aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
152.199.23.37 20 kB URL aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP 152.199.23.37:0
File type ASCII text, with very long lines (61177)
Hash f0e5964f8bbedf73d2d3001623bb663b
aadf3504d5e5a93e678487eeb4a63398f2699341
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mosic.sa.com
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 25733548
cache-control: public, max-age=31536000
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
content-type: text/css
date: Tue, 30 May 2023 13:34:45 GMT
etag: 0x8DA7650B375AC9B
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (ska/F7A0)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5ecbd986-101e-0042-39ef-a82f4a000000
x-ms-version: 2009-09-19
content-length: 19970
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png
152.199.23.37 1.1 kB URL aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png
IP 152.199.23.37:0
File type PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
GET /ests/2.1/content/images/microsoft_logo.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 301723
cache-control: public, max-age=604800
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
content-type: image/png
date: Tue, 30 May 2023 13:34:45 GMT
etag: 0x8D641014F7D2A46
last-modified: Fri, 02 Nov 2018 20:25:20 GMT
server: ECAcc (ska/F6A9)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8acd5b43-f01e-0035-103c-900a5d000000
x-ms-version: 2009-09-19
content-length: 1057
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
152.199.23.37 45 kB URL aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (778)
Hash 917d5d03b2f6773ea71def64520935f4
281282d233fd6dd4185df486f31a2ba38aaf5f85
585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708
GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mosic.sa.com
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 7035950
cache-control: public, max-age=31536000
content-md5: upI7aPOzsdXSeL+Vv8o5ww==
content-type: application/x-javascript
date: Tue, 30 May 2023 13:34:45 GMT
etag: 0x8DA2286D5C4F576
last-modified: Wed, 20 Apr 2022 04:32:53 GMT
server: ECAcc (ska/F7AA)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 7d977cfa-c01e-002d-07fd-52925a000000
x-ms-version: 2009-09-19
content-length: 44785
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
152.199.23.37 40 kB URL aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 75cf78d0e38c65a538ad253ca9e48dbe
bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mosic.sa.com
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 26644477
cache-control: public, max-age=31536000
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
content-type: application/x-javascript
date: Tue, 30 May 2023 13:34:45 GMT
etag: 0x8D8DA1D9D23143A
last-modified: Fri, 26 Feb 2021 06:13:19 GMT
server: ECAcc (ska/F6C8)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 96e65c3e-001e-0081-27a6-a0d8cd000000
x-ms-version: 2009-09-19
content-length: 40454
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
152.199.23.37 987 B URL aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
IP 152.199.23.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3\012- data
Hash e58aafc980614a9cd7796bea7b5ea8f0
d4cac92dcde0caf7c571e6d791101da94fdbd2ca
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
GET /shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 25859714
cache-control: public, max-age=31536000
content-md5: 5YqvyYBhSpzXeWvqe16o8A==
content-type: image/jpeg
date: Tue, 30 May 2023 13:34:45 GMT
etag: 0x8D7B007295267C8
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F6CE)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 39300d17-001e-0069-61ca-a78554000000
x-ms-version: 2009-09-19
content-length: 987
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
152.199.23.37 18 kB URL aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
IP 152.199.23.37:0
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Hash 7916a894ebde7d29c2cc29b267f1299f
78345ca08f9e2c3c2cc9b318950791b349211296
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
GET /shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 29590248
cache-control: public, max-age=31536000
content-md5: eRaolOvefSnCzCmyZ/Epnw==
content-type: image/jpeg
date: Tue, 30 May 2023 13:34:45 GMT
etag: 0x8D7B007294E20F8
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F7A6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 68c81a87-901e-0041-4edc-85dc2a000000
x-ms-version: 2009-09-19
content-length: 17453
X-Firefox-Spdy: h2
outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f
52.98.151.82 264 B URL outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f
IP 52.98.151.82:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd770341d5ee6d1cb2163ba074031c7a
fc1a5b335b39e8a7205406e1f94395e514921053
42866580ab897f377f4c6b48e99fcc9a4d09e3206339de9f879c7d4e15fff328
GET /owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=21ff726d-b079-425d-ad71-dc21ccc6386f&pngSites=none
Server: Microsoft-IIS/10.0
request-id: df4184d6-a68b-c6e2-2ad0-7b7dd81fec79
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: UserContext=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
DefaultAnchorMailbox=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
O365Consumer=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
HostSwitchPrg=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
SdfV2LDomain=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
OptInPrg=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
LI=; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
UserContext=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
SuiteServiceProxyKey=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
DefaultAnchorMailbox=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
O365Consumer=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
HostSwitchPrg=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
SdfV2LDomain=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
OptInPrg=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
LI=; domain=outlook.office365.com; expires=Sun, 30-May-1993 13:34:46 GMT; path=/; secure
RPSAuth=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None
RPSSecAuth=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
RPSClearCT=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
X-FirstHopCafeEFZ: GVX
X-FEProxyInfo: GV3P280CA0059.SWEP280.PROD.OUTLOOK.COM
X-FEEFZInfo: GVX
X-Powered-By: ASP.NET
Date: Tue, 30 May 2023 13:34:45 GMT
Content-Length: 264
aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
152.199.23.37 17 kB URL aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 152.199.23.37:0
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mosic.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 31489178
cache-control: public, max-age=31536000
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Tue, 30 May 2023 13:34:46 GMT
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ska/F738)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 99c0ded5-501e-0046-2297-74c4e6000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
res-1.cdn.office.net/shellux/suiteux.shell.msaltokenfactoryiframe.46c7c961ee4d424936d8.js
23.36.79.11 82 kB URL res-1.cdn.office.net/shellux/suiteux.shell.msaltokenfactoryiframe.46c7c961ee4d424936d8.js
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (28015)
Hash f7a2600b8ba4edba8038468f5a2ae15f
ad52eb2f8bddf7f27ab256ebda4175c12773507d
af94583adcbe8c39717c70eabfb0a098635151ed3c66975c0190f5be89677e85
GET /shellux/suiteux.shell.msaltokenfactoryiframe.46c7c961ee4d424936d8.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webshell.suite.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 82321
last-modified: Tue, 04 Apr 2023 05:51:15 GMT
x-ms-request-id: 2a5f8c2a-d01e-0030-78b3-7c4158000000
content-encoding: br
cache-control: max-age=630720000
date: Tue, 30 May 2023 13:34:46 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.074f2417.1685453686.c4d0891b"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
picsum.photos/300/150/?image=909
104.26.5.30302 Found 0 B URL GET HTTP/2 picsum.photos/300/150/?image=909
IP 104.26.5.30:443
Requested by https://modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/#tmaynard@gssmail.com
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintAA:6F:22:80:82:73:99:31:9B:D6:A6:DA:14:CA:5A:36:EB:D5:47:73
ValiditySat, 22 Apr 2023 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /300/150/?image=909 HTTP/1.1
Host: picsum.photos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://modsonic.sa.com
DNT: 1
Connection: keep-alive
Referer: https://modsonic.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 30 May 2023 13:34:47 GMT
content-length: 0
location: https://fastly.picsum.photos/id/909/300/150.jpg?hmac=GZp9wkOVjmmrJbdS2NTSUXVHSgkSqK5_Y2HwQPn5sa8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th87XmPc%2FNZmRCtJ7ld%2FagQjV%2BUbJIy%2F50GX7nZut%2FAg%2Bv8JQ34k%2FGUlUnWqPPKOUrUCGFINLLFVgM1mbU3SzIZ7XHXLE%2BsnC2TCqLXP%2BnEFl7ifFF09lcz%2BqBDkv0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7cf75b4afca5b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.microsoft365.com/logout?sid=21ff726d-b079-425d-ad71-dc21ccc6386f&from=logout
13.107.6.156 13 kB URL www.microsoft365.com/logout?sid=21ff726d-b079-425d-ad71-dc21ccc6386f&from=logout
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, max speed, from TOPS/20\012- data
Hash d044d3763a7a74a5bb6594f7645e4e60
f6fa941c36be279a0409083102fe6d49aad3480c
a3522c0e93890b149327f67fa26ef43180cfb581f09c3173607efdf93aae358a
GET /logout?sid=21ff726d-b079-425d-ad71-dc21ccc6386f&from=logout HTTP/1.1
Host: www.microsoft365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.office.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: OH.SID=15fc40c3-8fd9-4559-960a-686bce87812e; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-sec; expires=Tue, 30 May 2023 21:34:46 GMT; path=/; secure; samesite=none; httponly
OH.FLID=d9bffffa-bea1-4f00-a4e7-abaf6026e857; expires=Thu, 30 May 2024 13:34:46 GMT; path=/; secure; samesite=none; httponly
UserIndex=; expires=Mon, 29 May 2023 13:34:46 GMT; path=/; secure; samesite=none; httponly
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 96ECE1E1D1A04780AD5D1CE1EB6B55C0 Ref B: SVG20EDGE0107 Ref C: 2023-05-30T13:34:46Z
date: Tue, 30 May 2023 13:34:46 GMT
X-Firefox-Spdy: h2
cstaticdun.126.net//2.6.3/images/icon_light.f13cff3.png
47.246.44.229200 OK 11 kB URL GET HTTP/1.1 cstaticdun.126.net//2.6.3/images/icon_light.f13cff3.png
IP 47.246.44.229:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/#tmaynard@gssmail.com
Certificate IssuerTrustAsia Technologies, Inc.
Subject*.126.net
Fingerprint90:3C:B2:B5:8E:07:82:A6:E7:A9:C9:9C:43:C1:CF:3A:52:FE:35:82
ValidityMon, 28 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type PNG image data, 34 x 471, 8-bit/color RGBA, non-interlaced\012- data
Hash f13cff3dd9bac6c8f319faa857d28acc
a16e45e96b8186e595c6e8806f42ba6ee744193e
5dc5e0940d0c1e5a92461ca192fd6993bb7d492a04e125d36c7e793c20d1e401
GET //2.6.3/images/icon_light.f13cff3.png HTTP/1.1
Host: cstaticdun.126.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://modsonic.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 11413
Connection: keep-alive
Date: Tue, 30 May 2023 13:34:45 GMT
Timing-Allow-Origin: *, *
Accept-Ranges: bytes
Cache-Control: max-age=43200
Expires: Tue, 14 Feb 2023 17:43:45 GMT
Last-Modified: Mon, 07 Nov 2022 05:53:30 GMT
Ali-Swift-Global-Savetime: 1685453685
Via: cache53.l2nu20-8[0,0,304-0,H], cache52.l2nu20-8[1,0], cache20.l2hk2[29,29,304-0,H], cache22.l2hk2[31,0], cache11.l2de2[218,217,304-0,H], cache21.l2de2[219,0], cache1.se1[0,0,200-0,H], cache4.se1[1,0]
Age: 2
X-Cache: HIT TCP_MEM_HIT dirn:4:424956653
X-Swift-SaveTime: Tue, 30 May 2023 13:34:46 GMT
X-Swift-CacheTime: 59
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Access-Control-Expose-Headers: *
Access-Control-Allow-Origin: *
EagleId: 2ff62c9816854536877967193e
modsonic.sa.com/favicon.ico
104.21.77.22404 Not Found 315 B URL GET HTTP/3 modsonic.sa.com/favicon.ico
IP 104.21.77.22:443
Requested by https://modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/#tmaynard@gssmail.com
Certificate IssuerGoogle Trust Services LLC
Subjectmodsonic.sa.com
FingerprintEA:58:15:51:06:BD:A0:AC:38:5F:2C:F6:0B:E4:C1:6D:F4:A0:D3:0F
ValidityMon, 24 Apr 2023 04:19:18 GMT - Sun, 23 Jul 2023 04:19:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Hash 97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer Verdict Alert openphish Office365
GET /favicon.ico HTTP/1.1
Host: modsonic.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 30 May 2023 13:34:47 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RXvsUMrKsIMHCSTy8hRF4wtHyteMIR3r1h1BRismkScQhOgzJmMiBasLZDvnuELpv0idwQBxobuz9B02%2FajuM%2BOP40NgU8%2FLx9YruJ6MZxYv6MqwCOpULH5TCVIR8%2Bcp9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf75b4d3a01b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fastly.picsum.photos/id/909/300/150.jpg?hmac=GZp9wkOVjmmrJbdS2NTSUXVHSgkSqK5_Y2HwQPn5sa8
151.101.1.91200 OK 7.8 kB URL GET HTTP/2 fastly.picsum.photos/id/909/300/150.jpg?hmac=GZp9wkOVjmmrJbdS2NTSUXVHSgkSqK5_Y2HwQPn5sa8
IP 151.101.1.91:443
Requested by https://modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/#tmaynard@gssmail.com
Certificate IssuerLet's Encrypt
Subjectfastly.picsum.photos
Fingerprint87:88:D1:84:75:DD:E1:6F:38:C7:EA:DC:13:7A:D6:DB:1C:57:A2:ED
ValidityThu, 25 May 2023 22:12:22 GMT - Wed, 23 Aug 2023 22:12:21 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 300x150, components 3\012- data
Hash ac4c0ffa23d5fb60c2179b200a3dba6f
86d0ddbc413004dd526f97d60abf8bb21b91f3cd
ffbf59d3421619882564332de818c78c257289c2383a22cda51f069cd5b243ba
GET /id/909/300/150.jpg?hmac=GZp9wkOVjmmrJbdS2NTSUXVHSgkSqK5_Y2HwQPn5sa8 HTTP/1.1
Host: fastly.picsum.photos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://modsonic.sa.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Picsum-Id
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition: inline; filename="909-300x150.jpg"
picsum-id: 909
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 30 May 2023 13:34:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685453688.650150,VS0,VE56
vary: Origin
content-length: 7847
X-Firefox-Spdy: h2
modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/
104.21.77.22200 OK 11 kB URL User Request GET HTTP/2 modsonic.sa.com/auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/
IP 104.21.77.22:443
Certificate IssuerGoogle Trust Services LLC
Subjectmodsonic.sa.com
FingerprintEA:58:15:51:06:BD:A0:AC:38:5F:2C:F6:0B:E4:C1:6D:F4:A0:D3:0F
ValidityMon, 24 Apr 2023 04:19:18 GMT - Sun, 23 Jul 2023 04:19:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (11099)
Hash 33c121b459ea47b32e9ff1ba9d940ff0
6416b33bdd72e6d511f1268f58856fdde916288a
68ad7a4dabbf28ce50ef07c1167543c97ab0d0e6e7445df7748ee93e76a67c52
Analyzer Verdict Alert openphish Office365
GET /auth/c1ebe0746f5c636f01cb954c5f0c4b684821ae3ba8e679c9e7728c86aa69b0b0eed472c96393f62a0c431339782e0ac4d40f4a8cad32476fff07a90a24abc253eae29ade09a4a164d68248967df03bc0b5257f664b57a390cc3682f8eca1aefd040988f60d0b6f829267aae6229c4d/ HTTP/1.1
Host: modsonic.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 13:34:47 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6DyjtLZUIp3O6fnxAXcLgoK0mzTjzJaOK7ZkuBM6gTv7h7cCb0SQWgAsDQLcusj9OVfs1aCY0KcnB%2FwlJudLMwJ0CKsETP6Ccc%2BqwO5ZPzTVO%2BY7aJINR2IB8muMW2Ih%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf75b491d581bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2