad6039f838b730e8d9c390c417ecae1b4c85bac43da3ae05e51b8d5617e12aafb8025a44a5a24fc73606cc4fb2bb309a01ee23fbf1c4f0b6aa5303e8bd3","ssdeep":"192:meayyVlt5MWwT+04BfCYO2fNfeqqekcOyjptv48:mZyyVltOv5i6YO2fNfeqqqjptw8","tlshash":"5e32e7ce579424574f0247d8bcacbf1d739d212b9280e99de9ac9d0c09fbbee1923152","size":10928,"data":"","first_seen":"2024-08-21T04:02:42.668212Z","last_seen":"2024-08-21T04:02:42.668212Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"75cf78d0e38c65a538ad253ca9e48dbe","sha1":"bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6","sha256":"df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0","sha512":"81383e4fdae1f34f8e652f69058d57a2a4bd0a77c2c41c3174bee0ceba83a8326229c2a74eaf415bfbd34382b1c442a97c41034f43cd77a391ba9b4daae65463","ssdeep":"3072:/Yh8eip3huuf6IidlrvakdtQ47GKvPhQDvMwFdm:/i8eGRuufsr5zQ47GKvPyDvG","tlshash":"96c3e6ddb2c6b0225bb731b9507f510bf23a1899280d8450f169d8e9bd7c94e823bf6d","size":119648,"data":"","first_seen":"2023-03-08T03:03:54Z","last_seen":"2026-05-13T12:04:00.613923Z","times_seen":14920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.1","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"eb354182820b3f42b068ffd016ad3bda","sha1":"7a8b00393fa2fcec9ab62334fe044e8f8b306976","sha256":"c2ac5bd7977591759055920f51e0b5d59bcff8376fedb0b289840e7c0984b5cc","sha512":"50be0b4ff55fc1b8e51f47478ff0ec4359fbfd416fae8f5ae788c94672f72a82126e101af79bb362f8b15562105ca344234be448465b208ed4093b13bc7b58ef","ssdeep":"192:meaynSxC5MV2T+04BfCYO2fNfeqqekcOyjpz48:mZynSxCO85i6YO2fNfeqqqjp88","tlshash":"c53209ce539424578f0247d4bc6cbf1d739d112b9280d99de9ac9e0c09fbbee5923152","size":11117,"data":"","first_seen":"2024-08-21T04:02:42.670116Z","last_seen":"2024-08-21T04:02:42.670116Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.1","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbcef4a154c1228c1c97c4ef01a30ada","sha1":"23daa3a4d9b0a6310edd3882191ec6ab51ce6b4f","sha256":"6fa6c39c879b2fb55cfd9d0258916c68b5f750ae42312f510e44a4451f06e272","sha512":"858cbd3707754f7d11fdee43d2514db6885c8ba6cbd4fd1f60e62ba421ae0832c6e22110b9009be5ea7c891a0836a3e85b494ad1ace4db6fcb9dc62057a98fce","ssdeep":"192:4/FD1UcRimVIXr2uUakQiUyM8gFPw3yR130CkILt4LXHltABeYAKxPTSxRyBVYUy:4dBUScHUakqyPgFP3RZ0Ck0t4gAKxPTO","tlshash":"7b42f8ea7bc2b05e9bd61476d47f2206f1f56a421c4cc490e189d8c13cbdeb9827be49","size":12281,"data":"","first_seen":"2023-06-14T21:58:21Z","last_seen":"2025-09-18T17:45:24.942663Z","times_seen":11522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=4JQX5NidMUvonI16HyPSGa7dSKYozIlNFVIjHaoUwVKa6y1nXAR1zh9Ph6uLc0csPQFzlcePUGSdpq1ab-L_VaTdLrDTh5aui4X-F-oewMjqFcOjtNk75L_t5oVJlO5k\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"e16a8b255fba42d870103efa85a7130b","sha1":"d38bde16a8d853d5e7c3a11afd5cfbb6652084ea","sha256":"b0018a6c7801cafeb14a49c6b0821d4ea71ad0be070ca58abdfb20fa1e2db062","sha512":"d0bc54f8a9bbd21a6cd6a2fe88bbb6f542b6b12d4a9e493337e1f8365238c7c0eb4452f1bd2bcc959c50371b5537837a08611cef8bb5388fec1f94bfbb1b3502","ssdeep":"192:meaySzxA5M9CT+04BfCYO2fNfeqqekcOyjpjv48:mZykxAO9C5i6YO2fNfeqqqjpjw8","tlshash":"f532f8ce639428974f0247d8b86cbf1d739d112b9280d99de9ac9d0c09fbbee5923152","size":11113,"data":"","first_seen":"2024-08-21T04:02:42.671618Z","last_seen":"2024-08-21T04:02:42.671618Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"917d5d03b2f6773ea71def64520935f4","sha1":"281282d233fd6dd4185df486f31a2ba38aaf5f85","sha256":"585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708","sha512":"0333bb9380091579df7ef9971e0cb606b931036398ded20b1ef002a1cf5a3a2a3304729223559c66639bf307a213c2eac470b51181fe4ba2ad4b1459f780cc38","ssdeep":"1536:/SjqwT+zx4Nm7t21IqgjMvk8tvnytWoULhn92gMNCBfLmt1kPIqI7RsKgyX92:/cp+14S2RBhqkT81wVKg42","tlshash":"5a042bbdf583656e33ba107a20af7512e3ba08019049ce56f03dda484feda07553b677","size":182667,"data":"","first_seen":"2023-03-08T03:03:53Z","last_seen":"2023-11-15T09:11:28Z","times_seen":392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"87efd6715519349131af142156db73f5","sha1":"c97a4e521b65745b007efc70d310bc3d881592e7","sha256":"03bde50da68e75d14367644f9f52809af9b55dbba6c171ce2c7b93523cdc5578","sha512":"7fbbcb0403944a850330d0dd26e83f3e7f64921bf04d72bca8fef62cb05e0214ee181567d3d18c347c1c09da278b01bd0554054c9d44f04e27166a177f119265","ssdeep":"","tlshash":"94e0e52a3f04a9f108ffc932978e7a0506a751cf22170c215d1af4999e348d699924a9","size":402,"data":"","first_seen":"2023-03-26T06:26:29Z","last_seen":"2026-02-05T14:59:51.88773Z","times_seen":80577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=jsonp\u0026callback=getPublic","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1fdb43145cf7c3f6f2a1370889232f1","sha1":"19cd287ba1ffae5908cf8d53d13abc302dac6f9c","sha256":"9a751b74811a7c42413bc5109600706395ac8a8c057f7e6a55fc45b7ea41b191","sha512":"005d22518b46dd388dad488137291765bdfe17258167827cf4aa58c1bc9edc4146a0d391ce846929853a849eada2a1a1d9b55fc712118b075fa3d7b05703b912","ssdeep":"","tlshash":"649004151414d110dd40544ddd13171313441415c14dc040cd440f05045c13dc31107d","size":33,"data":"","first_seen":"2023-03-07T01:24:13Z","last_seen":"2025-09-18T12:32:04.144419Z","times_seen":1526,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smtpjs.com/v3/smtp.js","fqdn":"smtpjs.com","domain":"smtpjs.com","tld":"com"},"ip":{"addr":"109.169.71.112","port":443,"asn":20860,"as":"Iomart Cloud Services Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"73572da03234fa6d561c64b59c152230","sha1":"5de5efc900b7eaf2b93b02f7c4c260fa938ef983","sha256":"1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776","sha512":"de989d8db692960ed4296aead99c0ccf6cdf40110fcb44d35f72efb64d42333cc68878d649365c6c674cdde134d6eee59fe522c86dafb287f43d3d5f78b434f5","ssdeep":"","tlshash":"bd119c56b2d0148889c570a6de8fea9831b899163ada85b3461cc892dc36c6deb3d1cc","size":868,"data":"","first_seen":"2023-03-07T01:06:38Z","last_seen":"2026-04-19T15:59:19.766859Z","times_seen":3554,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"45efb547fcc8b51f4404e8fe36669c19","sha1":"b476cafea5c8e99f1d8f0012918cbfcd6d2450e6","sha256":"6d0c15cf4c9b369fd07e435e929a70d3d7a2d18853d18beb4fdff69b7d62c3ee","sha512":"06bc4877b32f56b26f33551ebed3f8aa0fd2b16d16bb6b7cf3c347cf3f18ee4c00352be94035048b1bca141981f317fe1f341307f911765b1d9d562ef9252199","ssdeep":"","tlshash":"1f41070e91532255ca132c3da7ff58252db07a0361daae10784dd881df503bb6eba75d","size":2339,"data":"","first_seen":"2023-06-21T13:07:48Z","last_seen":"2024-08-21T09:27:39.761832Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce50805b79c6d18b0569746ce1c1813d","sha1":"5dba06a968e892018fa56719a2122fb9c2dbe073","sha256":"db7fef64c3f5bd639bfec0be3af1779dac1f7238780320ecd06d478959da8495","sha512":"ee40e27863bcbb43582b33accec5c9a38784cc5c33bb4f889aeec0dfdfbe7a04b17220cb65caabe62bd95b5d3c0c73840f203bbc0f2a6ea104ddb6f2489047e2","ssdeep":"","tlshash":"dbf0a746cc118189bd51453453bf46146fe01a033da7de61b94ee805cfa499a687e6ec","size":504,"data":"","first_seen":"2023-03-07T01:24:13Z","last_seen":"2024-08-21T09:27:39.763475Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b524b1297911a39f4a4d5165b932f781","sha1":"ab75fee67b6089f129830917a2e8c2fda6a23582","sha256":"7061d39ee40e8f7a47e5a0efb673e446080fbbfcbd38c4fdeaf37deb0c6df605","sha512":"740cb6b7ef5fc011d0a1fb7a541a468374d746f586dba7aab098cadb77d9f75f249a3c9a62d40f50ade88bfc6105fa4a988674cef6efcb630833f566eb91cf8c","ssdeep":"","tlshash":"b1b01209d14d0341042b747c828f84082001711360518d003e0cc2c08f0423d4115408","size":106,"data":"","first_seen":"2023-06-21T13:07:48Z","last_seen":"2026-05-05T18:23:19.108494Z","times_seen":1696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-13T17:09:29.146848Z","times_seen":141463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","domain":"renshawauto.com","tld":"r2.dev"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"d5663ca14896beb4426cb2b7d4d1f91a","sha1":"b13ce03a3f77e79bd161408887f4678d351efa02","sha256":"fe682d3a5bc92582598075d4fdce81ab9b112e785eaaf855f841f78f33dd3080","sha512":"b569d3de71c042af6170c225b77f16305e46249760787653f143a5b3e16710e8c54c112f6dc320eed784c444deee9c71b141633764b22ce9d0a0fc9d3ae8d3d9","ssdeep":"","tlshash":"0dd0a7b5f4e2a026b145222a4f2ad94f363a61020c0ee96dc0486798bce60394753c16","size":235,"data":"","first_seen":"2023-03-07T01:24:13Z","last_seen":"2025-05-08T17:41:17.731568Z","times_seen":1518,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","domain":"renshawauto.com","tld":"r2.dev"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T18:27:40.13573Z","times_seen":15125718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"go.skimresources.com/?id=129857X1600501\u0026url=https://r.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"go.skimresources.com","domain":"skimresources.com","tld":"com"},"ip":{"addr":"35.190.25.30","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:42.339786514Z","timestamp":1697809002339,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /?id=129857X1600501\u0026url=https://r.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t HTTP/1.1\r\nHost: go.skimresources.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty/1.19.9.1\r\ndate: Fri, 20 Oct 2023 13:36:41 GMT\r\ncontent-type: text/plain\r\ncontent-length: 0\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nx-skimhost: cookie-dealer-waypoint-55848f8957-qnmjc\r\nlocation: https://r.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T18:27:40.13573Z","times_seen":15125718,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m03.amazontrust.com/","fqdn":"ocsp.r2m03.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"143.204.53.97","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:42.841646333Z","timestamp":1697809002841,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m03.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Fri, 20 Oct 2023 13:36:42 GMT\r\nLast-Modified: Fri, 20 Oct 2023 12:17:58 GMT\r\nServer: ECAcc (ska/F69C)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-C1\r\nX-Amz-Cf-Id: jRUMNX38SxT2Uwq__9QRZ5ToZ3571VMRhh827DSOT3NHVpq-RnIbvQ==\r\nAge: 4724\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"6c00609fddbc44165a3cbadb787b5152","sha1":"726b3036152afea83aa855491fa0c4092c569311","sha256":"b6e80d454b4695820dd2ca102b9159a6c2c02b7efd66366d2747a5110d43ce0b","sha512":"e4d57c0b08e2f81a86fb09d41651579655dd1a03c6a632a244ec772fe47db822a7c353c74cad0127e85605d1a0f4bd01372fa8c6c190aca178655f82a23a5740","ssdeep":"","tlshash":"75f054d902e1b8cb2d0d0c040fb963083ce143c994c231047c181219985eb7fe5a6119","first_seen":"2023-10-20T03:58:06Z","last_seen":"2023-10-20T20:46:58Z","times_seen":197,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"r.smore.com","domain":"smore.com","tld":"com"},"ip":{"addr":"52.37.216.177","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.159086196Z","timestamp":1697809003159,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t HTTP/1.1\r\nHost: r.smore.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Fri, 20 Oct 2023 13:36:42 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://www.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t\r\nserver: nginx\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":162,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"4f8e702cc244ec5d4de32740c0ecbd97","sha1":"3adb1f02d5b6054de0046e367c1d687b6cdf7aff","sha256":"9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a","sha512":"21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f","ssdeep":"","tlshash":"0bc08cadab022cc8b8a73b3861c36160e2ec80701699451101b04a07f1cf1979ec23d1","first_seen":"2023-04-05T03:07:27Z","last_seen":"2026-05-02T03:40:17.493644Z","times_seen":131103,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.smore.com/c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"www.smore.com","domain":"smore.com","tld":"com"},"ip":{"addr":"52.37.216.177","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.391744355Z","timestamp":1697809003391,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /c?u=https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t HTTP/1.1\r\nHost: www.smore.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 20 Oct 2023 13:36:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 355\r\nlocation: https://google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t\r\nserver: nginx\r\npragma: no-cache\r\ncache-control: no-cache\r\ncontent-security-policy: frame-ancestors 'self' *.parentlink.com *.parentlink.net *.parlant.com *.cloudspeaker.com *.memberspark.com\r\nx-xss-protection: 1; mode=block;\r\nx-content-type-options: nosniff\r\nset-cookie: PID=\"6532826af4b5ea516b65431e\"; Path=/; SameSite=None; Max-Age=31536000; Secure; HttpOnly\nsmore=3f8fe6f7483ab88913c349e27cbbbdc0e27446eb7445d70facbb49f69d27b4fe590a87d6; httponly; Path=/; SameSite=None; secure\r\nstrict-transport-security: max-age=31536000; includeSubdomains;\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":355,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text","md5":"e8235d48dee5edc5977f5d9d958713b0","sha1":"6a49111cda8a0d439ba4bb9a99a9a4926e11ae06","sha256":"e753ee1a27060c2e479ba51414e720415cc80ecebb868873302f0ec291d0658a","sha512":"23605d2180e838782a1de8ca223f406b298e9f4dbf4829e851d0163cb558910be18a308e493e00bbd4e3182feaa4b232406e6a4d0b1d48e69882fcf70a1a30c2","ssdeep":"","tlshash":"f6e0c0df7201ca329f3ca4a19c483358c933020805ddd9cfd1458e17901814bc1ca79f","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:37:24Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.35","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.472365921Z","timestamp":1697809003472,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Fri, 20 Oct 2023 13:36:42 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"779ec3df5ccfc361239d2644c41561b0","sha1":"0b3b0c5ab91d1a7f0b3e9bd588f24d9996648ce5","sha256":"bcbcd2598906911145deffd97e944d59238952f17acaa6cec2a69c4d7c2ced48","sha512":"1d4c1d0882ac1a3e1fe32f1c3a8870a8cd8f157ea2204b47dc7cd70b55564dfbaf9b390f93d7c67c8308d6424aa4eb7d754f72580af91414b0bde00cbf85e3a6","ssdeep":"","tlshash":"60f054ac2d7a1c82eeaa8be446294311351039114f8842077cfaa745c0062e9004e205","first_seen":"2023-10-19T18:31:48Z","last_seen":"2023-10-20T17:52:03Z","times_seen":707,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.206","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.499668599Z","timestamp":1697809003499,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t HTTP/1.1\r\nHost: google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nlocation: https://www.google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-yb4oD4SgcxND1tzK0PG6kw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/fff\"}]}\r\ndate: Fri, 20 Oct 2023 13:36:42 GMT\r\nexpires: Fri, 20 Oct 2023 13:36:42 GMT\r\ncache-control: private, max-age=2592000\r\nserver: gws\r\ncontent-length: 287\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: CONSENT=PENDING+908; expires=Sun, 19-Oct-2025 13:36:42 GMT; path=/; domain=.google.com; Secure\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":287,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF, LF line terminators","md5":"5b48722a1fd6161228ddc071f9114e57","sha1":"e14358e604f9888b93cf960bd06758d9423b1fe7","sha256":"ff99f8db922c5c4409847026e73cd8707dc0b446910a33b66aa61ba1d02a6980","sha512":"92a738371fda076dcc4b4dbac38435c2c72758056023ea42699191718a5bd5ecaf2cbc3870ca236f1cfc44c3c1e2a51146698c240bc4a9ac22b0033d3cbfe4da","ssdeep":"","tlshash":"c5d02bbe2d1d88275767faa6a82d91318c312004d15a99cf82f80d3514dc96e41c6a88","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:37:24Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.35","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.552551402Z","timestamp":1697809003552,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Fri, 20 Oct 2023 13:36:42 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"e32aa8897a957d59728416b7dd623286","sha1":"338cf8511e8eadb26d4fc6589affd4e51330b6ac","sha256":"4b6b4e33dc07ad8571927d00df3e1135005574fbdb9e371d64ef6f8af4570976","sha512":"d28dbf55476b46260509fac1d30157feaed8a2d8feb646d905c61b36a161b998070fade1acc73a985745001b9108b11a84739d818332769cdd5e5c1184870d4b","ssdeep":"","tlshash":"f3f05411287f84018e0dd77543c6d15b558d7d482bbe12473cdba09883a12fd0c08a69","first_seen":"2023-10-19T18:31:48Z","last_seen":"2023-10-20T17:30:15Z","times_seen":660,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.35","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.562725928Z","timestamp":1697809003562,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Fri, 20 Oct 2023 13:36:42 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"779ec3df5ccfc361239d2644c41561b0","sha1":"0b3b0c5ab91d1a7f0b3e9bd588f24d9996648ce5","sha256":"bcbcd2598906911145deffd97e944d59238952f17acaa6cec2a69c4d7c2ced48","sha512":"1d4c1d0882ac1a3e1fe32f1c3a8870a8cd8f157ea2204b47dc7cd70b55564dfbaf9b390f93d7c67c8308d6424aa4eb7d754f72580af91414b0bde00cbf85e3a6","ssdeep":"","tlshash":"60f054ac2d7a1c82eeaa8be446294311351039114f8842077cfaa745c0062e9004e205","first_seen":"2023-10-19T18:31:48Z","last_seen":"2023-10-20T17:52:03Z","times_seen":707,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.google.com/amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.100","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:43.680939756Z","timestamp":1697809003680,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /amp/a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; CONSENT=PENDING+908\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\nlocation: http://a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t\r\ncache-control: private\r\nx-robots-tag: noindex\r\ncontent-type: text/html; charset=UTF-8\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jpZpAX0seBgKww_oZ1NpcQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/fff\"}]}\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ndate: Fri, 20 Oct 2023 13:36:42 GMT\r\nserver: gws\r\ncontent-length: 267\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: __Secure-ENID=15.SE=W3LowL8B5JS_0kH0D0Kze0LMzqXxaOO4jQ_piBo35cqjKAFsg7InEoSgp5OPevpEwPggWM-c0fvq8CUGGXEri5iiupXarhpmqY-hdcVocVDzGJz_4Rz94iGFqRUqVua_1VtgddTpBvzSgNiRMtzbbEnVhl5Uq8IZ05hvufmVyzg; expires=Tue, 19-Nov-2024 05:55:00 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":267,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF, LF line terminators","md5":"22ea5b3e7f8cd1774dfb3104ff197451","sha1":"8c5e32f65c25d8efa9fa7c86c2dfc6da856bb704","sha256":"6d764251c2a26fecac36276d4cc7b37f86dd69661056260b46cdad044712994a","sha512":"3f5eea742c4c730977433f2dbb18b0b8edee9c11ad406456b20e4c74466ed3ab2ac6874cbb13b9a1eacacf86e445346d2b086a900d06dfab55767dab0e992ab5","ssdeep":"","tlshash":"56d02bfd1d1d99275377fa66b82d81308c303000d259958bc2b84c24149855841c6b88","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:37:24Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a4fnxpxeijbxkhyu.colplat.com/brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t","fqdn":"a4fnxpxeijbxkhyu.colplat.com","domain":"colplat.com","tld":"com"},"ip":{"addr":"198.54.120.90","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:44.315268575Z","timestamp":1697809004315,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /brain/Z2xlbm5AcmVuc2hhd2F1dG8uY29t HTTP/1.1\r\nHost: a4fnxpxeijbxkhyu.colplat.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Fri, 20 Oct 2023 13:36:43 GMT\r\nserver: Apache\r\nx-powered-by: PHP/7.4.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=a39dddf1260938b8a9231afafc888651; path=/\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 146\r\ncontent-type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":146,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"b88c1bc65ab45bac800076b881811478","sha1":"d5ceaafec0aabb2649265049584c68a973a385b9","sha256":"b3b6e3ce1a535b655d2f5c4f54aec118cd9a4656c73688a42d50992ef5ae29cd","sha512":"0025c26c73604abedebacde900aa20c76f702987a05b50b1c632f0db358d0cc813da97fa53970a6b138bb97db8f29ce5edbb645ec38a46b59098adf507225bab","ssdeep":"","tlshash":"dfc08c8b2e0b8480956340a4c4d2ec48b11b42a94a49cd85c380c838520e7de0e5b148","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:38:33Z","times_seen":9,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html","fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","domain":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:44.880193969Z","timestamp":1697809004880,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /cbg.html HTTP/1.1\r\nHost: pub-d89e3188311c46f49978b9555d4c9596.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a4fnxpxeijbxkhyu.colplat.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 20 Oct 2023 13:36:44 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"87577f58542198eccff63ff853c7726a\"\r\nLast-Modified: Fri, 20 Oct 2023 02:21:15 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8191a6c31939b500-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":20580,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (64651), with CRLF line terminators","md5":"87577f58542198eccff63ff853c7726a","sha1":"0eccbd76ce91fe1b02097a279a95779fe3bd6478","sha256":"1c13dbdc81bf6972c37637052dafc3173d01ec7a0dc90a87d8853767cf23009c","sha512":"3e9fd01f64180dd386bdb7442599d4a117bb0c950bdd4f8a9eb840df8f3c2524dabd6ac643c0c104197d6526229368ab16440b907e9eb7b28146381c903dbfc2","ssdeep":"1536:c/CPw+kSDazA/PWrF7qvEAFiQcpm7ds+80yVU/1mtvu:cwxXyVUP","tlshash":"b4b3e8d069243c26a037c73560d1bd4762161523e737aebbf6352db9cf896870f32a49","first_seen":"2023-10-19T19:06:25Z","last_seen":"2024-08-21T04:06:22.105826Z","times_seen":89,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-10-20","alert":"Outlook","trigger":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html","verdict":"phishing","severity":"medium","comment":"Outlook","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.017Z","timestamp":1697809005017,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.1.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-152b5\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nage: 3008403\r\nx-served-by: cache-lga21947-LGA, cache-bma1654-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 119, 23829\r\nx-timer: S1697809004.366740,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30070\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30070,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-13T17:09:29.146848Z","times_seen":141463,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":58,"dns":31,"connect":8,"send":0,"wait":9,"receive":5,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.037Z","timestamp":1697809005037,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"stamp2.login.microsoftonline.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 17 Sep 2023 00:00:00 GMT","end":"Tue, 17 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:41:B5:48:4D:2A:D3:78:6B:12:6B:D6:0B:85:B4:F8:2A:FF:48:29","sha256":"79:4C:02:8C:49:C3:35:87:A8:C8:14:4F:79:1B:C6:5C:3E:29:91:10:26:CE:FB:ED:3C:D4:D5:97:D4:BF:F1:7D"}}},"request":{"raw":"GET /logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392 HTTP/1.1\r\nHost: login.microsoftonline.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store, no-cache\r\nPragma: no-cache\r\nContent-Type: text/html; charset=utf-8\r\nContent-Encoding: gzip\r\nExpires: -1\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Content-Type-Options: nosniff\r\nLink: \u003chttps://aadcdn.msauth.net\u003e; rel=preconnect; crossorigin, \u003chttps://aadcdn.msauth.net\u003e; rel=dns-prefetch, \u003chttps://aadcdn.msftauth.net\u003e; rel=dns-prefetch\r\nX-DNS-Prefetch-Control: on\r\nP3P: CP=\"DSP CUR OTPi IND OTRi ONL FIN\"\r\nx-ms-request-id: 73f45538-a6dc-4415-9829-dacda9bb6200\r\nx-ms-ests-server: 2.1.16571.6 - WEULR1 ProdSlices\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nX-XSS-Protection: 0\r\nSet-Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8NpYLYaO7IVWZo4PjlsUoI6LWvQ6nLol8WikiTFq1GwM7zoL6U7U_DTAgc6b2zlaOLzBlIFkbQ6Q; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nESTSSSOTILES=1; expires=Thu, 20-Oct-2033 13:36:44 GMT; path=/; secure; SameSite=None\nAADSSOTILES=1; expires=Thu, 20-Oct-2033 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_7_vA7kSH4xPPWDFEiDTKlk_GP2zdGyEuCB-8ohGQ-gCxMRlNf2GCZUS75OBHLfB5lXH2l1eBThw; domain=.login.microsoftonline.com; expires=Thu, 18-Jan-2024 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8vSgwMfWXhhL1GHqf6ELCEymAU13QMAV7S1Qpfx6Om6jdYWWbizdUvx-u1CzOSS8r8GDQEcr7VnA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nESTSAUTHLIGHT=+; path=/; secure; SameSite=None\nbuid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPEBK4RLKELwaM4or2iNLKEdTaOa7GGD-ixvLX_bfzUcKu-Cxvwmtaqa18W4jHkzLqvKfS22SJZMj4O4rnbBzg2oByeRke_vOMqtiPvs6Di4UgAA; expires=Sun, 19-Nov-2023 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nfpc=Asltl5vyzJJGvxoyI00ksjU; expires=Sun, 19-Nov-2023 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nesctx=PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEP29YOphsGP-FRPPo3tfcDRVFcqwCfitRBcoMCx_aqU7WL1OPIBKHAgMSMtqauXEZiVYsEmHAz52jqrN03vGACGRL2SoW8KEy7VKQ649vE9aRDJMhS5KEiQNcRqac8y9CDgVdRa5ISr924nr_VIDfZEXpsmxbcjRVmeSumbX6t4lIgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nx-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly\nstsservicecookie=estsfd; path=/; secure; samesite=none; httponly\r\nDate: Fri, 20 Oct 2023 13:36:43 GMT\r\nContent-Length: 10838\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10838,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10908), with CRLF, LF line terminators","md5":"7729ec62966bf2afb5c8200261f78871","sha1":"bbfc0837b1ab2724419bc53626428dbff6dbae2b","sha256":"561e95c86aad2ae183a8cc251a249ebd5946d631f05d8e86447a70159199339b","sha512":"2e6fe3a4a73fa21bded7ef3f8d6f6c9de6c2d4cf3cac392e1ba3e407e34dd5b8dc2f78a7abf19d32de0e4b34e60bcd96f9cd36c2f617a83a8a0a147b7b507bb2","ssdeep":"768:unyjv8xBtwh/TcHRkqUY3RZTtpdtVaWfYla:uGstwJTERkqUITVraW/","tlshash":"89d219ce3782245b8b631578e87f7a0de3a822139584c650f48cdc891ffafe94537649","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:37:07Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":3,"connect":10,"send":0,"wait":46,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.office.com/estslogout?ru=/","fqdn":"www.office.com","domain":"office.com","tld":"com"},"ip":{"addr":"13.107.6.156","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.032Z","timestamp":1697809005032,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"portal.office.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 07","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 13 Sep 2023 22:45:31 GMT","end":"Sat, 07 Sep 2024 22:45:31 GMT"},"fingerprint":{"sha1":"13:5B:CB:71:C9:C4:5D:B5:78:0C:8B:88:FD:74:B6:7A:C3:F0:C8:B4","sha256":"B2:9A:B2:F8:18:04:1A:54:39:0D:9E:8F:97:FB:96:92:D2:C0:62:92:3F:D9:1B:34:FE:7B:58:2E:3E:52:CA:15"}}},"request":{"raw":"GET /estslogout?ru=/ HTTP/1.1\r\nHost: www.office.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\nlocation: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=4JQX5NidMUvonI16HyPSGa7dSKYozIlNFVIjHaoUwVKa6y1nXAR1zh9Ph6uLc0csPQFzlcePUGSdpq1ab-L_VaTdLrDTh5aui4X-F-oewMjqFcOjtNk75L_t5oVJlO5k\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0\r\nvary: Accept-Encoding\r\nset-cookie: OH.SID=4bc7d519-ad96-4980-b833-5022a577bf05; path=/; secure; samesite=none; httponly\nOH.DCAffinity=OH-noe; expires=Fri, 20 Oct 2023 21:36:44 GMT; path=/; secure; samesite=none; httponly\nOH.FLID=867a97c9-fc1b-4e47-8089-5d8fc97b2155; expires=Sun, 20 Oct 2024 13:36:44 GMT; path=/; secure; samesite=none; httponly\nMUID=0BF4792FDE2A6BF5054C6A9FDF066A33; path=/; secure; expires=Wed, 13-Nov-2024 13:36:44 GMT; domain=office.com\r\nrequest-context: appId=\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-ua-compatible: IE=edge,chrome=1\r\nx-cache: CONFIG_NOCACHE\r\nx-msedge-ref: Ref A: 4DA3AE11043E42D8BE4AB9B48410EA9E Ref B: SVG20EDGE0215 Ref C: 2023-10-20T13:36:44Z\r\ndate: Fri, 20 Oct 2023 13:36:43 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T18:27:40.13573Z","times_seen":15125718,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":42,"connect":8,"send":0,"wait":26,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.office.com/estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F","fqdn":"www.office.com","domain":"office.com","tld":"com"},"ip":{"addr":"13.107.6.156","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.035Z","timestamp":1697809005035,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"portal.office.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 07","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 13 Sep 2023 22:45:31 GMT","end":"Sat, 07 Sep 2024 22:45:31 GMT"},"fingerprint":{"sha1":"13:5B:CB:71:C9:C4:5D:B5:78:0C:8B:88:FD:74:B6:7A:C3:F0:C8:B4","sha256":"B2:9A:B2:F8:18:04:1A:54:39:0D:9E:8F:97:FB:96:92:D2:C0:62:92:3F:D9:1B:34:FE:7B:58:2E:3E:52:CA:15"}}},"request":{"raw":"GET /estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F HTTP/1.1\r\nHost: www.office.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\nlocation: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0\r\nvary: Accept-Encoding\r\nset-cookie: OH.SID=baafc5e8-a2fc-4342-b1ab-88b0a4d3c173; path=/; secure; samesite=none; httponly\nOH.DCAffinity=OH-noe; expires=Fri, 20 Oct 2023 21:36:44 GMT; path=/; secure; samesite=none; httponly\nOH.FLID=4fb047f0-245b-4511-95a8-d7c579c1f7a8; expires=Sun, 20 Oct 2024 13:36:44 GMT; path=/; secure; samesite=none; httponly\nMUID=231DC565079C60300ACDD6D506B061B7; path=/; secure; expires=Wed, 13-Nov-2024 13:36:44 GMT; domain=office.com\r\nrequest-context: appId=\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-ua-compatible: IE=edge,chrome=1\r\nx-cache: CONFIG_NOCACHE\r\nx-msedge-ref: Ref A: D40F2FB0422F4EE48515FD067B520827 Ref B: SVG20EDGE0215 Ref C: 2023-10-20T13:36:44Z\r\ndate: Fri, 20 Oct 2023 13:36:43 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T18:27:40.13573Z","times_seen":15125718,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":41,"connect":12,"send":0,"wait":25,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.045Z","timestamp":1697809005045,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 673\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: DhdidjYrlCeaRJJRG/y9mA==\r\nlast-modified: Thu, 13 Feb 2020 02:05:12 GMT\r\netag: 0x8D7B0292911C366\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 3a2a9343-e01e-001d-5ea6-02584a000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 07YkxZQAAAACxnj8WRCqaR59w/inHw/H1QU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAADghcstuFlUSZ67cIXre8PjU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1864), with no line terminators","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-05-13T10:40:31.230028Z","times_seen":102848,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":0,"dns":84,"connect":13,"send":0,"wait":11,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.015Z","timestamp":1697809005015,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\ncontent-length: 240\r\ncontent-type: image/png\r\ncontent-md5: fMCW2mqi26P4H8wcgmIVfA==\r\nlast-modified: Fri, 02 Nov 2018 20:25:10 GMT\r\netag: 0x8D64101494D74DC\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 27e355de-f01e-0040-7b2d-00e462000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0GHIuZQAAAAD1cwDO+b4pSpzCdAz9FdQPQU1TMDRFREdFMTkxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAAAbw+qEVSGXTJJb52GLH7kqU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7cc096da6aa2dba3f81fcc1c8262157c","sha1":"a50776316f0220ed7cd7882a68c742a8861c999d","sha256":"ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83","sha512":"ec046758ec2d6588b9b103e5bb1b035dee57dfbb068ad902c869ed22b14f78282461709bdb20366ee887b814f00ae39a4ebd82db42bd831be85fe5b4bf4037af","ssdeep":"","tlshash":"a0d0979373129c2dcfb4e733920e0c22cc1382a3872ab74c58529050bf18c002a9085d","first_seen":"2023-04-27T20:18:37Z","last_seen":"2026-05-10T07:09:17.936548Z","times_seen":12246,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.013Z","timestamp":1697809005013,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\ncontent-length: 1057\r\ncontent-type: image/png\r\ncontent-md5: 7ZyesNzhfXUr7eprWs2m2Q==\r\nlast-modified: Fri, 02 Nov 2018 20:25:31 GMT\r\netag: 0x8D641015620C409\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 40eaff03-f01e-0028-2576-00fe51000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0Q6ktZQAAAAA6dicqvGFqQaRPnURdYnr1QU1TMDRFREdFMTgwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAAC7Cv+rSlm4Q4/86XT9BgcHU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ed9c9eb0dce17d752bedea6b5acda6d9","sha1":"eca56c4904354eed5da0debcd6bd66856ab4784d","sha256":"f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c","sha512":"3bfb696318ddb93540140dbcd4dbb32f129441e46ee752c6b7379624488533ba27cc7eff3cae444c1797ca6eecdf333edaf443ac84cdeb037a890967091cf91c","ssdeep":"","tlshash":"1011b997c6055cec7d3849f171d66b99d9988ed4d0981dc542e8502ebd08984ec905f1","first_seen":"2023-04-10T19:22:58Z","last_seen":"2026-05-11T13:26:16.474619Z","times_seen":3368,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":193,"dns":119,"connect":13,"send":0,"wait":11,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=4JQX5NidMUvonI16HyPSGa7dSKYozIlNFVIjHaoUwVKa6y1nXAR1zh9Ph6uLc0csPQFzlcePUGSdpq1ab-L_VaTdLrDTh5aui4X-F-oewMjqFcOjtNk75L_t5oVJlO5k\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.3","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.206Z","timestamp":1697809005206,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"stamp2.login.microsoftonline.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 17 Sep 2023 00:00:00 GMT","end":"Tue, 17 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:41:B5:48:4D:2A:D3:78:6B:12:6B:D6:0B:85:B4:F8:2A:FF:48:29","sha256":"79:4C:02:8C:49:C3:35:87:A8:C8:14:4F:79:1B:C6:5C:3E:29:91:10:26:CE:FB:ED:3C:D4:D5:97:D4:BF:F1:7D"}}},"request":{"raw":"GET /common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=4JQX5NidMUvonI16HyPSGa7dSKYozIlNFVIjHaoUwVKa6y1nXAR1zh9Ph6uLc0csPQFzlcePUGSdpq1ab-L_VaTdLrDTh5aui4X-F-oewMjqFcOjtNk75L_t5oVJlO5k\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0 HTTP/1.1\r\nHost: login.microsoftonline.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8NpYLYaO7IVWZo4PjlsUoI6LWvQ6nLol8WikiTFq1GwM7zoL6U7U_DTAgc6b2zlaOLzBlIFkbQ6Q; ESTSSSOTILES=1; AADSSOTILES=1; ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_7_vA7kSH4xPPWDFEiDTKlk_GP2zdGyEuCB-8ohGQ-gCxMRlNf2GCZUS75OBHLfB5lXH2l1eBThw; ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8vSgwMfWXhhL1GHqf6ELCEymAU13QMAV7S1Qpfx6Om6jdYWWbizdUvx-u1CzOSS8r8GDQEcr7VnA; ESTSAUTHLIGHT=+; buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPEBK4RLKELwaM4or2iNLKEdTaOa7GGD-ixvLX_bfzUcKu-Cxvwmtaqa18W4jHkzLqvKfS22SJZMj4O4rnbBzg2oByeRke_vOMqtiPvs6Di4UgAA; fpc=Asltl5vyzJJGvxoyI00ksjU; esctx=PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEP29YOphsGP-FRPPo3tfcDRVFcqwCfitRBcoMCx_aqU7WL1OPIBKHAgMSMtqauXEZiVYsEmHAz52jqrN03vGACGRL2SoW8KEy7VKQ649vE9aRDJMhS5KEiQNcRqac8y9CDgVdRa5ISr924nr_VIDfZEXpsmxbcjRVmeSumbX6t4lIgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store, no-cache\r\nPragma: no-cache\r\nContent-Type: text/html; charset=utf-8\r\nContent-Encoding: gzip\r\nExpires: -1\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Content-Type-Options: nosniff\r\nLink: \u003chttps://aadcdn.msauth.net\u003e; rel=preconnect; crossorigin, \u003chttps://aadcdn.msauth.net\u003e; rel=dns-prefetch, \u003chttps://aadcdn.msftauth.net\u003e; rel=dns-prefetch\r\nX-DNS-Prefetch-Control: on\r\nP3P: CP=\"DSP CUR OTPi IND OTRi ONL FIN\"\r\nx-ms-request-id: 5a041168-d760-4d8a-aebb-2e6145b5c000\r\nx-ms-ests-server: 2.1.16522.6 - SEC ProdSlices\r\nx-ms-clitelem: 1,0,0,,\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nX-XSS-Protection: 0\r\nSet-Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8b8AP-rmNJNbxHjKUezdFRaohExpsy_kie31m3MS61cOmR9SBgQVi-t5DeYWlpU_o0KSoEJbAFGQ; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nESTSSSOTILES=1; expires=Thu, 20-Oct-2033 13:36:44 GMT; path=/; secure; SameSite=None\nAADSSOTILES=1; expires=Thu, 20-Oct-2033 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_61Zy3loQF6D1CnnMJcsaa6knSqoaUdcp7heeSPAmAeSB-gIcivGeLZf1OGKmBugx6r3zdGGmPKw; domain=.login.microsoftonline.com; expires=Thu, 18-Jan-2024 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P9nefiUf-nj7zpheIW9brYUJQhGNztWTpX1Pj7_Smkoqo6eea2rk_YqkOrR0DFfD0ad9kTzfG1g5A; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nESTSAUTHLIGHT=+; path=/; secure; SameSite=None\nbuid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPZ_FRAUYfWct9x0-mEJ1P2ysJuyW02_9rIVDMJG2bBds_HUY--xYvYzebGG4e0_DkVurGb9ajIzD3WDifmVdHrcsWYhUyODDN5VGXW_DxITogAA; expires=Sun, 19-Nov-2023 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nfpc=Asltl5vyzJJGvxoyI00ksjU; expires=Sun, 19-Nov-2023 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nx-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly\r\nDate: Fri, 20 Oct 2023 13:36:43 GMT\r\nContent-Length: 10967\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10967,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11093), with CRLF, LF line terminators","md5":"4afbe81b4baf95e892b3fe5ecd04eaeb","sha1":"3f993e027478c9f1423a74713dc4ccb734a0f135","sha256":"04c8d65c457ba47fbe7a501eb7cb6dde3e475c7157925802816407f515dc302a","sha512":"5092095b365fe9e5bb15eaa299f01cb76a231f5a05ca86c6990d2e3b79b51696eed44211fe75e6e8e515ebacaf4b1a147c5cca6e680d0e71a49e383ef216b1ac","ssdeep":"768:unyK9C8xBjwh/TcHRkqUY3RZTtpdtVaWfYla:u39XjwJTERkqUITVraW/","tlshash":"30d229ce3782245b8b630578e87f7a0de3a922139585ca50f48cdc891ff6fe98537649","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:37:07Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.016Z","timestamp":1697809005016,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\ncontent-length: 207\r\ncontent-type: image/png\r\ncontent-md5: CtQwhIAP2LUKJXa1FzdG/g==\r\nlast-modified: Fri, 02 Nov 2018 20:25:24 GMT\r\netag: 0x8D6410151EBB082\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 6c9d0125-201e-0011-239e-00ac53000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0BmYuZQAAAAAaLG38KzN7Sbc+MLkxbCZ9QU1TMDRFREdFMTgwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAACnlvUfdYb8Qp/wbVvasJTFU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0ad43084800fd8b50a2576b5173746fe","sha1":"97c08e6062ff37f6e7a6c65e94d693ccc9ccd443","sha256":"2c03ee38a4eba6a047c3a5bacb3eb461efe14be8acd46ae772350a4dea2f0175","sha512":"e46910267540ff8bfc6f0c486356ee3b3b27861d187fe2441648c15114e90553dcc424246dd646d4b0ff903480f9f91d82b6d919dbe94ad6efdb05b5fad85ed4","ssdeep":"","tlshash":"85d0a7c6b6c6d92957ca852621259090592b9189044120a83e0d8425426c4988574f12","first_seen":"2023-05-10T01:26:30Z","last_seen":"2026-05-11T13:26:16.477179Z","times_seen":1645,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":191,"dns":120,"connect":13,"send":0,"wait":12,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smtpjs.com/v3/smtp.js","fqdn":"smtpjs.com","domain":"smtpjs.com","tld":"com"},"ip":{"addr":"109.169.71.112","port":443,"asn":20860,"as":"Iomart Cloud Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.021Z","timestamp":1697809005021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"smtpjs.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Oct 2023 02:12:56 GMT","end":"Wed, 10 Jan 2024 02:12:55 GMT"},"fingerprint":{"sha1":"42:B0:F7:8A:8B:22:F8:B1:73:FF:5D:9A:16:9A:DD:91:6A:15:FC:99","sha256":"F0:58:1B:C4:40:84:86:0C:B9:64:A9:5B:36:F0:62:95:32:42:12:1B:00:25:40:22:74:C9:8A:E7:D3:9E:AB:BA"}}},"request":{"raw":"GET /v3/smtp.js HTTP/1.1\r\nHost: smtpjs.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Nov 2020 17:17:51 GMT\r\naccept-ranges: bytes\r\netag: \"162f436b85b7d61:0\"\r\nserver: Microsoft-IIS/10.0\r\nx-powered-by: ASP.NET\r\naccess-control-allow-origin: *\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\ncontent-length: 871\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":871,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 (with BOM) text, with very long lines (841), with CRLF line terminators","md5":"3834e1b9e65ca954b7479464ea1e5118","sha1":"437df45dbf59c3a3414236f44e3bcd5045bfe314","sha256":"fc33c6b2c79aafa930e841962ae3c25bf8f56cbc20ec48fc2b0ddd0aa6ee23b6","sha512":"4b26fd1b96acc06993500148b10a7ce76fe9dbbebfb690e4febb46aac9eaceb81b9d5b7317daa4c525dabb42558bfa456fd3f5cab4d8beaa37186bee9619e544","ssdeep":"","tlshash":"9711c057a2d0104889c570b6de4feb943175842636da85b3460cc5929c36c6dfb3c0cc","first_seen":"2023-04-05T04:21:49Z","last_seen":"2025-03-01T18:16:18.602914Z","times_seen":1896,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":189,"dns":29,"connect":47,"send":0,"wait":46,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","fqdn":"login.microsoftonline.com","domain":"microsoftonline.com","tld":"com"},"ip":{"addr":"20.190.181.1","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.210Z","timestamp":1697809005210,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"stamp2.login.microsoftonline.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sun, 17 Sep 2023 00:00:00 GMT","end":"Tue, 17 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:41:B5:48:4D:2A:D3:78:6B:12:6B:D6:0B:85:B4:F8:2A:FF:48:29","sha256":"79:4C:02:8C:49:C3:35:87:A8:C8:14:4F:79:1B:C6:5C:3E:29:91:10:26:CE:FB:ED:3C:D4:D5:97:D4:BF:F1:7D"}}},"request":{"raw":"GET /common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0 HTTP/1.1\r\nHost: login.microsoftonline.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8NpYLYaO7IVWZo4PjlsUoI6LWvQ6nLol8WikiTFq1GwM7zoL6U7U_DTAgc6b2zlaOLzBlIFkbQ6Q; ESTSSSOTILES=1; AADSSOTILES=1; ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_7_vA7kSH4xPPWDFEiDTKlk_GP2zdGyEuCB-8ohGQ-gCxMRlNf2GCZUS75OBHLfB5lXH2l1eBThw; ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8vSgwMfWXhhL1GHqf6ELCEymAU13QMAV7S1Qpfx6Om6jdYWWbizdUvx-u1CzOSS8r8GDQEcr7VnA; ESTSAUTHLIGHT=+; buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPEBK4RLKELwaM4or2iNLKEdTaOa7GGD-ixvLX_bfzUcKu-Cxvwmtaqa18W4jHkzLqvKfS22SJZMj4O4rnbBzg2oByeRke_vOMqtiPvs6Di4UgAA; fpc=Asltl5vyzJJGvxoyI00ksjU; esctx=PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEP29YOphsGP-FRPPo3tfcDRVFcqwCfitRBcoMCx_aqU7WL1OPIBKHAgMSMtqauXEZiVYsEmHAz52jqrN03vGACGRL2SoW8KEy7VKQ649vE9aRDJMhS5KEiQNcRqac8y9CDgVdRa5ISr924nr_VIDfZEXpsmxbcjRVmeSumbX6t4lIgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store, no-cache\r\nPragma: no-cache\r\nContent-Type: text/html; charset=utf-8\r\nContent-Encoding: gzip\r\nExpires: -1\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Content-Type-Options: nosniff\r\nLink: \u003chttps://aadcdn.msauth.net\u003e; rel=preconnect; crossorigin, \u003chttps://aadcdn.msauth.net\u003e; rel=dns-prefetch, \u003chttps://aadcdn.msftauth.net\u003e; rel=dns-prefetch\r\nX-DNS-Prefetch-Control: on\r\nP3P: CP=\"DSP CUR OTPi IND OTRi ONL FIN\"\r\nx-ms-request-id: 7738fb57-6ea3-4e3b-9f60-579f18260000\r\nx-ms-ests-server: 2.1.16571.6 - WEULR1 ProdSlices\r\nx-ms-clitelem: 1,0,0,,\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nX-XSS-Protection: 0\r\nSet-Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8YyEXyDcPB3akj-apygGyO0sPJZsu7lz5oR7-SDzbTaN_ABdV_pHDV7yIigmPJGzXZP2CVSf1cZw; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nESTSSSOTILES=1; expires=Thu, 20-Oct-2033 13:36:44 GMT; path=/; secure; SameSite=None\nAADSSOTILES=1; expires=Thu, 20-Oct-2033 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_3g9DXru3HHS_cL105PAffeTl_A6uNH30pOsRRzbhZQJTdKlT4kQ_iioS-GP5PI9bvHd2N08onQg; domain=.login.microsoftonline.com; expires=Thu, 18-Jan-2024 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_ZptcZ6WIc2I2Y9YPkwpJEJB3doDaZZpj3cWyUJ4DVg_Y08SPSdPrDl64IUPDFZb2We7arDL2VRA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None\nESTSAUTHLIGHT=+; path=/; secure; SameSite=None\nbuid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPmHTnky8rnCjTacH1QW-9uv8U6jHtbSzJufb5jYOqMMe7PYamsgE2Sq3FoQpE1nJuyRMEFIWkkcGWjSX0iVImIx8TDVoV9lLk_YoP8rex0TcgAA; expires=Sun, 19-Nov-2023 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nfpc=Asltl5vyzJJGvxoyI00ksjU; expires=Sun, 19-Nov-2023 13:36:44 GMT; path=/; secure; HttpOnly; SameSite=None\nx-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly\r\nDate: Fri, 20 Oct 2023 13:36:44 GMT\r\nContent-Length: 10987\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10987,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11097), with CRLF, LF line terminators","md5":"718c98cf944c93f479d887c0589960ad","sha1":"000d826720df05b8f22f9e56ebd59c68b61f539d","sha256":"0441bc50cba6e6b7996a9048ebc20571aca7e13e510d9e30ec37a36fc3e663cd","sha512":"9bef4a2b43572f0fa6731286b2f3495e8f3d7b57051c97d974fdd5d89db5d03cbf594a78b34a13c1f0eaa5f351a3574ca426eeef0dcb655585d0ad4e3651fc6e","ssdeep":"768:unyny88xB8h/TcHRkqUY3RZTtpdtVaWfYla:ugyZ8JTERkqUITVraW/","tlshash":"3fd229ce3782245b8b630674e87f7a0df3a822139585c950f48cd8891ffafe98537659","first_seen":"2023-10-20T15:37:07Z","last_seen":"2023-10-20T15:37:07Z","times_seen":1,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":38,"dns":1,"connect":10,"send":0,"wait":89,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.microsoftonline.com/logout.srf?ct=1548343592\u0026rver=64.4.6456.0\u0026lc=1033\u0026id=501392","date":"2023-10-20T13:36:45.494Z","timestamp":1697809005494,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 20208\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncontent-md5: znAMuOwBXwRYMjVZ8p4wCw==\r\nlast-modified: Wed, 06 Sep 2023 21:22:45 GMT\r\netag: 0x8DBAF1F69A21EAA\r\nx-cache: TCP_HIT\r\nx-ms-request-id: cde9347f-401e-0053-586c-fe2946000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0ypIrZQAAAABbBQPJvliTRqEIvWxClUT5QU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAADgZfr5dn+AT4JaDkpiOPVkU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20208,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (61177)","md5":"2ed8d5b2f2b901e92d03f9068812341a","sha1":"8470214fc8e246c3910bcb0eae9070d4abe3a389","sha256":"1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99","sha512":"f0bc6711ef2a43e5f4b254d1c49f69a082ae459d5872f718dd4f88153c74101487d81b472bd3557205dd7a3e51ec7657f8359b0964a0a346bd9dbc9d423273f4","ssdeep":"1536:QpHDgBvguhw+EViazA/PWrF7qvEAFiQcpmcQSeC2Jzc6VUWU:xkNQ06VUv","tlshash":"12b3c7906d243d269037c73571d1bd87a2211503e637aebbf6263db9cf8968b0b32e45","first_seen":"2023-09-21T04:04:05Z","last_seen":"2024-08-22T11:17:49.344057Z","times_seen":23596,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.553Z","timestamp":1697809005553,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 40454\r\ncontent-type: application/x-javascript\r\ncontent-encoding: gzip\r\ncontent-md5: HWW92uTq7vx3y5z+zFZbXQ==\r\nlast-modified: Fri, 26 Feb 2021 06:12:05 GMT\r\netag: 0x8D8DA1D70FBDD97\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 65866eff-101e-0062-1257-fe2355000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 041YrZQAAAAAQj1z8EGgaT6C/rHubmF4CQU1TMDRFREdFMTkxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAADIH01jOO41To2KKxlak+e5U1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40454,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (65450), with CRLF line terminators","md5":"75cf78d0e38c65a538ad253ca9e48dbe","sha1":"bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6","sha256":"df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0","sha512":"81383e4fdae1f34f8e652f69058d57a2a4bd0a77c2c41c3174bee0ceba83a8326229c2a74eaf415bfbd34382b1c442a97c41034f43cd77a391ba9b4daae65463","ssdeep":"3072:/Yh8eip3huuf6IidlrvakdtQ47GKvPhQDvMwFdm:/i8eGRuufsr5zQ47GKvPyDvG","tlshash":"96c3e6ddb2c6b0225bb731b9507f510bf23a1899280d8450f169d8e9bd7c94e823bf6d","first_seen":"2023-03-08T03:03:54Z","last_seen":"2026-05-13T12:04:00.613923Z","times_seen":14920,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.554Z","timestamp":1697809005554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 44785\r\ncontent-type: application/x-javascript\r\ncontent-encoding: gzip\r\ncontent-md5: upI7aPOzsdXSeL+Vv8o5ww==\r\nlast-modified: Wed, 20 Apr 2022 04:33:13 GMT\r\netag: 0x8DA2286E1DA9029\r\nx-cache: TCP_HIT\r\nx-ms-request-id: bcf180aa-901e-0012-664d-fcd155000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0yU4pZQAAAAAHYtiaLkq7R7W6KSQ7Da+MQU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAABQMnJ4ZCglSoncXXC+xEPwU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44785,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (778)","md5":"917d5d03b2f6773ea71def64520935f4","sha1":"281282d233fd6dd4185df486f31a2ba38aaf5f85","sha256":"585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708","sha512":"0333bb9380091579df7ef9971e0cb606b931036398ded20b1ef002a1cf5a3a2a3304729223559c66639bf307a213c2eac470b51181fe4ba2ad4b1459f780cc38","ssdeep":"1536:/SjqwT+zx4Nm7t21IqgjMvk8tvnytWoULhn92gMNCBfLmt1kPIqI7RsKgyX92:/cp+14S2RBhqkT81wVKg42","tlshash":"5a042bbdf583656e33ba107a20af7512e3ba08019049ce56f03dda484feda07553b677","first_seen":"2023-03-08T03:03:53Z","last_seen":"2023-11-15T09:11:28Z","times_seen":392,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":32,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.825Z","timestamp":1697809005825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 1057\r\ncontent-type: image/png\r\ncontent-md5: 7ZyesNzhfXUr7eprWs2m2Q==\r\nlast-modified: Wed, 24 May 2023 10:11:48 GMT\r\netag: 0x8DB5C3F48FD7E08\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 13233a3a-101e-0072-75e5-fd9377000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 04l4pZQAAAAAgoS1FW49OQZWqt0MuDHbUQU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAABF8AFMy8M2SrvUT34yRDyaU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ed9c9eb0dce17d752bedea6b5acda6d9","sha1":"eca56c4904354eed5da0debcd6bd66856ab4784d","sha256":"f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c","sha512":"3bfb696318ddb93540140dbcd4dbb32f129441e46ee752c6b7379624488533ba27cc7eff3cae444c1797ca6eecdf333edaf443ac84cdeb037a890967091cf91c","ssdeep":"","tlshash":"1011b997c6055cec7d3849f171d66b99d9988ed4d0981dc542e8502ebd08984ec905f1","first_seen":"2023-04-10T19:22:58Z","last_seen":"2026-05-11T13:26:16.474619Z","times_seen":3368,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.sectigo.com/","fqdn":"ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"104.18.15.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-20T13:36:45.555022456Z","timestamp":1697809005555,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 20 Oct 2023 13:36:44 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nLast-Modified: Wed, 18 Oct 2023 11:45:30 GMT\r\nExpires: Wed, 25 Oct 2023 11:45:29 GMT\r\nEtag: \"0a27de7a4659a66dac22641ae164561bde53b913\"\r\nCache-Control: max-age=424745,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb6\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 8191a6c7cde856b7-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"5c322493ebc7cacfdcf47aee054af31d","sha1":"0a27de7a4659a66dac22641ae164561bde53b913","sha256":"83243ee964786e633418e127f8b7a285c8bd452b9962b45eb0977b15a501435c","sha512":"cf950abf59e4cba0f1d966605356d76161bfea9a76f74ecfab9f1f922ccf805249be416532239cda70687c5e39621409a200524822684b0b7049090ab2320742","ssdeep":"","tlshash":"c9f0231c1262ebc41c0ccca8e43419663d46d50c18bbf4bf34b594d87a9e7985c3c51d","first_seen":"2023-10-18T14:21:31Z","last_seen":"2023-10-22T02:10:36Z","times_seen":394,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.553Z","timestamp":1697809005553,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 40454\r\ncontent-type: application/x-javascript\r\ncontent-encoding: gzip\r\ncontent-md5: HWW92uTq7vx3y5z+zFZbXQ==\r\nlast-modified: Fri, 26 Feb 2021 06:12:05 GMT\r\netag: 0x8D8DA1D70FBDD97\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 65866eff-101e-0062-1257-fe2355000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 041YrZQAAAAAQj1z8EGgaT6C/rHubmF4CQU1TMDRFREdFMTkxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAABORtg7tt5xS5oVA2OOTM+/U1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40454,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (65450), with CRLF line terminators","md5":"75cf78d0e38c65a538ad253ca9e48dbe","sha1":"bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6","sha256":"df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0","sha512":"81383e4fdae1f34f8e652f69058d57a2a4bd0a77c2c41c3174bee0ceba83a8326229c2a74eaf415bfbd34382b1c442a97c41034f43cd77a391ba9b4daae65463","ssdeep":"3072:/Yh8eip3huuf6IidlrvakdtQ47GKvPhQDvMwFdm:/i8eGRuufsr5zQ47GKvPyDvG","tlshash":"96c3e6ddb2c6b0225bb731b9507f510bf23a1899280d8450f169d8e9bd7c94e823bf6d","first_seen":"2023-03-08T03:03:54Z","last_seen":"2026-05-13T12:04:00.613923Z","times_seen":14920,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.554Z","timestamp":1697809005554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 44785\r\ncontent-type: application/x-javascript\r\ncontent-encoding: gzip\r\ncontent-md5: upI7aPOzsdXSeL+Vv8o5ww==\r\nlast-modified: Wed, 20 Apr 2022 04:33:13 GMT\r\netag: 0x8DA2286E1DA9029\r\nx-cache: TCP_HIT\r\nx-ms-request-id: bcf180aa-901e-0012-664d-fcd155000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0yU4pZQAAAAAHYtiaLkq7R7W6KSQ7Da+MQU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAAA9GLamq02ARqgQcwhqBHSxU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44785,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (778)","md5":"917d5d03b2f6773ea71def64520935f4","sha1":"281282d233fd6dd4185df486f31a2ba38aaf5f85","sha256":"585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708","sha512":"0333bb9380091579df7ef9971e0cb606b931036398ded20b1ef002a1cf5a3a2a3304729223559c66639bf307a213c2eac470b51181fe4ba2ad4b1459f780cc38","ssdeep":"1536:/SjqwT+zx4Nm7t21IqgjMvk8tvnytWoULhn92gMNCBfLmt1kPIqI7RsKgyX92:/cp+14S2RBhqkT81wVKg42","tlshash":"5a042bbdf583656e33ba107a20af7512e3ba08019049ce56f03dda484feda07553b677","first_seen":"2023-03-08T03:03:53Z","last_seen":"2023-11-15T09:11:28Z","times_seen":392,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":32,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.553Z","timestamp":1697809005553,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 40454\r\ncontent-type: application/x-javascript\r\ncontent-encoding: gzip\r\ncontent-md5: HWW92uTq7vx3y5z+zFZbXQ==\r\nlast-modified: Fri, 26 Feb 2021 06:12:05 GMT\r\netag: 0x8D8DA1D70FBDD97\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 65866eff-101e-0062-1257-fe2355000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 041YrZQAAAAAQj1z8EGgaT6C/rHubmF4CQU1TMDRFREdFMTkxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAADQogTb7QIySqg5aLwrRR+gU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40454,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (65450), with CRLF line terminators","md5":"75cf78d0e38c65a538ad253ca9e48dbe","sha1":"bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6","sha256":"df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0","sha512":"81383e4fdae1f34f8e652f69058d57a2a4bd0a77c2c41c3174bee0ceba83a8326229c2a74eaf415bfbd34382b1c442a97c41034f43cd77a391ba9b4daae65463","ssdeep":"3072:/Yh8eip3huuf6IidlrvakdtQ47GKvPhQDvMwFdm:/i8eGRuufsr5zQ47GKvPyDvG","tlshash":"96c3e6ddb2c6b0225bb731b9507f510bf23a1899280d8450f169d8e9bd7c94e823bf6d","first_seen":"2023-03-08T03:03:54Z","last_seen":"2026-05-13T12:04:00.613923Z","times_seen":14920,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.554Z","timestamp":1697809005554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nOrigin: https://login.microsoftonline.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 44785\r\ncontent-type: application/x-javascript\r\ncontent-encoding: gzip\r\ncontent-md5: upI7aPOzsdXSeL+Vv8o5ww==\r\nlast-modified: Wed, 20 Apr 2022 04:33:13 GMT\r\netag: 0x8DA2286E1DA9029\r\nx-cache: TCP_HIT\r\nx-ms-request-id: bcf180aa-901e-0012-664d-fcd155000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0yU4pZQAAAAAHYtiaLkq7R7W6KSQ7Da+MQU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bIIyZQAAAACPb2wUM8nHTZwvEUpH3MzjU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44785,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (778)","md5":"917d5d03b2f6773ea71def64520935f4","sha1":"281282d233fd6dd4185df486f31a2ba38aaf5f85","sha256":"585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708","sha512":"0333bb9380091579df7ef9971e0cb606b931036398ded20b1ef002a1cf5a3a2a3304729223559c66639bf307a213c2eac470b51181fe4ba2ad4b1459f780cc38","ssdeep":"1536:/SjqwT+zx4Nm7t21IqgjMvk8tvnytWoULhn92gMNCBfLmt1kPIqI7RsKgyX92:/cp+14S2RBhqkT81wVKg42","tlshash":"5a042bbdf583656e33ba107a20af7512e3ba08019049ce56f03dda484feda07553b677","first_seen":"2023-03-08T03:03:53Z","last_seen":"2023-11-15T09:11:28Z","times_seen":392,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":32,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=jsonp\u0026callback=getPublic","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.019Z","timestamp":1697809005019,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ipify.org","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 07 Feb 2023 00:00:00 GMT","end":"Sun, 18 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"F4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54","sha256":"77:C3:D0:B5:2D:F4:AB:F0:FB:E4:EC:3E:61:5D:F8:6B:FF:52:55:A8:09:ED:26:27:9B:B1:B9:49:DE:6F:4C:F0"}}},"request":{"raw":"GET /?format=jsonp\u0026callback=getPublic HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.1\r\nDate: Fri, 20 Oct 2023 13:36:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 33\r\nConnection: keep-alive\r\nVary: Origin\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"b1fdb43145cf7c3f6f2a1370889232f1","sha1":"19cd287ba1ffae5908cf8d53d13abc302dac6f9c","sha256":"9a751b74811a7c42413bc5109600706395ac8a8c057f7e6a55fc45b7ea41b191","sha512":"005d22518b46dd388dad488137291765bdfe17258167827cf4aa58c1bc9edc4146a0d391ce846929853a849eada2a1a1d9b55fc712118b075fa3d7b05703b912","ssdeep":"","tlshash":"649004151414d110dd40544ddd13171313441415c14dc040cd440f05045c13dc31107d","first_seen":"2023-03-07T01:24:13Z","last_seen":"2025-09-18T12:32:04.144419Z","times_seen":1526,"resource_available":true,"data":null}},"time_used":1218,"timings":{"blocked":524,"dns":56,"connect":167,"send":0,"wait":164,"receive":1,"ssl":303},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.825Z","timestamp":1697809005825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 1057\r\ncontent-type: image/png\r\ncontent-md5: 7ZyesNzhfXUr7eprWs2m2Q==\r\nlast-modified: Wed, 24 May 2023 10:11:48 GMT\r\netag: 0x8DB5C3F48FD7E08\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 13233a3a-101e-0072-75e5-fd9377000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 04l4pZQAAAAAgoS1FW49OQZWqt0MuDHbUQU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bYIyZQAAAADFNlF/JhQtSJOtpozccEFsU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ed9c9eb0dce17d752bedea6b5acda6d9","sha1":"eca56c4904354eed5da0debcd6bd66856ab4784d","sha256":"f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c","sha512":"3bfb696318ddb93540140dbcd4dbb32f129441e46ee752c6b7379624488533ba27cc7eff3cae444c1797ca6eecdf333edaf443ac84cdeb037a890967091cf91c","ssdeep":"","tlshash":"1011b997c6055cec7d3849f171d66b99d9988ed4d0981dc542e8502ebd08984ec905f1","first_seen":"2023-04-10T19:22:58Z","last_seen":"2026-05-11T13:26:16.474619Z","times_seen":3368,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html#glenn@renshawauto.com","date":"2023-10-20T13:36:45.815Z","timestamp":1697809005815,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\ncontent-length: 17174\r\ncontent-type: image/x-icon\r\ncontent-md5: EuPayFgGHQiAI7K9SOL6lg==\r\nlast-modified: Fri, 02 Nov 2018 20:25:25 GMT\r\netag: 0x8D6410152A9D7E1\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 6485ff39-901e-002e-6de2-00045d000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0v10uZQAAAACzxpbsDseCQLhEej8QW/gQQU1TMDRFREdFMTkwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bYIyZQAAAACFfoXOZfHATY7B0Knb6xE3U1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17174,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\\012- data","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-05-13T17:54:49.960973Z","times_seen":164907,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F\u0026state=C1UMzpRArWpC4B7kBYvPwJErefbJQIOnVxwXe0kZ09mwRvDNsju1oIFnVO_gtnA4HF_cjAi1UYLr_UMOg17-PUs1xsr89j2WCX1qgMqjg5IZwo6wgTCNf1rMlr5N_ZJH\u0026x-client-SKU=ID_NET6_0\u0026x-client-ver=6.30.1.0","date":"2023-10-20T13:36:45.825Z","timestamp":1697809005825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.microsoftonline.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 1057\r\ncontent-type: image/png\r\ncontent-md5: 7ZyesNzhfXUr7eprWs2m2Q==\r\nlast-modified: Wed, 24 May 2023 10:11:48 GMT\r\netag: 0x8DB5C3F48FD7E08\r\nx-cache: TCP_HIT\r\nx-ms-request-id: 13233a3a-101e-0072-75e5-fd9377000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 04l4pZQAAAAAgoS1FW49OQZWqt0MuDHbUQU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0bYIyZQAAAADvZcGuaq9pRZ52fVnnlbRrU1ZHMjBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Fri, 20 Oct 2023 13:36:44 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ed9c9eb0dce17d752bedea6b5acda6d9","sha1":"eca56c4904354eed5da0debcd6bd66856ab4784d","sha256":"f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c","sha512":"3bfb696318ddb93540140dbcd4dbb32f129441e46ee752c6b7379624488533ba27cc7eff3cae444c1797ca6eecdf333edaf443ac84cdeb037a890967091cf91c","ssdeep":"","tlshash":"1011b997c6055cec7d3849f171d66b99d9988ed4d0981dc542e8502ebd08984ec905f1","first_seen":"2023-04-10T19:22:58Z","last_seen":"2026-05-11T13:26:16.474619Z","times_seen":3368,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html","fqdn":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","domain":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.2.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-10-20T13:36:44.677Z","timestamp":1697809004677,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Oct 2023 17:13:53 GMT","end":"Tue, 09 Jan 2024 17:13:52 GMT"},"fingerprint":{"sha1":"91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF","sha256":"F3:D6:02:91:4C:11:83:7C:7C:FD:D0:A3:86:08:75:A0:37:A4:08:AF:67:24:48:AE:14:4D:D0:BA:8D:6A:19:A9"}}},"request":{"raw":"GET /cbg.html HTTP/1.1\r\nHost: pub-d89e3188311c46f49978b9555d4c9596.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a4fnxpxeijbxkhyu.colplat.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 20 Oct 2023 13:36:44 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"87577f58542198eccff63ff853c7726a\"\r\nLast-Modified: Fri, 20 Oct 2023 02:21:15 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 8191a6c31939b500-OSL\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110085,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (64651), with CRLF line terminators","md5":"87577f58542198eccff63ff853c7726a","sha1":"0eccbd76ce91fe1b02097a279a95779fe3bd6478","sha256":"1c13dbdc81bf6972c37637052dafc3173d01ec7a0dc90a87d8853767cf23009c","sha512":"3e9fd01f64180dd386bdb7442599d4a117bb0c950bdd4f8a9eb840df8f3c2524dabd6ac643c0c104197d6526229368ab16440b907e9eb7b28146381c903dbfc2","ssdeep":"1536:c/CPw+kSDazA/PWrF7qvEAFiQcpm7ds+80yVU/1mtvu:cwxXyVUP","tlshash":"b4b3e8d069243c26a037c73560d1bd4762161523e737aebbf6352db9cf896870f32a49","first_seen":"2023-10-19T19:06:25Z","last_seen":"2024-08-21T04:06:22.105826Z","times_seen":89,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":51,"dns":31,"connect":1,"send":0,"wait":137,"receive":3,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-10-20","alert":"Outlook","trigger":"pub-d89e3188311c46f49978b9555d4c9596.r2.dev/cbg.html","verdict":"phishing","severity":"medium","comment":"Outlook","link":"https://openphish.com","meta":null}],"urlquery":null}}]}