Report - autodiscover.hhls.com.au/

Report Overview

Submitted URL
autodiscover.hhls.com.au/
IP
40.99.215.104
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-09-28 02:32:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
login.microsoftonline.com	25	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	51 kB	20.190.159.70
aadcdn.msauth.net	1421	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	265 kB	13.107.246.53
autodiscover.hhls.com.au	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	530 B	40.99.215.104
outlook.office365.com	51	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	962 B	11 kB	40.99.202.18
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.40.161.235
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	69 kB	34.120.237.76
r4.res.office365.com	180	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	706 kB	23.38.200.227
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	autodiscover.hhls.com.au/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw	19 kB	2023-03-08	2023-03-08
Pretty URL login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw IP 20.190.159.70 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:51:29 Last Seen2023-03-08 02:51:29 Times Seen1 Hash 3e7c38c5be9c64413fb7153b7079f142 6b10200c68c22a77ab441f74f562f450ecdc4fda f02857079d752107d1cae2eddc3793d454a5cf87d00176cad5732833ce526f90 Loading...

	login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw	12 kB	2023-03-07	2024-02-08
Pretty URL login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw IP 20.190.159.70 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-02-08 12:27:13 Times Seen15 Hash 410ff206162d68e386b10f478a49631f 2e8dc5e02a31a906ba77a4d48822ca4415c652e6 f731e662470f7d40cf6e0a2be8e0e374398fb631434d849199db1d12278dca94 Loading...

	login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw	47 kB	2023-03-07	2023-03-10
Pretty URL login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw IP 20.190.159.70 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:28:38 Last Seen2023-03-10 11:30:49 Times Seen1 Hash 5240dd5bfe8e020b016827f7fcc8a49e a8614020becfcbf2e92853f713efe275396e7fa2 3347c34a37e9d0c47501aeba6cf880a3581b51eaa2fdf61db415383f953f2ceb Loading...

	login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw	351 B	2023-03-07	2024-03-18
Pretty URL login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw IP 20.190.159.70 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-03-18 15:59:31 Times Seen794 Hash 3c890f9b92423da2c3f6b98940e0f56f 69f72e87d6ddff7e2364230bb8d43c6f6b16a877 1a7ba79dac10aad7ef63eec3424d65c21881436cb7f5b44ba394268ed695d34d Loading...

	outlook.office365.com/owa/prefetch.aspx	1.9 kB	2023-03-08	2023-03-08
Pretty URL outlook.office365.com/owa/prefetch.aspx IP 40.99.202.18 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:51:29 Last Seen2023-03-08 02:51:29 Times Seen1 Hash 926fe1b916c5b28956f301aa34846c08 af6a6d84f543ce1ad6fae9f2e9d072d484c6c64c 47d77d2e7d9eac349ff46a04631228668cd704cb61ff079c131e0ac35756965e Loading...

	login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw	35 B	2023-03-07	2024-04-18
Pretty URL login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw IP 20.190.159.70 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-18 04:35:26 Times Seen46873 Hash 2badc56bc4d494e70d476b2e4efd31da 384c5f0842cd2f786b0acc4cb159b75ad3620d46 8684cc6fc8b42cd798a7e1416fda8af6cea601dca2ecd3a253acfd9649f58fcb Loading...

	aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js	392 kB	2023-03-07	2023-03-10
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:28:38 Last Seen2023-03-10 11:30:49 Times Seen1 Hash 66ecd9d01f7368faf8c9f01b61fed118 76cb5da79ad2abd88ac0505dd43ce56bd8cb22f4 c1bf2d5549e6a44c730848d6516b15027a1bcd945d3873b5a59c9b0328594d10 Loading...

	login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw	4.0 kB	2023-03-07	2023-03-08
Pretty URL login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw IP 20.190.159.70 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:28:38 Last Seen2023-03-08 13:28:56 Times Seen1 Hash a38821299c1fdba12e8e84b975fad697 4041c2b17d845cad1b244ebc25a586d64a3fe99d 8aaf0054ea3dd142088a7e9f32b93ace1ca57d8b1767d378b68ffd969ae8cca6 Loading...

	aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js	110 kB	2023-03-07	2023-03-17
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:31 Last Seen2023-03-17 12:52:30 Times Seen1 Hash e4437324c30902869ffee9646eebea7c 4b4cc2b7f1b5a31378f43014723ff12e14397b68 c3884c02996923d5be8f0150d8e407562f87fb48d034080740d899682967bb3f Loading...

HTTP Transactions (41)

URL IP Response Size

autodiscover.hhls.com.au/

40.99.215.104

301 Moved Permanently

0 B

URL HTTP/1.1
autodiscover.hhls.com.au/
IP
40.99.215.104:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: autodiscover.hhls.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Pragma: no-cache
Location: https://outlook.office365.com/owa/?realm=hhls.com.au&vd=autodiscover
Server: Microsoft-IIS/10.0
request-id: 73f24af2-a0f4-760a-a399-40b21e4033be
X-RequestId: bdc084b0-1fbb-4168-b097-5902fdcbb6f8
X-FEProxyInfo: OS6P279CA0088.NORP279.PROD.OUTLOOK.COM
X-FEEFZInfo: OSL
MS-CV: 8kryc/SgCnajmUCyHkAzvg.0
X-Powered-By: ASP.NET
X-FEServer: OS6P279CA0088, OS6P279CA0088
Date: Wed, 28 Sep 2022 02:32:43 GMT
Connection: close
Content-Length: 0

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xShakjx12iH-OFmpIl741S__8CjRbJAqufUfHSx4K3WwG4AVFgEBsw==
Age: 1027

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5430
Expires: Wed, 28 Sep 2022 04:03:14 GMT
Date: Wed, 28 Sep 2022 02:32:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iWtn__6oHcl8pgIlW5erZeqgpDO38VkVSBr_yhdmiTANCfqPatDNYA==
age: 61711
X-Firefox-Spdy: h2

outlook.office365.com/owa/?realm=hhls.com.au&vd=autodiscover

40.99.202.18

302

860 B

URL HTTP/1.1
outlook.office365.com/owa/?realm=hhls.com.au&vd=autodiscover
IP
40.99.202.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (788), with CRLF line terminators
Size
860 B (860 bytes)
Hash
4598dbf0f55fb57703ecd7f505321eb5
6c2bcf3c2139c29a0ac80c26124eb88bb6f5e73f
714ab5ee60fe6ae3238f9a52e339317cddc0500d20dbaabd6604fe1185ae4eaf

HTTP Headers

GET /owa/?realm=hhls.com.au&vd=autodiscover HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 
Content-Length: 860
Content-Type: text/html; charset=utf-8
Location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw
Server: Microsoft-IIS/10.0
request-id: 0da6697f-3c10-1bae-b987-35b29e40a3d5
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedBETarget: OLAP279MB0150.NORP279.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: ClientId=838445B559714A1793284AD2FECC602D; expires=Thu, 28-Sep-2023 02:32:44 GMT; path=/;SameSite=None; secure
ClientId=838445B559714A1793284AD2FECC602D; expires=Thu, 28-Sep-2023 02:32:44 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Tue, 28-Mar-2023 02:32:44 GMT; path=/;SameSite=None; secure; HttpOnly
domainName=hhls.com.au; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.nonce.v3.5JaoKrigYFMNnxQ6rIEb-5Kmt4L6gCSkIZ1kNMaTBoU=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41; expires=Wed, 28-Sep-2022 03:32:44 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OptInPrg=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
ClientId=838445B559714A1793284AD2FECC602D; expires=Thu, 28-Sep-2023 02:32:44 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Tue, 28-Mar-2023 02:32:44 GMT; path=/;SameSite=None; secure; HttpOnly
domainName=hhls.com.au; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=outlook.office365.com; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OpenIdConnect.nonce.v3.5JaoKrigYFMNnxQ6rIEb-5Kmt4L6gCSkIZ1kNMaTBoU=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41; expires=Wed, 28-Sep-2022 03:32:44 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
OptInPrg=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 28-Sep-1992 02:32:44 GMT; path=/; secure
X-OWA-RedirectHistory=ArLym14B1i6Lufmg2gg; expires=Wed, 28-Sep-2022 08:34:44 GMT; path=/;SameSite=None; secure; HttpOnly
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS6
X-OWA-DiagnosticsInfo: 1;0;0
X-IIDs: 0
X-BackEnd-Begin: 2022-09-28T02:32:44.655
X-BackEnd-End: 2022-09-28T02:32:44.655
X-DiagInfo: OLAP279MB0150
X-BEServer: OLAP279MB0150
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=OSL"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-Proxy-BackendServerStatus: 302
X-FirstHopCafeEFZ: OSL
X-FEProxyInfo: OS6P279CA0060.NORP279.PROD.OUTLOOK.COM
X-FEEFZInfo: OSL
X-FEServer: OS6P279CA0060
Date: Wed, 28 Sep 2022 02:32:43 GMT

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:32:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RY_Uy_kdGoZVJc8MHSSvKvJOqJ0wSSjn1S7AXKNufTNCHvhHynHHJA==
Age: 1319

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5053
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:32:45 GMT
Last-Modified: Wed, 28 Sep 2022 01:08:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.40.161.235

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.161.235:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oPjjxYcKfdB/CRMEWaOZ3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PoxM3xaZM9U98o8FgeH0pzn8UOQ=

login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw

20.190.159.70

200 OK

49 kB

URL HTTP/1.1
login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw
IP
20.190.159.70:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28591), with CRLF, LF line terminators
Size
49 kB (49039 bytes)
Hash
bb813254be6a0b531a1cbdd88ac62bbe
9a13b1eb82d3d634c7ede69d2d177b64ea4b29c1
0d6ff5bf8628e67d6aa0f9244770d3f428f009e21e22dbb02d9871c4c70b9906

HTTP Headers

GET /common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=0da6697f-3c10-1bae-b987-35b29e40a3d5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=hhls.com.au&nonce=637999291646553814.fb91907f-54e5-4920-8289-3d1316ae5f41&state=DctBDoMgEEBRaO_SrkAGZoBZGM-CArGJhkSrvX5ZvL_7Ugjx7B6dND0ieBeY2TJ49EQuAuo6M7AJVREWUsjWqGgjK5fBgU-FKoLs73tovzRMR0nbPq7rduql7TpdrzuP6fq2_DmXdpfjDw HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: d9d7462f-d740-488d-9bd3-5a25c9221700
x-ms-ests-server: 2.1.13777.5 - AUSELR2 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.AUIAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrgj-b9wy-of47mVlz9fk753P5uB3WD86cy2sUddPGW31dlMwmkF1hEfpQOwyTtH6Cst7wnnxRBNCPYGx8NZtL2xm5KgO6kRLjM-koOYfvQW8gAA; expires=Fri, 28-Oct-2022 02:32:45 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Aofy6YPZVgNBvk7lh6MxR9uerOTJAQAAAE2pxdoOAAAA; expires=Fri, 28-Oct-2022 02:32:45 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrJlkyLX1Vu8K3rk3M5kUwUOcmvxShKIBgPs1_vAZLH2qLil1Euym6lDUf6XQF_5SWkuCA0pZpJgmosDPenqiOv_w-_EEE8nZNQG8wT8632XjMW5uNtbFlVvrvLD5MYEDwYyv_lABk9OvNArvdFqX7a0fEk4WrANjrTcztrPuufVJi5cwb4nA_wu6e3L_4l19A714JwB1vJZEgGNWuj7LfgycMrMqZDCw4sxaHbI3ABWEgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Wed, 28 Sep 2022 02:32:46 GMT
Content-Length: 49039

aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js

13.107.246.53

200 OK

111 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (64616)
Size
111 kB (111355 bytes)
Hash
25fafbc9bcfe9b49cdbf3ff4f2ee2bd5
76793da44af29d7e757fa9fa926dd35b2dd569a0
9a34deb91b46c14026d377ae47e7d87d5ac2c6ac9cdddc4e24ab298610e0aa62

HTTP Headers

GET /shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 111355
content-type: application/x-javascript
content-encoding: gzip
content-md5: Jfr7ybz+m0nNvz/08u4r1Q==
last-modified: Fri, 02 Sep 2022 23:41:46 GMT
etag: 0x8DA8D3CB2C71735
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: f60a0d2d-201e-0069-4ac1-d10642000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0OX0yYwAAAADW7oNb/vyNRYLvBIi/uveQQU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAACb5qqLsnr1Rq12CUiH/J8uU1ZHMjBFREdFMDYwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico

13.107.246.53

200 OK

17 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 81f7ae53-201e-002d-6a35-d2795b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0OaEyYwAAAAAL6EjDZEqvSb8IlrOUQoN6QU1TMDRFREdFMTkxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAACbnkcyjinBS4TZs243gEWEU1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

outlook.office365.com/owa/prefetch.aspx

40.99.202.18

200 OK

2.7 kB

URL HTTP/1.1
outlook.office365.com/owa/prefetch.aspx
IP
40.99.202.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1188), with CRLF line terminators
Size
2.7 kB (2745 bytes)
Hash
e1122f57feab62cd79085791419c3a73
f51057067c3c9628b478d048d23e2cbc044e2bbd
82e214ca6ebc590dbf529976d9daab94690fb76c02d8059a9a83123b8a4f6c17

HTTP Headers

GET /owa/prefetch.aspx HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, no-store
Content-Length: 2745
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
request-id: 1bed0f06-0091-baf1-ec01-68f13334db13
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedFETarget: SV0P279CU002.internal.outlook.com
Set-Cookie: ClientId=E1B465C642ED4012B0E9FCB1370A4241; expires=Thu, 28-Sep-2023 02:32:46 GMT; path=/;SameSite=None; secure
ClientId=E1B465C642ED4012B0E9FCB1370A4241; expires=Thu, 28-Sep-2023 02:32:46 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Tue, 28-Mar-2023 02:32:46 GMT; path=/;SameSite=None; secure; HttpOnly
OWAPF=v:15.20.5676.17&l:mouse; path=/
X-CalculatedBETarget: SVAP279MB0077.NORP279.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 200, 200
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS6
X-OWA-Version: 15.20.5676.17
X-OWA-DiagnosticsInfo: 2;0;0
X-IIDs: 0
X-BackEnd-Begin: 2022-09-28T02:32:46.820
X-BackEnd-End: 2022-09-28T02:32:46.820
X-DiagInfo: SVAP279MB0077
X-BEServer: SVAP279MB0077
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 200
X-FEProxyInfo: OS6P279CA0060.NORP279.PROD.OUTLOOK.COM
X-FEEFZInfo: OSL
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=OSL"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ: OSL
X-FEServer: SV0P279CA0031, OS6P279CA0060
Date: Wed, 28 Sep 2022 02:32:46 GMT

aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

13.107.246.53

200 OK

20 kB

URL HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (61177)
Size
20 kB (19970 bytes)
Hash
f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 19970
content-type: text/css
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 21a59d69-101e-000a-4beb-d13966000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 004UyYwAAAAD+OuhR+3XxTYYLAGgTCSwsQU1TMDRFREdFMTkyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAACnKptyeT/oSbfkT0Eh9An8U1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js

13.107.246.53

200 OK

14 kB

URL HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (32021)
Size
14 kB (13605 bytes)
Hash
27d5c62bb9976ad238170067974cd1d4
e2385d2173597c82ffbdf9551f0cbef321799b09
68d960604f379395e41221aa3aac803f32f816b969d9ffb1e5e3ad2279349d5d

HTTP Headers

GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 13605
content-type: application/x-javascript
content-encoding: gzip
content-md5: J9XGK7mXatI4FwBnl0zR1A==
last-modified: Sat, 03 Sep 2022 02:17:03 GMT
etag: 0x8DA8D52642E065B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 329468b2-801e-0037-4dbe-d0c76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0n4wyYwAAAABEnh0e+iaCQpy1TJCz8p6lQU1TMDRFREdFMTkxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAABTbPZ5WvE1T4SDTPs+AyHvU1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:32:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:32:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:32:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:32:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:32:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 17206
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js

13.107.246.53

200 OK

32 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (33036)
Size
32 kB (32176 bytes)
Hash
9b2ba0b90905402b0da85cef7af2e436
3751ef6b1a088aa49132b5e0d108037be750ced3
45d424f75fc4103008c354083723d72f85ba56347acac6e487026dba2b3f4149

HTTP Headers

GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 32176
content-type: application/x-javascript
content-encoding: gzip
content-md5: myuguQkFQCsNqFzvevLkNg==
last-modified: Mon, 15 Aug 2022 19:41:54 GMT
etag: 0x8DA7EF6352C5B49
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 8ce8ad9c-601e-0015-3976-d2005b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0QmkzYwAAAABB+CKOlR5yS55afkL/iBVvQU1TMDRFREdFMTkwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAAAncs4qTHeDQKOfZVv595IGU1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9733 bytes)
Hash
f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:59:08 GMT
age: 77618
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 17028
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg

13.107.246.53

200 OK

987 B

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3\012- data
Size
987 B (987 bytes)
Hash
e58aafc980614a9cd7796bea7b5ea8f0
d4cac92dcde0caf7c571e6d791101da94fdbd2ca
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

HTTP Headers

GET /shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 987
content-type: image/jpeg
content-md5: 5YqvyYBhSpzXeWvqe16o8A==
last-modified: Fri, 27 Mar 2020 19:41:47 GMT
etag: 0x8D7D286E322A911
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: befb8b27-d01e-003a-76ea-cf1877000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0PZUyYwAAAACMK5G6bAS0RYmVhOS/MfTqQU1TMDRFREdFMTgxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAAAkApYz7QSNR6RcwrlcC4y8U1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12016 bytes)
Hash
4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 17048
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg

13.107.246.53

200 OK

18 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
18 kB (17453 bytes)
Hash
7916a894ebde7d29c2cc29b267f1299f
78345ca08f9e2c3c2cc9b318950791b349211296
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

HTTP Headers

GET /shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17453
content-type: image/jpeg
content-md5: eRaolOvefSnCzCmyZ/Epnw==
last-modified: Fri, 27 Mar 2020 19:41:47 GMT
etag: 0x8D7D286E30A1202
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: be899023-801e-0037-744e-d0c76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0SscyYwAAAACW2i/iA/oOSLGgh/NP3cPGQU1TMDRFREdFMTkxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAAANOwxuM6vWRrcuRCtj6HQNU1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:35:49 GMT
age: 68217
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

13.107.246.53

200 OK

1.4 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
1.4 kB (1435 bytes)
Hash
9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1435
content-type: image/svg+xml
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373CB2849
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: be898e47-801e-0037-604e-d0c76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0y8wyYwAAAABOFC/FDNwfRK1O8lamO8WrQU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAABMAJHiYhJnRKqLoMoyhpCaU1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14018 bytes)
Hash
d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:52 GMT
age: 14634
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png

13.107.246.53

200 OK

5.1 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5139 bytes)
Hash
8b36337037cff88c3df203bb73d58e41
1ada36fa207b8b96b2a5f55078bfe2a97acead0e
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

HTTP Headers

GET /shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 5139
content-type: image/png
content-md5: izYzcDfP+Iw98gO7c9WOQQ==
last-modified: Wed, 12 Feb 2020 03:12:12 GMT
etag: 0x8D7AF695A8C44DC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 0c65eb17-f01e-0028-0f27-d2fe51000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0OcMyYwAAAABM+VC1nxS7RZAqY7EPHfGLQU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0TrIzYwAAAABlcj4jbnLhTI5UqI4S5z19U1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.0.mouse.js

23.38.200.227

200 OK

180 kB

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.0.mouse.js
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59783), with CRLF line terminators
Size
180 kB (179692 bytes)
Hash
7107c752f3901d95bdc4e9d46ac2b6d8
747a0d933dc2ef38a98fa11a44ba661ec6a5eae3
c4a5ecaf090da5f8115afcf0d4b723810054ecf3de31acc5ea6d48f9eb2d4111

HTTP Headers

GET /owa/prem/15.20.5676.17/scripts/boot.worldwide.0.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Mon, 26 Sep 2022 19:03:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
content-length: 179692
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.1.mouse.js

23.38.200.227

200 OK

163 kB

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.1.mouse.js
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
163 kB (163086 bytes)
Hash
e8e90ea74afb3c2e067828c093fc86b1
cdc77987b351dc36f67d2d72d9bb59f17bfd49e0
411cbbad8d2c64f927321e1a825bf15860e2a7757688b4b445cdec041a1c497a

HTTP Headers

GET /owa/prem/15.20.5676.17/scripts/boot.worldwide.1.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Mon, 26 Sep 2022 19:03:38 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
content-length: 163086
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.2.mouse.js

23.38.200.227

200 OK

170 kB

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.2.mouse.js
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
170 kB (169702 bytes)
Hash
1e37d6bba254c3ff7f57d369bfffb5ee
3815e368af2c284735837ee7facbbfc9a7627e59
d3b62817e50c0a8e046612ec81463e9613eda09be666c511992f556550195852

HTTP Headers

GET /owa/prem/15.20.5676.17/scripts/boot.worldwide.2.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Mon, 26 Sep 2022 19:03:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
content-length: 169702
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.3.mouse.js

23.38.200.227

200 OK

146 kB

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/scripts/boot.worldwide.3.mouse.js
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
146 kB (145619 bytes)
Hash
f4769ea574f97001a1ca6c9d1925fdb1
c3fef5eb451b05466c2ce8132d980c0f6a073d85
4f0d09f981e8117aaec443618664660b040184b67b6a8f8768419ee6248465f7

HTTP Headers

GET /owa/prem/15.20.5676.17/scripts/boot.worldwide.3.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Mon, 26 Sep 2022 19:03:38 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
content-length: 145619
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/resources/images/0/sprite1.mouse.png

23.38.200.227

200 OK

132 B

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/resources/images/0/sprite1.mouse.png
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 600 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
132 B (132 bytes)
Hash
3eda15637afeac6078f56c9dcc9bbdb8
97b900884183cb8cf99ba069eedc280c599c1b74
68c66d144855ba2bc8b8bee88bb266047367708c1e281a21b9d729b1fbd23429

HTTP Headers

GET /owa/prem/15.20.5676.17/resources/images/0/sprite1.mouse.png HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 132
content-type: image/png
last-modified: Mon, 26 Sep 2022 19:18:39 GMT
server: AkamaiNetStorage
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

13.107.246.53

200 OK

621 B

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators
Size
621 B (621 bytes)
Hash
4761405717e938d7e7400bb15715db1e
76fed7c229d353a27db3257f5927c1eaf0ab8de9
f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf

HTTP Headers

GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 621
content-type: image/svg+xml
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: e843680b-d01e-0016-3618-d17d5d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0jq8yYwAAAAAVxHu5p929T6047aTxgkpqQU1TMDRFREdFMTkxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0T7IzYwAAAACAyIHlXJnCRI5jMXdlhvm8U1ZHMjBFREdFMDUxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:46 GMT
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/resources/images/0/sprite1.mouse.css

23.38.200.227

200 OK

288 B

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/resources/images/0/sprite1.mouse.css
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (994), with no line terminators
Size
288 B (288 bytes)
Hash
d5376db145bd802d6dc34b453e38db2d
a33794e22b790cefae0b1427244ddbf60aef74e6
4e5c1ba33900bd8b05d2bef342bdd037c240d27207ef878b2b87d252dfc30cfc

HTTP Headers

GET /owa/prem/15.20.5676.17/resources/images/0/sprite1.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Mon, 26 Sep 2022 19:18:39 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
content-length: 288
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/15.20.5676.17/resources/styles/0/boot.worldwide.mouse.css

23.38.200.227

200 OK

44 kB

URL HTTP/2
r4.res.office365.com/owa/prem/15.20.5676.17/resources/styles/0/boot.worldwide.mouse.css
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44144 bytes)
Hash
820f40594a0e8d5f9d58546208aa9060
e17ed5116a34c432013a244c979ac9da53829d74
f8f708049e1e1609af3959cd21eaf313c8192d3e962887a7a2e1f9b353d3fc80

HTTP Headers

GET /owa/prem/15.20.5676.17/resources/styles/0/boot.worldwide.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Mon, 26 Sep 2022 19:19:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 28 Sep 2022 02:32:47 GMT
content-length: 44144
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

13.107.246.53

200 OK

20 kB

URL HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (61177)
Size
20 kB (19970 bytes)
Hash
f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 19970
content-type: text/css
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 21a59d69-101e-000a-4beb-d13966000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 004UyYwAAAAD+OuhR+3XxTYYLAGgTCSwsQU1TMDRFREdFMTkyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0U7IzYwAAAAAuMhBsWMXkSbXAyBX6JhNwU1ZHMjBFREdFMDYwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:51 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js

13.107.246.53

200 OK

14 kB

URL HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (32021)
Size
14 kB (13605 bytes)
Hash
27d5c62bb9976ad238170067974cd1d4
e2385d2173597c82ffbdf9551f0cbef321799b09
68d960604f379395e41221aa3aac803f32f816b969d9ffb1e5e3ad2279349d5d

HTTP Headers

GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 13605
content-type: application/x-javascript
content-encoding: gzip
content-md5: J9XGK7mXatI4FwBnl0zR1A==
last-modified: Sat, 03 Sep 2022 02:17:03 GMT
etag: 0x8DA8D52642E065B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 329468b2-801e-0037-4dbe-d0c76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0n4wyYwAAAABEnh0e+iaCQpy1TJCz8p6lQU1TMDRFREdFMTkxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0U7IzYwAAAABPJU6IMzbXQ7fNYAHiKMJyU1ZHMjBFREdFMDYwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 02:32:51 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations