ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login
172.67.137.115301 Moved Permanently 0 B URL HTTP/1.1 ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login
IP 172.67.137.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login HTTP/1.1
Host: ubsch.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Feb 2023 05:27:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 07 Feb 2023 06:27:31 GMT
Location: https://ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwDso2ukHoIYMJ6QZW%2B%2BZ%2FitddYeE4vuf0Zz1%2BVrwpL5CWshB892H%2BAzFqOB7fPiHLESkN%2Bk7Ih9Ef%2BdjqAwnGkzLsNpnak6IHNeIjgVejKZspi6T7DKrPlFsMB5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7959b7830ba0b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Tue, 07 Feb 2023 07:54:23 GMT
Date: Tue, 07 Feb 2023 05:27:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17127
Expires: Tue, 07 Feb 2023 10:12:58 GMT
Date: Tue, 07 Feb 2023 05:27:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 04:34:07 GMT
content-type: application/json
age: 3204
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5242
Expires: Tue, 07 Feb 2023 06:54:53 GMT
Date: Tue, 07 Feb 2023 05:27:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V1W8AOTxuUtQ3/5pmWzE0Ptj4zO5s/6n+8cEOvVzXxQtWM2VXPMriZX5CRetY4WHdRmd2A/5TlhE9vgJiwZU/g==
x-amz-request-id: H16PCHXSN5TJSQEP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 04:45:26 GMT
age: 2525
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 05:27:31 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/0IkkgkVSLmY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/0IkkgkVSLmY
IP 142.250.74.131:0
Hash 8f415ad0ec827fb197eb52e0a6c7a675
38cef3d712da40fe2965ee93626b981b02091374
cd6909d49a32e8cbb756bb59716302ae34453f9ed55fd1097682d3f24c6d41ce
POST /s/gts1p5/0IkkgkVSLmY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/
172.67.137.115301 Moved Permanently 0 B URL HTTP/1.1 ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/
IP 172.67.137.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/ HTTP/1.1
Host: ubsch.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Feb 2023 05:27:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 07 Feb 2023 06:27:31 GMT
Location: https://ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Znyww8gFYkIz1Tbv7LjEOYumLamxG8EanMOTiZyReR7cWa9ANABEDVkn4v9%2FoOtMH8Hkh6XH6CJSNjiRDA5pqVMw8wc7VIvA%2FB%2Fo6%2BqgZmKjV5OYNjVwWSIN6bx6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7959b786fe7fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 04:51:19 GMT
age: 2172
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/0IkkgkVSLmY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/0IkkgkVSLmY
IP 142.250.74.131:0
Hash 8f415ad0ec827fb197eb52e0a6c7a675
38cef3d712da40fe2965ee93626b981b02091374
cd6909d49a32e8cbb756bb59716302ae34453f9ed55fd1097682d3f24c6d41ce
POST /s/gts1p5/0IkkgkVSLmY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bing.com/th?id=OHR.WaitangiFjordlandNP_ROW3574413664_1920x1080.jpg&rf=LaDigue_1920x1080.jpg&qlt=50
13.107.21.200200 OK 319 kB URL HTTP/2 www.bing.com/th?id=OHR.WaitangiFjordlandNP_ROW3574413664_1920x1080.jpg&rf=LaDigue_1920x1080.jpg&qlt=50
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 319 kB (318624 bytes)
Hash 9aa223e64059a9d92bf22969dd62b525
2e65a40a6167a93f96f521bbfdd2e9d43c1475b0
f229f4c6451f5af60240621b3fec192aecb34efcfea64fb067339ae7740a7880
GET /th?id=OHR.WaitangiFjordlandNP_ROW3574413664_1920x1080.jpg&rf=LaDigue_1920x1080.jpg&qlt=50 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=691200
content-length: 318624
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D492B6586F145E28C74D07C4EF62AB7 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:31 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14075
Expires: Tue, 07 Feb 2023 09:22:07 GMT
Date: Tue, 07 Feb 2023 05:27:32 GMT
Connection: keep-alive
r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js
23.36.79.19200 OK 5 B URL HTTP/2 r.bing.com/rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js
IP 23.36.79.19:0
ASN #20940 Akamai International B.V.
File type very short file (no magic)
Hash e5aa921deb86f8138026bb9c240820fb
966bbc10109a3d130ab5acbc2d202b1b26379afe
18b848a269a2d23ead68930fee1552542e8bd30c65f5d374d3ebea036c903381
GET /rp/lmu8EBCaPRMKtay8LSArGyY3mv4.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-length: 5
content-type: application/x-javascript; charset=utf-8
content-encoding: br
content-md5: 5aqSHeuG+BOAJrucJAgg+w==
last-modified: Wed, 17 Aug 2022 06:39:21 GMT
etag: 0x8DA801B37C8EF2D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 22883801-601e-00b8-3ee2-f72cf3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=139406
expires: Wed, 08 Feb 2023 20:10:58 GMT
date: Tue, 07 Feb 2023 05:27:32 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.0f4f2417.1675747652.d4b284de
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/N7tKdYmlODF3joFiKWv51yR3FE4.svg
23.36.79.19200 OK 1.8 kB URL HTTP/2 r.bing.com/rp/N7tKdYmlODF3joFiKWv51yR3FE4.svg
IP 23.36.79.19:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1766), with no line terminators
Hash 946b8d209533755165d5d0fe8d795f22
37bb4a7589a53831778e8162296bf9d72477144e
d9233990059b3f88531f67b1c4725ef4f28f46564ae7e511472f48e2a84f9f1d
GET /rp/N7tKdYmlODF3joFiKWv51yR3FE4.svg HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-length: 1766
content-type: image/svg+xml
content-md5: lGuNIJUzdVFl1dD+jXlfIg==
last-modified: Wed, 17 Aug 2022 05:49:33 GMT
etag: 0x8DA801442F5D6E9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f3801604-f01e-0013-1051-395339000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=279380
expires: Fri, 10 Feb 2023 11:03:52 GMT
date: Tue, 07 Feb 2023 05:27:32 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.0f4f2417.1675747652.d4b284e4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico
13.107.21.200200 OK 4.3 kB URL HTTP/2 www.bing.com/sa/simg/favicon-trans-bg-blue-mg.ico
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 30967b1b52cb6df18a8af8fcc04f83c9
aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588
439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e
GET /sa/simg/favicon-trans-bg-blue-mg.ico HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=15552000
content-length: 4286
content-type: image/x-icon
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-cache: TCP_HIT
server: Kestrel
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-/7geeYa9AjTqJ6NSFUBbPHMm4kUYG2CkAMAPBU/HAOo='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: 3004536C0FFF469F8A84B092EA48F1DF Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:31 GMT
X-Firefox-Spdy: h2
www.bing.com/rp/6Hy0l7O248Q6ir-oX_Eoni2EIwg.br.js
13.107.21.200200 OK 6.7 kB URL HTTP/2 www.bing.com/rp/6Hy0l7O248Q6ir-oX_Eoni2EIwg.br.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (17343), with no line terminators
Hash 204bb375b5117b07884a137329e07bab
e87cb497b3b6e3c43a8abfa85ff1289e2d842308
030c5d06364c1a40ce1d47165d462d3ab67a135fe427978201cf376cf57f7ea1
GET /rp/6Hy0l7O248Q6ir-oX_Eoni2EIwg.br.js HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=432000, no-transform, immutable
content-length: 6683
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: IEuzdbUReweIShNzKeB7qw==
last-modified: Wed, 14 Dec 2022 23:50:35 GMT
etag: 0x8DADE2DFE72E2EF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 99ec205c-801e-009f-3216-363b37000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-azure-ref-originshield: Ref A: 73923C07823347AEB1A76BCDBEF02945 Ref B: AM3EDGE0718 Ref C: 2023-02-02T07:40:00Z
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-msedge-ref: Ref A: 8EB49D5BABD84C19B58BF1F441265D89 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:31 GMT
X-Firefox-Spdy: h2
www.bing.com/fd/ls/lsp.aspx?
13.107.21.200204 No Content 0 B URL HTTP/2 www.bing.com/fd/ls/lsp.aspx?
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fd/ls/lsp.aspx? HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 344
Origin: https://www.bing.com
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D78C7CF24084C97B3AD33CEC03A04DD Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:135,%22CT%22:137,%22IL%22:2}}&P=SERP&DA=DUBE01
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:135,%22CT%22:137,%22IL%22:2}}&P=SERP&DA=DUBE01
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:135,%22CT%22:137,%22IL%22:2}}&P=SERP&DA=DUBE01 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 084E5F144A66486D9A5B8D1E767EFF02 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/hp/api/model
13.107.21.200200 OK 7.2 kB URL HTTP/2 www.bing.com/hp/api/model
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (22618), with no line terminators
Hash 1764ea1326bd73fa9bf3789d35c0b78d
42c56ad8e5bab99c18665c477d3e694d991db0fa
6e335ca602859ae6fd2c9913eb75eaa10b5ff53848b1b8600cc296ec8ea243d4
GET /hp/api/model HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bing.com/
Content-type: application/json
Connection: keep-alive
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 7201
content-type: application/json; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
ULC=; domain=.bing.com; expires=Mon, 06-Feb-2023 05:27:32 GMT; path=/; secure; SameSite=None
_HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; secure; SameSite=None
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB1A91AED8CF4A418B57725D58BCBD3A Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/images/sbi?mmasync=1&ptn=Homepage&IID=SBI&IG=B17A823874B64BB299B5B4F56205BD0A&
13.107.21.200200 OK 16 kB URL HTTP/2 www.bing.com/images/sbi?mmasync=1&ptn=Homepage&IID=SBI&IG=B17A823874B64BB299B5B4F56205BD0A&
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (28929), with CRLF, LF line terminators
Hash f0da75f441341c9600a103556705bf8d
c68a6ef39c80e2116b22b6347865da4361d810a2
73015102d228985b83b596593108c20a0e032f71ebf3c56ee296bce06f266f63
GET /images/sbi?mmasync=1&ptn=Homepage&IID=SBI&IG=B17A823874B64BB299B5B4F56205BD0A& HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bing.com/
Content-type: application/json
Connection: keep-alive
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 16049
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; secure; SameSite=None
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD03028F4D5E4B6CB1B0240D743BC931 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A1368%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700595%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A1368%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700595%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A1368%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700595%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6797192324FA48118DFF27C0467EB1A6 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1675747700422%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22939%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%2C%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1367%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700594%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1675747700422%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22939%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%2C%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1367%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700594%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1675747700422%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22width%22%3A%221280%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%22939%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%22M%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747700423%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%2C%7B%22comp%22%3A%22loaded%22%2C%22time%22%3A1367%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700594%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC915282547B4E75812BB7C98A1C43C7 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1368%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700594%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1368%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700594%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22micComponent%22%3A%22rendered%22%2C%22time%22%3A1368%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700594%2C%22Name%22%3A%22speech%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE43151E36894B0DACC62A41883A8783 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmsnpopularnow%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700595%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmsnpopularnow%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700595%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmsnpopularnow%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700595%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D408F2AC84A544B79900412FAA2FDC28 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700596%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700596%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700596%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DEB3A8B5AA4F4C64B52502BF0B7B9DBF Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22error%22%3A%22%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700596%2C%22Name%22%3A%22Importing%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22error%22%3A%22%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700596%2C%22Name%22%3A%22Importing%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22error%22%3A%22%22%2C%22time%22%3A1370%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700596%2C%22Name%22%3A%22Importing%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD88CEF5DCCE4A6F818DF61585E84DAA Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/hp/api/v1/msnpopularnow?&format=json&ecount=20&efirst=0&&
13.107.21.200200 OK 3.0 kB URL HTTP/2 www.bing.com/hp/api/v1/msnpopularnow?&format=json&ecount=20&efirst=0&&
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13926), with no line terminators
Hash 5bff22da023979ed30e46004a20a7988
212c1980218e2ee69023ddbba31a39c1c19207f4
9f356a3788bc746b322a819a07ad1418c0c5f06f29d1fc25fdcceae65eea76e3
GET /hp/api/v1/msnpopularnow?&format=json&ecount=20&efirst=0&& HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bing.com/
Content-type: application/json
Connection: keep-alive
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 2980
content-type: application/json; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E869D9DB08EA40BF80E4C410FBFF954E Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js
95.101.10.202200 OK 4.6 kB URL HTTP/2 assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13100)
Hash efeffb4eda40b16e38658170c235b5a3
e078e0d6863751d2a6701ca0330c9d12ca1df7f9
2da59d63f7bf73a152fb1d90b28ce1b92dac8e30c61b832cd085e6a7b4a452b9
GET /bundles/v1/bingHomepage/latest/widget-initializer.js HTTP/1.1
Host: assets.msn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bing.com/
Origin: https://www.bing.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4555
content-md5: 7+/7TtpAsW44ZYFwwjW1ow==
last-modified: Thu, 02 Feb 2023 23:27:13 GMT
etag: 0x8DB057503C0C11B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 03055453-201e-0008-525e-377614000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Tue, 07 Feb 2023 05:27:32 GMT
akamai-request-bc: [a=95.101.10.198,b=663970148,c=g,n=NO__OSLO,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 95.101.10.198
akamai-request-id: 27936164
access-control-allow-credentials: true
access-control-allow-origin: https://www.bing.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
cache-control: public, no-transform, max-age=86400
timing-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2
ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login
172.67.137.115301 Moved Permanently 1.7 kB URL HTTP/2 ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login
IP 172.67.137.115:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 5689670aab596634e663f50fd4369f69
4263c09acd69ad4a5b30e9166e58b6637ee01fd9
459ad79afe383445ecc2a103713abde4f9ce1fe65ca13441860df2041dd6253e
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login HTTP/1.1
Host: ubsch.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 05:27:31 GMT
content-type: text/html; charset=iso-8859-1
location: http://ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyGRn9zLcjIhX4bq3lkUzAEAuDinuT9HYuhXhHTM%2BIF8K%2FrIIob0YyK4VO5HLKuUzQo5PsSemlbTShuI38VtI98muVe1IeqfDABrjv4HWr9%2BeNfMuGwDovyJC9%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7959b7867a3e1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A1593%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700819%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A1593%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700819%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A1593%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700819%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66193FA6D47A44F1B6DDC4FFEAB26718 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22status%22%3A200%2C%22time%22%3A1594%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700820%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22status%22%3A200%2C%22time%22%3A1594%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700820%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22status%22%3A200%2C%22time%22%3A1594%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700820%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6D66A66AE434A529820225902E3EB87 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/vs/ec/start.mp3
13.107.21.200206 Partial Content 0 B URL HTTP/2 www.bing.com/vs/ec/start.mp3
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vs/ec/start.mp3 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
cache-control: public, max-age=15552000
content-length: 31561
content-type: audio/mpeg
content-range: bytes 0-31560/31561
last-modified: Mon, 01 Jan 1601 00:00:00 GMT
x-cache: TCP_HIT
server: Kestrel
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-MFsF8X29WU+KWbK/aznuVIzrsp7z6FEN+vSDyByaLQE='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-msedge-ref: Ref A: FD609062BA8C4FEDAC73CFA170EB893E Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1615%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700841%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1615%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700841%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1615%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700841%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C495F941C9F45DD96566B494027BC2E Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A1720%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700946%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A1720%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700946%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fimages%2Fsbi%3Fmmasync%3D1%26ptn%3DHomepage%26IID%3DSBI%26IG%3DB17A823874B64BB299B5B4F56205BD0A%26%22%2C%22format%22%3A%22dom%22%2C%22time%22%3A1720%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700946%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D51DA422CD9246089643C80BD80D0F7F Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A1%2C%22time%22%3A1721%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700947%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A1%2C%22time%22%3A1721%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700947%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A1%2C%22time%22%3A1721%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700947%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D296DB5E625E4AE893ED4950AB2DBF34 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22Count%22%3A18%2C%22time%22%3A1743%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1675747700969%2C%22Name%22%3A%22ProactiveTrendingNowTiles%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22Count%22%3A18%2C%22time%22%3A1743%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1675747700969%2C%22Name%22%3A%22ProactiveTrendingNowTiles%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22Count%22%3A18%2C%22time%22%3A1743%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1675747700969%2C%22Name%22%3A%22ProactiveTrendingNowTiles%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FF1D340D5644D4C903F3D2A86CF6E72 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmsnpopularnow%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1720%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700946%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmsnpopularnow%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1720%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700946%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmsnpopularnow%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A1720%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747700946%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 62263A6ED27242CDAA9FEF4EBC1C7254 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/notifications/render?bnptrigger=%7B%22PartnerId%22%3A%22HomePage%22%2C%22IID%22%3A%22Bnp%22%2C%22Attributes%22%3A%7B%22RawRequestURL%22%3A%22%2F%22%7D%7D&IG=B17A823874B64BB299B5B4F56205BD0A&IID=Bnp
13.107.21.200200 OK 8.9 kB URL HTTP/2 www.bing.com/notifications/render?bnptrigger=%7B%22PartnerId%22%3A%22HomePage%22%2C%22IID%22%3A%22Bnp%22%2C%22Attributes%22%3A%7B%22RawRequestURL%22%3A%22%2F%22%7D%7D&IG=B17A823874B64BB299B5B4F56205BD0A&IID=Bnp
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, Unicode text, UTF-8 text, with very long lines (13649)
Hash 166a44934b73dd5c41b2b583bcda6a83
eb428ed7367522bcbb7314f6b68ab534f18ce24c
d1789fa76c5746b2f7d0f7e3259368b735e91d952c2d9316fa8d0bf9980736ad
GET /notifications/render?bnptrigger=%7B%22PartnerId%22%3A%22HomePage%22%2C%22IID%22%3A%22Bnp%22%2C%22Attributes%22%3A%7B%22RawRequestURL%22%3A%22%2F%22%7D%7D&IG=B17A823874B64BB299B5B4F56205BD0A&IID=Bnp HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-length: 8948
content-type: text/html; charset=utf-8
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C3A9179FCE94826A4884AECA5FACDFE Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22error%22%3A%22%22%2C%22time%22%3A1792%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747701018%2C%22Name%22%3A%22Imported%22%2C%22FID%22%3A%22HP%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22error%22%3A%22%22%2C%22time%22%3A1792%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747701018%2C%22Name%22%3A%22Imported%22%2C%22FID%22%3A%22HP%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22error%22%3A%22%22%2C%22time%22%3A1792%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1675747701018%2C%22Name%22%3A%22Imported%22%2C%22FID%22%3A%22HP%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF7E07DE9CEA4B2DB585B7397716C763 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.bing.com/rp/QVXspp3oaMgMqbxnY2UzWAvA_fw.png
13.107.21.200200 OK 8.2 kB URL HTTP/2 www.bing.com/rp/QVXspp3oaMgMqbxnY2UzWAvA_fw.png
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 842 x 92, 8-bit colormap, non-interlaced\012- data
Hash 8bd7d77e15f40db33699c4fbdfffc4f6
4155eca69de868c80ca9bc67636533580bc0fdfc
bf55a186672fb35fb3d7140bea6535ce6cae36e99c3663b0f2c58e647e781d89
GET /rp/QVXspp3oaMgMqbxnY2UzWAvA_fw.png HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=432000, no-transform, immutable
content-length: 8174
content-type: image/png
content-md5: i9fXfhX0DbM2mcT73//E9g==
last-modified: Wed, 17 Aug 2022 05:56:45 GMT
etag: 0x8DA8015448B04FC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b9f3a58e-501e-0068-7316-3611a5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-azure-ref-originshield: Ref A: 265CFADB45994F5A94B205BC93070C84 Ref B: AM3EDGE0612 Ref C: 2023-02-02T13:24:59Z
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
x-msedge-ref: Ref A: D842B82BEA784570A4A79A098E3A2F29 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/rewardsapp/ncheader?ver=33965297&IID=SERP.5019&IG=B17A823874B64BB299B5B4F56205BD0A
13.107.21.200200 OK 135 B URL HTTP/2 www.bing.com/rewardsapp/ncheader?ver=33965297&IID=SERP.5019&IG=B17A823874B64BB299B5B4F56205BD0A
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with no line terminators
Hash 220681134a8094ce652f9fe8016037a5
a771c8027c266aded9f60f97965d2f9bf4f67af8
8af854ff412f28bd161367c8e5b1a5469e03363a5ad11c14634b6abc38388b9e
POST /rewardsapp/ncheader?ver=33965297&IID=SERP.5019&IG=B17A823874B64BB299B5B4F56205BD0A HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4
Origin: https://www.bing.com
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 135
content-type: text/html; charset=utf-8
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 097D96DC46F444848D503648CDA3EC6C Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/rewardsapp/reportActivity?IG=B17A823874B64BB299B5B4F56205BD0A&IID=SERP.5028&&src=hp
13.107.21.200200 OK 608 B URL HTTP/2 www.bing.com/rewardsapp/reportActivity?IG=B17A823874B64BB299B5B4F56205BD0A&IID=SERP.5028&&src=hp
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (1266)
Hash 9d9e1b44239dd283e005f6b9d990b17d
c637a8c098887432bc3fd92c3a954f01367ae616
0232512fd501af0aad970cad4951ff1418b7b4b14697c37a826208013fea799f
POST /rewardsapp/reportActivity?IG=B17A823874B64BB299B5B4F56205BD0A&IID=SERP.5028&&src=hp HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 33
Origin: https://www.bing.com
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-length: 608
content-type: text/html; charset=utf-8
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
_RwBf=ilt=1&ihpd=1&ispd=0&rc=0&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2023-02-06T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2023-02-07T05:27:32.9459024+00:00&rwred=0&wls=&lka=0&lkt=0&TH=; domain=.bing.com; expires=Wed, 07-Feb-2024 05:27:32 GMT; path=/; secure; SameSite=None
_SS=SID=0811E3E69C4C6AE42A80F1579DB96B61&R=0&RB=0&GB=0&RG=200&RP=0; domain=.bing.com; path=/; secure; SameSite=None
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CE15986B56154FA9A068F4DE98AA4453 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/ipv6test/test?FORM=MONITR
13.107.21.200200 OK 64 B URL HTTP/2 www.bing.com/ipv6test/test?FORM=MONITR
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 1bf1ff302246bc930c733c405f985472
de1fb6765de8bd2d9d98507705e24d51d2bd335c
c312aec426076b101ce2fadef09fc64b81aa601ba9bde94e4ad24ac737e715a8
GET /ipv6test/test?FORM=MONITR HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1675751301181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 64
content-type: text/html; charset=utf-8
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:32 GMT; path=/; HttpOnly
access-control-allow-origin: https://www.bing.com
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9B0AF042E674A2C802AC49FED484B05 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747701070%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1675747701070%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1675747701077%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1675747701077%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1675747701110%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%2263e1e143d863429b843aa76c13f5b494%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1675747701129%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%2263e1e143d863429b843aa76c13f5b494%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1675747701129%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1675747701232%2C%22Name%22%3A%22AnimationLoad%22%7D%5D
13.107.21.200200 OK 0 B URL HTTP/2 www.bing.com/fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747701070%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1675747701070%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1675747701077%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1675747701077%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1675747701110%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%2263e1e143d863429b843aa76c13f5b494%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1675747701129%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%2263e1e143d863429b843aa76c13f5b494%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1675747701129%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1675747701232%2C%22Name%22%3A%22AnimationLoad%22%7D%5D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fd/ls/l?IG=B17A823874B64BB299B5B4F56205BD0A&CID=38156675751663F301E474C474E3621E&TYPE=Event.ClientInst&DATA=%5B%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1675747701070%2C%22Name%22%3A%22BottomBanner%22%2C%22FID%22%3A%22Mcp%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1675747701070%2C%22Name%22%3A%22bnp.notif.shown%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22T%22%3A%22CI.BNP%22%2C%22TS%22%3A1675747701077%2C%22Name%22%3A%22bnp.embed.ready%22%2C%22FID%22%3A%2263245%22%7D%2C%7B%22ID%22%3A%2263245%22%2C%22T%22%3A%22CI.BNPUxAssetIndex%22%2C%22TS%22%3A1675747701077%2C%22Name%22%3A0%2C%22FID%22%3A%22BNP%22%7D%2C%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1675747701110%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%2263e1e143d863429b843aa76c13f5b494%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1675747701129%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%2263e1e143d863429b843aa76c13f5b494%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1675747701129%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1675747701232%2C%22Name%22%3A%22AnimationLoad%22%7D%5D HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0&WTS=63811344451; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61&R=0&RB=0&GB=0&RG=200&RP=0; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1675751301181; _RwBf=ilt=1&ihpd=1&ispd=0&rc=0&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2023-02-06T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2023-02-07T05:27:32.9459024+00:00&rwred=0&wls=&lka=0&lkt=0&TH=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A9BE5B33D0C4DB7869BAB11ADB85503 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www2.bing.com/ipv6test/test
13.107.21.200200 OK 64 B URL HTTP/2 www2.bing.com/ipv6test/test
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 1bf1ff302246bc930c733c405f985472
de1fb6765de8bd2d9d98507705e24d51d2bd335c
c312aec426076b101ce2fadef09fc64b81aa601ba9bde94e4ad24ac737e715a8
GET /ipv6test/test HTTP/1.1
Host: www2.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1675751301181
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 64
content-type: text/html; charset=utf-8
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:33 GMT; path=/; HttpOnly
access-control-allow-origin: https://www.bing.com
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27BF14D4C3924CB3A9623D900E7DEF3F Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:32Z
date: Tue, 07 Feb 2023 05:27:32 GMT
X-Firefox-Spdy: h2
login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=84005bea-42de-4190-a646-ba2745afe699&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22B17A823874B64BB299B5B4F56205BD0A%22%7d
40.126.32.67200 OK 680 B URL HTTP/1.1 login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=84005bea-42de-4190-a646-ba2745afe699&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22B17A823874B64BB299B5B4F56205BD0A%22%7d
IP 40.126.32.67:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (627), with CRLF line terminators
Hash c8f9c0229d9469f51af7e5f3e511f5fb
4f6040e60ead7efdf414015e3765a968c41032c8
d912ae1c82af3218699095eddfca98d6bde44021c0be41ca6f1d031c0450d5e1
GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=84005bea-42de-4190-a646-ba2745afe699&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22B17A823874B64BB299B5B4F56205BD0A%22%7d HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: fb9f0940-69b9-41cf-bd90-1b6290566500
x-ms-ests-server: 2.1.14526.6 - WEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.AREAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrcMIvs12P0kLhCQ9UkIJ53GZUV8GOLF36Od7VcEUIPxZt111PShIj-qkb4Ao5suo1S9NGBgYlMGwhHQs619ZGJNSzHYYfYlTHsAm_8fscxIogAA; expires=Thu, 09-Mar-2023 05:27:33 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=AhaQXNtwQ8xLnV-ldgW5ycWCeMQLAQAAAETYc9sOAAAA; expires=Thu, 09-Mar-2023 05:27:33 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr7sxii2ydTSpN7EwQxjyirWa3OhdtYwJoChhv-956cdd5jl27vxaDAe6Tak8mgOWHakxe1ikWJQbFyfdEHmJQyDhNsCmKUIR0h3hsK9cKIzU6YaSX8ypuWvXOciK-xT-5PcoyV0GQ6s6LWA0Uw1QlYXkaRYk0Io3WxWjSdiLEBYkgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Tue, 07 Feb 2023 05:27:33 GMT
Content-Length: 680
login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1675747652&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1044&id=264960&checkda=1
20.190.160.23302 Found 0 B URL HTTP/1.1 login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1675747652&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1044&id=264960&checkda=1
IP 20.190.160.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login.srf?wa=wsignin1.0&rpsnv=11&ct=1675747652&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1044&id=264960&checkda=1 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Tue, 07 Feb 2023 05:26:33 GMT
Location: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: e92db16a-2cfc-420d-ba80-d27b5f9a350b
PPServer: PPV: 30 H: BL02PF5A9F9DE0A V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=fdb013ae5fb54c1c98b7b1c99b8dd27e; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=264960<=1675747653&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Tue, 07 Feb 2023 05:27:32 GMT
Content-Length: 0
www.bing.com/orgid/idtoken/conditional
13.107.21.200200 OK 1 B URL HTTP/2 www.bing.com/orgid/idtoken/conditional
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 9eecb7db59d16c80417c72d1e1f4fbf1
2d14ab97cc3dc294c51c0d6814f4ea45f4b4e312
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
POST /orgid/idtoken/conditional HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 708
Origin: https://login.microsoftonline.com
Connection: keep-alive
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0&WTS=63811344451; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61&R=0&RB=0&GB=0&RG=200&RP=0; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1675751301181&t=4; _RwBf=ilt=1&ihpd=1&ispd=0&rc=0&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2023-02-06T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2023-02-07T05:27:32.9459024+00:00&rwred=0&wls=&lka=0&lkt=0&TH=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 1
content-type: text/html
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:33 GMT; path=/; HttpOnly
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98F6505792644ACDBA95BD5061BF7B42 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:33Z
date: Tue, 07 Feb 2023 05:27:33 GMT
X-Firefox-Spdy: h2
www.bing.com/secure/Passport.aspx?popup=1&ssl=1
13.107.21.200200 OK 184 B URL HTTP/2 www.bing.com/secure/Passport.aspx?popup=1&ssl=1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c692cf35c4d3ad00b5a49bdf3cd2363c
eb9c1fb3345378800f697c7c92519c5188dd9f5a
fa404c029e5e3109f687ed6e12018f34e43ecb2ef8991172af7bd9fc220562fe
GET /secure/Passport.aspx?popup=1&ssl=1 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bing.com/
Connection: keep-alive
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0&WTS=63811344451; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61&R=0&RB=0&GB=0&RG=200&RP=0; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1675751301181&t=4; _RwBf=ilt=1&ihpd=1&ispd=0&rc=0&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2023-02-06T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2023-02-07T05:27:32.9459024+00:00&rwred=0&wls=&lka=0&lkt=0&TH=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 184
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:33 GMT; path=/; HttpOnly
_EDGE_S=SID=011395021B0C6589286487B31AF96493; domain=.bing.com; path=/; HttpOnly
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 26BA93D0F9CE41EE9608F443DFD5EA72 Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:33Z
date: Tue, 07 Feb 2023 05:27:33 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20662
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 05:27:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20662
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 05:27:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20662
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 05:27:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20662
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 05:27:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bea82060b0cd156bf25493942ab62317
4182ba66cceb85c1e873ed5c72a86d53ab851b94
b77aaa7620aa77c7b73be04ad7c91af04f5e91393b3847928668bed644d68709
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10297
x-amzn-requestid: e1dcfab3-4321-4c83-8ad2-5b6a1b948178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77J0G-voAMFrfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1723e-33c2bc5c1f200cca7d7aa961;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vKNh9Q9gmq_ho8Lz5QBBlue1tQiHsn20KF7tID1zITx-YSQPnN2vMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:46:30 GMT
age: 27663
etag: "4182ba66cceb85c1e873ed5c72a86d53ab851b94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08d66d83f1ae9acd6e442c4dcaed2a20
8c258ac6de196f8c32f1af69e7a754da0610b090
a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12368
x-amzn-requestid: 218d5607-8914-4189-b54a-87800397fa67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aEYnIAMFWNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-0245bba8207cdf9a5a580299;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GQtdjIY6JkJNL3UHzff9s4DOyG1f10BzA1-u9hTPjppunAlp-DL-IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 01:38:45 GMT
age: 13728
etag: "8c258ac6de196f8c32f1af69e7a754da0610b090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 27525
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ws42XiDa6w4O13v7obhNXNfA0QQIv03RG0Ze0IPrKWxxvsvUY2eCVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:55 GMT
age: 27518
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3cd20c6639e2b0d996fbbd7df2d4f47
2e54c22fb83981e2690161cd521e4fc3998e9c16
9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 1988058c-5aee-4964-9046-83a5f14a927d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwhjnFdxoAMFgpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dce2e3-5ec35d0d6bef4d4944c629c0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 10:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z9b1A_GpinQXvbA-g2PoKhVSNVd5gMrId0WUTmKSCkg-YAan1dtp-w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:21:35 GMT
age: 25558
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 38573
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bing.com/fd/ls/lsp.aspx
13.107.21.200204 No Content 0 B URL HTTP/2 www.bing.com/fd/ls/lsp.aspx
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fd/ls/lsp.aspx HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/xml
Content-Length: 10694
Origin: https://www.bing.com
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=38156675751663F301E474C474E3621E; MUIDB=38156675751663F301E474C474E3621E; _EDGE_S=SID=011395021B0C6589286487B31AF96493; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; SRCHUSR=DOB=20230207&T=1675747651000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0&WTS=63811344451; _SS=SID=0811E3E69C4C6AE42A80F1579DB96B61&R=0&RB=0&GB=0&RG=200&RP=0; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1675751301181&t=4; _RwBf=ilt=1&ihpd=1&ispd=0&rc=0&rb=0&gb=0&rg=200&pc=0&mtu=0&rbb=0&g=0&cid=&clo=0&v=1&l=2023-02-06T08:00:00.0000000Z&lft=0001-01-01T00:00:00.0000000&aof=0&o=2&p=&c=&t=0&s=0001-01-01T00:00:00.0000000+00:00&ts=2023-02-07T05:27:32.9459024+00:00&rwred=0&wls=&lka=0&lkt=0&TH=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3ADE33664A3B45CABD5B03A2BC27E98F Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:33Z
date: Tue, 07 Feb 2023 05:27:33 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:57:41 GMT
age: 1799
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/
172.67.137.115302 Found 0 B URL HTTP/2 ubsch.buzz/ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/
IP 172.67.137.115:0
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /ubs/a1b2c3/341c80a3fcd6c5ad1a9fb56c31924fb9/login/ HTTP/1.1
Host: ubsch.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Tue, 07 Feb 2023 05:27:31 GMT
content-type: text/html; charset=UTF-8
location: https://www.bing.com
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJMdxoDV%2FaZLx5orpnI0jnHRU8HEYxlgnPHOWuT1BKz6y4u2n4goNrDEARvbuNEG2wWgxOASooQcUuzm20xxabzX6MYBiYXtm8sQ3xYEwcVCUMtjrma4m8tTGFOG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7959b7870a831c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bing.com/
13.107.21.200200 OK 0 B IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET / HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: SUID=M; domain=.bing.com; expires=Tue, 07-Feb-2023 17:27:31 GMT; path=/; secure; HttpOnly; SameSite=None
MUID=38156675751663F301E474C474E3621E; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; secure; SameSite=None
MUIDB=38156675751663F301E474C474E3621E; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; HttpOnly
_EDGE_S=F=1&SID=0811E3E69C4C6AE42A80F1579DB96B61; domain=.bing.com; path=/; HttpOnly
_EDGE_V=1; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; HttpOnly
SRCHD=AF=NOFORM; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; secure; SameSite=None
SRCHUID=V=2&GUID=0374A7E7A387421F9678A354E19EAEC9&dmnchg=1; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; secure; SameSite=None
SRCHUSR=DOB=20230207; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; secure; SameSite=None
SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; secure; SameSite=None
_SS=SID=0811E3E69C4C6AE42A80F1579DB96B61; domain=.bing.com; path=/; secure; SameSite=None
ULC=; domain=.bing.com; expires=Mon, 06-Feb-2023 05:27:31 GMT; path=/; secure; SameSite=None
_HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0wN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; domain=.bing.com; expires=Sun, 03-Mar-2024 05:27:31 GMT; path=/; secure; SameSite=None
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9FD73AE24FFE4E448C7CFFEF7D2CF98E Ref B: OSL30EDGE0108 Ref C: 2023-02-07T05:27:31Z
date: Tue, 07 Feb 2023 05:27:31 GMT
X-Firefox-Spdy: h2