necessarysynonym.z13.web.core.windows.net/
20.150.90.65200 OK 23 kB URL User Request GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (9315), with CRLF line terminators
Hash 66fabbab473075da1baf7ebbedfe7937
3ebcfa5f3233bd43c6767f70820403f1312ef653
5a934655d4e69455e571701a9ebb03f62e1fda45233a5bd63a04e24bb3afe5a0
Analyzer Verdict Alert urlquery phishing Phishing - Generic phishing
openphish Bell Canada
GET / HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 22930
Content-Type: text/html
Content-MD5: Zvq7q0cwddobr3677f55Nw==
Last-Modified: Fri, 17 Mar 2023 16:28:29 GMT
Accept-Ranges: bytes
ETag: "0x8DB2704A491D9D3"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fdd74160-301e-000b-05ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:23 GMT
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.24.14200 OK 6.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP 104.17.24.14:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (19015)
Hash 70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 13:07:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3350340
expires: Sat, 25 May 2024 13:07:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1O3LB9F2NTJSEsj00hABbsgHXekTA5Ds3Wm52OQ34JKRk5YjKOq9z4cX3reIOLa5%2FhjttCr5SIRwBYZ%2FfFs1vNjDRt5bgtMGjaRCCzre3bFpw%2FAf2WI2IFBL6QnRJXodv6BQo9m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d28a36ffe1db524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.slim.min.js
69.16.175.42200 OK 24 kB URL GET HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js
IP 69.16.175.42:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32012)
Hash 5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 13:07:24 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685970444.dop208.sk1.t,1685970444.cds002.sk1.hn,1685970444.cds235.sk1.c
X-Firefox-Spdy: h2
necessarysynonym.z13.web.core.windows.net/static/bell_common.js?seed=AMDznOqGAQAACn9-0BiWwerLgcjacqW3CGvfkVAEWsPi7ZGi6nfS1KjIDt3P&lPVnX2sAmT--z=q
20.150.90.65404 The requested content does not exist. 321 B URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/static/bell_common.js?seed=AMDznOqGAQAACn9-0BiWwerLgcjacqW3CGvfkVAEWsPi7ZGi6nfS1KjIDt3P&lPVnX2sAmT--z=q
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Hash 1fa6c4d0af25cbac930d77a2e9a77c7f
5613cf50221bf9e4d9b15587afe38bd85d7ebb4f
6f967a96ad29233fe94210a28d79d86c594e2215a674d9dfe35ab8c44831fd65
Analyzer Verdict Alert openphish Bell Canada
GET /static/bell_common.js?seed=AMDznOqGAQAACn9-0BiWwerLgcjacqW3CGvfkVAEWsPi7ZGi6nfS1KjIDt3P&lPVnX2sAmT--z=q HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: fdd7433e-301e-000b-34ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:23 GMT
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4213a8781121945333307a54d318355d
131499425454e1b0d402cb56534a5425feb8b9aa
6d874c13595072502141c93df344de38934313ac583be6569e370aa5a549a5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
142.250.74.132200 OK 580 B URL GET HTTP/2 www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
IP 142.250.74.132:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type ASCII text, with very long lines (909), with no line terminators
Hash ee67586e6e3cc98f18400d50cfdc7363
c4b4daaeb376bc86eccd1b80277f446ac6955601
9fa5995780938aabbcef6cedccdfaa126fbe68eda0859281386dc2879b0dd2d6
GET /recaptcha/api.js?onload=onloadcallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Mon, 05 Jun 2023 13:07:24 GMT
date: Mon, 05 Jun 2023 13:07:24 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
216.58.207.234200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 216.58.207.234:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:16:38 GMT
expires: Thu, 30 May 2024 00:16:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 478246
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
necessarysynonym.z13.web.core.windows.net/ux/localization.js?v=3.1.3.28.1-8
20.150.90.65404 The requested content does not exist. 321 B URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/ux/localization.js?v=3.1.3.28.1-8
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Hash 0909fe43cc7c791d593ffae5870d0d2a
d3f242901ccb7ebafd50b4bc70af7f1b5c3c6c4f
6ad32ab6de047fa25bb63ae30e817ce3b8ba3778feb5e3925e54b6231e167043
Analyzer Verdict Alert openphish Bell Canada
GET /ux/localization.js?v=3.1.3.28.1-8 HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 1215da11-501e-00a4-45ae-97db09000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:24 GMT
necessarysynonym.z13.web.core.windows.net/ux/ux.js?v=3.1.3.28.1-8
20.150.90.65404 The requested content does not exist. 321 B URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/ux/ux.js?v=3.1.3.28.1-8
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Hash c2828bc65a9aead445df12f3759d4dee
011ce4c66cbc178621aa3eecac9b201a4d831b49
8f2f8b3b1d97d6a86dc4a498db5e5c08652e2d4842d060650ce695536a47b65f
GET /ux/ux.js?v=3.1.3.28.1-8 HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: fdd7437c-301e-000b-71ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:24 GMT
ocsp.entrust.net/
104.110.10.32 1.6 kB IP 104.110.10.32:0
Hash a6ca1d5fd689587a93ba608ca0a52c63
a3e9c644f943db9182efceced70678ef9aab09f9
ee6ec270449b19c91ef779c2daa9615d6c89ac645acd9f31550a0409e43b9b75
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "EE6EC270449B19C91EF779C2DAA9615D6C89AC645ACD9F31550A0409E43B9B75"
Last-Modified: Mon, 05 Jun 2023 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3560
Expires: Mon, 05 Jun 2023 14:06:45 GMT
Date: Mon, 05 Jun 2023 13:07:25 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32 1.6 kB IP 104.110.10.32:0
Hash a6ca1d5fd689587a93ba608ca0a52c63
a3e9c644f943db9182efceced70678ef9aab09f9
ee6ec270449b19c91ef779c2daa9615d6c89ac645acd9f31550a0409e43b9b75
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "EE6EC270449B19C91EF779C2DAA9615D6C89AC645ACD9F31550A0409E43B9B75"
Last-Modified: Mon, 05 Jun 2023 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 05 Jun 2023 14:07:25 GMT
Date: Mon, 05 Jun 2023 13:07:25 GMT
Connection: keep-alive
necessarysynonym.z13.web.core.windows.net/ux/UXConfig.js?v=3.1.3.28.1-8
20.150.90.65404 The requested content does not exist. 321 B URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/ux/UXConfig.js?v=3.1.3.28.1-8
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Hash 8ecf6306895a2af68255cd066854516f
0e43157157b58a928f311f088982e079a4a7e616
390e66255c17116a005422226f4421f1bbacff3fce5f108e1dc147ae3e6719f6
GET /ux/UXConfig.js?v=3.1.3.28.1-8 HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 972e7074-601e-0016-40ae-972478000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:24 GMT
ocsp.entrust.net/
104.110.10.32 1.6 kB IP 104.110.10.32:0
Hash a6ca1d5fd689587a93ba608ca0a52c63
a3e9c644f943db9182efceced70678ef9aab09f9
ee6ec270449b19c91ef779c2daa9615d6c89ac645acd9f31550a0409e43b9b75
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "EE6EC270449B19C91EF779C2DAA9615D6C89AC645ACD9F31550A0409E43B9B75"
Last-Modified: Mon, 05 Jun 2023 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 05 Jun 2023 14:07:25 GMT
Date: Mon, 05 Jun 2023 13:07:25 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32 1.6 kB IP 104.110.10.32:0
Hash a6ca1d5fd689587a93ba608ca0a52c63
a3e9c644f943db9182efceced70678ef9aab09f9
ee6ec270449b19c91ef779c2daa9615d6c89ac645acd9f31550a0409e43b9b75
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "EE6EC270449B19C91EF779C2DAA9615D6C89AC645ACD9F31550A0409E43B9B75"
Last-Modified: Mon, 05 Jun 2023 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3504
Expires: Mon, 05 Jun 2023 14:05:49 GMT
Date: Mon, 05 Jun 2023 13:07:25 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32 1.6 kB IP 104.110.10.32:0
Hash a6ca1d5fd689587a93ba608ca0a52c63
a3e9c644f943db9182efceced70678ef9aab09f9
ee6ec270449b19c91ef779c2daa9615d6c89ac645acd9f31550a0409e43b9b75
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "EE6EC270449B19C91EF779C2DAA9615D6C89AC645ACD9F31550A0409E43B9B75"
Last-Modified: Mon, 05 Jun 2023 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3555
Expires: Mon, 05 Jun 2023 14:06:40 GMT
Date: Mon, 05 Jun 2023 13:07:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash df2c4343cb60d7b80a236621d9420bcf
d3469e9e2c43c94b12975da73fdfd44d75b53505
34dd045a98470df1fd958512c63d10a8d346b3201c8fad27b3dc391e30e93943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmail.bell.net/bell/login/css/bell_prime_mod.css
209.71.212.18200 12 kB URL GET HTTP/1.1 webmail.bell.net/bell/login/css/bell_prime_mod.css
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with CRLF line terminators
Hash 858d8fc28e05148b1af4bcd6a011409e
af9389b926e99dc52bff5aa64b23e4f82fa710b8
f7ed0fe3268f25fa30c600f83207f34963b4cecea90170f3f48c070662626839
GET /bell/login/css/bell_prime_mod.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"11957-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 11957
Date: Mon, 05 Jun 2023 13:07:24 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!aAovGYdgaDpO86VEUwqVUcceXQbKqcYDh0AWnHdffcZGTLIeNjd80QAVWX4YTH2kLnK7tpzqnFRUBXSZD51AefWJbSw0zzd7q/1vap2YofMLEA==; expires=Mon, 12-Jun-2023 13:07:25 GMT; path=/; Httponly; Secure
Cache-Control: no-store
necessarysynonym.z13.web.core.windows.net/ux/localization.js?v=3.1.3.28.1-8
20.150.90.65404 The requested content does not exist. 321 B URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/ux/localization.js?v=3.1.3.28.1-8
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Hash e8964d01aab930e1eab69741986f4554
b7d7acd10f4e0ac1d67e54f269b8aedd1598b76f
e51c5698dc970439e6f93cd80045d30dbc0412cf303dcd7d828c52dea2877888
Analyzer Verdict Alert openphish Bell Canada
GET /ux/localization.js?v=3.1.3.28.1-8 HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: fdd74487-301e-000b-49ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:24 GMT
webmail.bell.net/bell/login/css/login.css
209.71.212.18200 2.3 kB URL GET HTTP/1.1 webmail.bell.net/bell/login/css/login.css
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (305), with CRLF line terminators
Hash b2a72fe3696b22d1d024aca6a8c48036
d6c9d63f57589ef3a1b2d6974882abefab534996
e5cfaa79c2e7ceebd28f0743bee907a9659aa64257c61d3276002099ff87d0c4
GET /bell/login/css/login.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"2288-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 2288
Date: Mon, 05 Jun 2023 13:07:24 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!JsZyiMCkTE7UumeKjod15JPsKvsaUm8NMlv+cSQXeUjlkL9l/RjitYrTakhxFlsf/v+iqIaeG1twJzZ2p+T/R2RSFxanN3EKV4cIGE2FoTyd8g==; expires=Mon, 12-Jun-2023 13:07:25 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/login/js/jquery-3.5.1.min.js
209.71.212.18200 90 kB URL GET HTTP/1.1 webmail.bell.net/bell/login/js/jquery-3.5.1.min.js
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash b61aa6e2d68d21b3546b5b418bf0e9c3
9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
GET /bell/login/js/jquery-3.5.1.min.js HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"89478-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 89478
Date: Mon, 05 Jun 2023 13:07:24 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!Bts59SLKj3y2bOKKjod15JPsKvsaUpl6JecemQr8zsyTCx08qKxq1B1qpC+upyXy839xyj+uOiAG6qmN1Ug3IsSuq8BFnGd6qHg33tQYR1y5tA==; expires=Mon, 12-Jun-2023 13:07:25 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/login/css/flush.css
209.71.212.18200 84 kB URL GET HTTP/1.1 webmail.bell.net/bell/login/css/flush.css
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (65348), with CRLF line terminators
Hash 425b6e1032251ddb65c460512364ebc5
b039d06c59bf683a63d256898c30a2c84decd1f1
752a2fd980c99dcabae0aa552cd99fe9794cdf49febea1ee1c90319990b6566c
GET /bell/login/css/flush.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"83485-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 83485
Date: Mon, 05 Jun 2023 13:07:25 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!o2QrgWFyyMtG1cBEUwqVUcceXQbKqRWwer8yNwG8TfgPpKWz5ZT5JONxQtvYKUnI4ngK4zU8eUEdu62mFB7JogpYUEhzkh3s4+qpRHP3vVJFag==; expires=Mon, 12-Jun-2023 13:07:25 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/bell.connector-rui.css
209.71.212.18200 96 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/bell.connector-rui.css
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type assembler source, ASCII text, with very long lines (379), with CRLF line terminators
Hash d7cf083ecd7bdc3e5814a5c8ea510d9f
0c2be17d3281569c1ea7a2291c41f3c69dbe4f01
219d913d55643e64cc00af92f3edfa4a125603cfcf5ebaa68f601c9fdea0d190
GET /bell/header/css/bell.connector-rui.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"96334-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 96334
Date: Mon, 05 Jun 2023 13:07:24 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!LRwoASJ8xbJbR5qKjod15JPsKvsaUsSrxtAdVSZz/Grr3HyxJ4XZgqcjdij5I8A8VuQCJiWbRaKD+7dqA6gNKnUbNhIwMDv61a94eR2VCOAdHA==; expires=Mon, 12-Jun-2023 13:07:25 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/ux/ux.css?v=3.1.3.28.1-8
209.71.212.18200 1.8 MB URL GET HTTP/1.1 webmail.bell.net/bell/ux/ux.css?v=3.1.3.28.1-8
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type Unicode text, UTF-8 text, with very long lines (1519)
Size 1.8 MB (1849088 bytes)
Hash f779ea15bd3f9c6856eed9a7b5cef5c9
eae7f309e932ba0618627e3d77d8ecb953a9108b
5a2b976e853b3b0b1f2e8da24b41a5abdf23a8ef2ac6bbfb93beb4195c7b7c0f
GET /bell/ux/ux.css?v=3.1.3.28.1-8 HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"1849088-1682648946000"
Last-Modified: Fri, 28 Apr 2023 02:29:06 GMT
Content-Type: text/css
Content-Length: 1849088
Date: Mon, 05 Jun 2023 13:07:24 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!VbrAHoEkjnr9LhiKjod15JPsKvsaUhwqdNBcY2GwrrKwDER3Mon1hBXOxR0LpBZ9zhx86+5rEe0+OQR4VCV1+3LXUISsXdb7yPXTeSEL/zVtiQ==; expires=Mon, 12-Jun-2023 13:07:25 GMT; path=/; Httponly; Secure
Cache-Control: no-store
necessarysynonym.z13.web.core.windows.net/ux/ux.js?v=3.1.3.28.1-8
20.150.90.65404 The requested content does not exist. 321 B URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/ux/ux.js?v=3.1.3.28.1-8
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Hash 066f1053310af5bb2e15e03f9e2101ce
83696a1486fe9a0c6bbf6ac0129faf15d663c457
49bfe2ab3b4c372500af8c83b0aa6590cc9aff250b6190cf3766e41903b4b1cf
GET /ux/ux.js?v=3.1.3.28.1-8 HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: fdd749ad-301e-000b-31ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:26 GMT
webmail.bell.net/bell/login/img/bg_transparent.gif
209.71.212.18200 43 B URL GET HTTP/1.1 webmail.bell.net/bell/login/img/bg_transparent.gif
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /bell/login/img/bg_transparent.gif HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/login/css/bell_prime_mod.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"43-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: image/gif
Content-Length: 43
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!Q9j9vKkFpwHXFs2Kjod15JPsKvsaUjcyiTrsUpFXOEhmgvvtnbRKbmufy6WgPJDv4aU7DU1P2L+c0lQTgWDQnojT6XB1iqE78Qg97BHCfiRewQ==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/login/img/bg_gradRibbon.gif
209.71.212.18200 227 B URL GET HTTP/1.1 webmail.bell.net/bell/login/img/bg_gradRibbon.gif
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type GIF image data, version 89a, 1 x 800\012- data
Hash c8caa40d55e69e4109c79e2110ee7fe0
9333a2d29161f6ac95a0dea68bbbd9adcdd968cb
c3f6f8335d41e6979a914f3a6196026970ff53cbc6232b243abb017cd3d0e592
GET /bell/login/img/bg_gradRibbon.gif HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/login/css/bell_prime_mod.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"227-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: image/gif
Content-Length: 227
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!Fq4aEkScn9P6Ai+Kjod15JPsKvsaUlkf8h20mZwyJ/HYXITuaSmDnwGx2xNs6TALm83zl60zvujVfVXT46wVlAxvo0Vrc5E+n65QO2Lq52aPzw==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
fonts.googleapis.com/css?family=NTR&display=swap
142.250.74.106200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=NTR&display=swap
IP 142.250.74.106:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type gzip compressed data, max compression\012- data
Hash 21659508702ac9255fde46e85fde3a4f
37b882cc9239a72dbf7e05ccbf64b868676f7b6c
508030ebb2475de2ff3d055d3e7ddb02a8e85c89b661bd8d8b76ff413ddd4ec0
GET /css?family=NTR&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Jun 2023 13:07:26 GMT
date: Mon, 05 Jun 2023 13:07:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
webmail.bell.net/bell/login/img/bg_mainExtra.gif
209.71.212.18200 493 B URL GET HTTP/1.1 webmail.bell.net/bell/login/img/bg_mainExtra.gif
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type GIF image data, version 89a, 975 x 13\012- data
Hash bb78fc14f637ca27ac6cb6d6671ea294
a6b72cd3feca0cefbde05f9161a1f533bad2895e
b42ec6173d78f4ed24a22cce44c8321afeebefec5fbe97e49deec25cce73bf98
GET /bell/login/img/bg_mainExtra.gif HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/login/css/bell_prime_mod.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"493-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: image/gif
Content-Length: 493
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!WWMQLMuyRKXSZJdEUwqVUcceXQbKqdMTBwCEaq3qfNSaZkeClaBqAzUi2mRLXmIdKthnVHl99MiNp9fFSOgy8QQs/6EznwwuK6JUwaE0fLb9xw==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
142.250.74.132200 OK 1.2 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
IP 142.250.74.132:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5af046c7370e81f23c0bbf6f2abaf795
a9f8bf74441075c276d08ac1d63b847e71c80238
ab889f2674e9f5272dc3f01092b8965d3aee6e42c8997d5ba9bb84b9622d76e4
GET /recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 13:07:27 GMT
content-security-policy: script-src 'nonce-jiWfxDqbqzNUhu8cemFF6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1154
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 74f920b2d198dc352519f4082ecc0837
36a173239a76f25567778cafcf60bce9a0a67d87
b0ffb1f4c9c0fe3878c75531f2b4e2fc0f2c3f8e26b35f04880625120c3dae8d
GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 13:07:27 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e8ab1f79b23175025c32db6ca6eea154
5b2f8e04a1c72d594952fb2706066423d0d74067
9f5e5cc07b100daf42cc9f9eece5953fe2aa7cfcaa0ddee7fe039ac4c421a548
GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 13:07:27 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 13:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ebiller.z13.web.core.windows.net/
52.239.170.33200 OK 7.4 kB URL GET HTTP/1.1 ebiller.z13.web.core.windows.net/
IP 52.239.170.33:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint13:61:0C:95:DD:B7:35:22:1D:4E:FB:4E:F8:38:3C:4D:F8:09:40:7B
ValidityWed, 22 Mar 2023 00:18:32 GMT - Fri, 22 Mar 2024 00:18:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3546), with CRLF line terminators
Hash 34af9e91706380f1ac3de96af17384b8
5662106a716fef9771fa8b5cccbc62e699b97461
f20f1deea159d245f00bcc89df9ca7290a92465a044728c0f21f6ebf8e38cba6
GET / HTTP/1.1
Host: ebiller.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 7395
Content-Type: text/html
Content-MD5: NK+ekXBjgPGsPelq8XOEuA==
Last-Modified: Thu, 16 Mar 2023 16:13:22 GMT
Accept-Ranges: bytes
ETag: "0x8DB26395D4AA64C"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b6ad95b6-501e-0092-24ae-975bb9000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:26 GMT
webmail.bell.net/bell/header/css/header.css
209.71.212.18200 5.8 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/header.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with CRLF line terminators
Hash 77fc8ab4fb59d1143bddce1252c83794
e0fb745274ca9a83bd5d64d7cfc20dc8e240c056
14e72a142eec1c65433ecb350e38c51798b6e01a37f237c023e5e5bff168f0c1
GET /bell/header/css/header.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebiller.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"5781-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 5781
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!J4t2lT/gLZ6mVsSKjod15JPsKvsaUolQfpidEtDwrK1/4iEztH0x9gpBuq1D+5nRbB74lwr/2N1EBDtnE0qrUsyU6SRtzEsTtjcJCs3ctDJdEw==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/js/header.js
209.71.212.18200 8.5 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/js/header.js
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with CRLF line terminators
Hash 1201ba2ad5dce59bcf0592bbd7fa5c7f
de68c17b134a7eca60000ca59ec2a7ed71e72e8d
9a7b9f391ddbe87d136b1a154567eb12a23c801ec87899d9c48408104cbfb85b
GET /bell/header/js/header.js HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebiller.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"8489-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 8489
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!xehqw55iyM1HnFyKjod15JPsKvsaUrEMgfLCU4vlNH7nIZ16lENJ+Y7BUelRInLIGssAmOjz50rP2CqDZ4WeV0ruxk+DdgWKkt8PpxiHiwKFBw==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (749)
Size 166 kB (166186 bytes)
Hash ee07ba65373413be83ec0d45887c2a44
13646acedb5d781fed2599c46634b4e58b8217db
d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048
GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 13:34:38 GMT
expires: Fri, 31 May 2024 13:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 343969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
webmail.bell.net/bell/header/css/bell.myBell.core.css
209.71.212.18200 32 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/bell.myBell.core.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (482), with CRLF line terminators
Hash ab346f9b0aa4486e099268f98aac64ee
0e193cba17e823936a39053c7295533599a65af7
d3e85b8c519c92d5c82e4e1b89a0e3464c9d5b2d4a82695d8cd8827329d921a1
GET /bell/header/css/bell.myBell.core.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebiller.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"31939-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 31939
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!Bgtd4pEYTzZRSNJEUwqVUcceXQbKqZb39SCxrK00wLBID22aHocJiTPil3Xxpqd9wTQH74LVIsJRzr/VZedK4VSwa4K7TTuM8hSGmGfp8eZfKQ==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e8ab1f79b23175025c32db6ca6eea154
5b2f8e04a1c72d594952fb2706066423d0d74067
9f5e5cc07b100daf42cc9f9eece5953fe2aa7cfcaa0ddee7fe039ac4c421a548
GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 13:07:27 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
necessarysynonym.z13.web.core.windows.net/
20.150.90.65200 OK 23 kB URL User Request GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (9315), with CRLF line terminators
Hash 66fabbab473075da1baf7ebbedfe7937
3ebcfa5f3233bd43c6767f70820403f1312ef653
5a934655d4e69455e571701a9ebb03f62e1fda45233a5bd63a04e24bb3afe5a0
Analyzer Verdict Alert urlquery phishing Phishing - Generic phishing
openphish Bell Canada
GET / HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 22930
Content-Type: text/html
Content-MD5: Zvq7q0cwddobr3677f55Nw==
Last-Modified: Fri, 17 Mar 2023 16:28:29 GMT
Accept-Ranges: bytes
ETag: "0x8DB2704A491D9D3"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fdd74b77-301e-000b-53ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:26 GMT
webmail.bell.net/bell/header/img/favicon.ico
209.71.212.18200 5.4 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/img/favicon.ico
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 71e639807dd6f7bd6d9382624b837574
2a6afcb240f07f37794e1d9c34dbe5d673c738b4
5c82b38e75516678c187c1cb7003482cffd310bf384207ea539ced9af87d6d92
GET /bell/header/img/favicon.ico HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"5430-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: image/x-icon
Content-Length: 5430
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!WikDSmkzclIlmRmKjod15JPsKvsaUgHmDXpW3RqJ9E0kOKfyT+mEtGXVjjhtPPbJI6wzY8/dZj+ml0MmDc2nqKQVZJBrFE5prj5uV7Uh7XXFYA==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/flush.css
209.71.212.18200 83 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/flush.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (65348), with CRLF line terminators
Hash 0f60835165193685b3f67824b0ddbfc3
f74bc0e2d6d4cd24d45ae34b9c3e8f402c160164
7e5465fea0c74f1a06e035893dfd0fe6c16a0c734c764f775e669682ae4fca4a
GET /bell/header/css/flush.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebiller.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"83220-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 83220
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!5kje3OWab1OaB4SKjod15JPsKvsaUtpbLqkEIEgGVLXAEQxd2lwSFuLwzNYtxSBXpSQpFxx8w/48AUL/He9eF3a/hyUSuHbS3uktcWqQ1Tu7tw==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/bell_prime.css
209.71.212.18200 74 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/bell_prime.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (426), with CRLF line terminators
Hash 33c8a043c81f25d4266725e03d30edb6
a0c3c1442f617e4944b49c4e1b962316b86d8581
e37b11690600f7bcba340bdda3e347656b4a52ef532392ff076b26a7e785e1a2
GET /bell/header/css/bell_prime.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/header/css/bell.myBell.core.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"73599-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 73599
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!XzEpqMpX1w2LtRyKjod15JPsKvsaUoq5dCj9FkILIuboFd9oZnEGf//6vxConvU0agZP5eZzXSNK4EhIxLbVeo2T2GTWL02i1cpHjmbFYv+QZw==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/jquery-ui.custom.css
209.71.212.18200 15 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/jquery-ui.custom.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (1398), with CRLF line terminators
Hash 086f28b5548ea46cb27b98a5444d4681
1267603b3aae6ac49c50c0e9a60d550cf5042b09
9f0e9989236ae195a552662370ecde07998665e8e8a8c89c9e9995a3f64f2b9f
GET /bell/header/css/jquery-ui.custom.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/header/css/bell.myBell.core.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"14804-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 14804
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!EBz1HIPj7RyoS0uKjod15JPsKvsaUtpVg5a7t0Qi6mtV9/CZPZJIY6c9RwTFhJ9djkHFVo1DqHm58NTJiYckcHOahmP0XjahD9DCSEo4dBshew==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/bell.connector.css
209.71.212.18200 142 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/bell.connector.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (379), with CRLF line terminators
Size 142 kB (142518 bytes)
Hash 60afd7252434863601e228e354eb2781
46cb2eb033519c060bb4a7eb994abeaf8513e37d
beb19ccd981b1b2219adf7a8b5c0108825dc1222b33e8fdadcaa7ef68b0d6a3c
GET /bell/header/css/bell.connector.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebiller.z13.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"142518-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 142518
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!3q1c5jkYIgnz8qFEUwqVUcceXQbKqTEOSmsUKjEBXfdTdwoQTO8ugOY8mjPnFvfx1vKeDG5HRdHZdTHwIQ2GIDZedx7Yy5yTi8KRWR639q63yQ==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/bell_master.css
209.71.212.18200 153 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/bell_master.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (466), with CRLF line terminators
Size 153 kB (153090 bytes)
Hash f1375ffc988dbdfd4dfcc3b57360dd83
1876a7b83425eca4bf61bcb2349994e47fa9dd8c
27f935f11d6d8196622ac0144bfdb36815277977b4a9b9f74d2c1644caca990c
GET /bell/header/css/bell_master.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/header/css/bell.myBell.core.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"153090-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 153090
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!tk+gruOaRjIKr/VEUwqVUcceXQbKqXDKLWO2+sHVelopqzbh+CMHb8PoTQyw1osz6vu8FTLj+akM5ODLDncBqXgeH6amVB2CnqJ4EUxQMYmd+Q==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/css/bell_master_a.css
209.71.212.18200 110 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/css/bell_master_a.css
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type ASCII text, with very long lines (338), with CRLF line terminators
Size 110 kB (110483 bytes)
Hash adb1d4cac1dd7af9b6ad2e35116765d5
376c7517be00d4cbad201157f121339fdb221e19
4c7a96357059b132cedc58b1bac711127f2f8fc5f2b7768b9e13a696f758b9de
GET /bell/header/css/bell_master_a.css HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/header/css/bell.myBell.core.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"110483-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: text/css
Content-Length: 110483
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!0Fb4r9zc1LaS72iKjod15JPsKvsaUttK5//wlAFC2ZErMivigfn1KzxOQCwku0pR2iTAnzh/zCDe5pnrqNygjM98WhLucng1d1Oxz77aBhSkbQ==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/header/img/bg_iconSprite.png
209.71.212.18200 103 kB URL GET HTTP/1.1 webmail.bell.net/bell/header/img/bg_iconSprite.png
IP 209.71.212.18:443
Requested by https://ebiller.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type PNG image data, 635 x 311, 8-bit/color RGBA, non-interlaced\012- data
Size 103 kB (102729 bytes)
Hash b57802d1e1438ee085728b93e8588d56
837684b7ff84da66972f2253564be2f9a9503c4c
21e39e30e42373a43a58733e1e5e589f042ab79c36fd48e890d00d2cb5979e84
GET /bell/header/img/bg_iconSprite.png HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/header/css/bell.connector.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"102729-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: image/png
Content-Length: 102729
Date: Mon, 05 Jun 2023 13:07:28 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!9d6HCPa2Am60aKCKjod15JPsKvsaUu0I+dPTtb9pNdUri7x4QB4PpQj3VFW4utQJwtO9pXyGPlxwjgyzrYQoCMpmdTzJBwI4WR34QL/lC46+kw==; expires=Mon, 12-Jun-2023 13:07:28 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/login/font/bellslim_semibold-webfont.ttf
209.71.212.18200 14 kB URL GET HTTP/1.1 webmail.bell.net/bell/login/font/bellslim_semibold-webfont.ttf
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type TrueType Font data, 18 tables, 1st "FFTM"\012- data
Hash 2a4dcb55326caf6a22cc5fb5f0978566
e2233433b41008e82482a8303cd65ca13e041f67
204b75cfdd0aaa69af4ddd3a65f8aaef3632c56e35749f49b2767b05b4cee712
GET /bell/login/font/bellslim_semibold-webfont.ttf HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"46512-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: font/ttf
Content-Length: 46512
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!k3Vi6oTrWIqqra6Kjod15JPsKvsaUu+XmMAxwf/0WumBahZXTjFaRD/7i/Jz3Ss5oRUBmjtZWXXYdANxlfTS1IHbJLgNslXd6nAq4blu9auVug==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207200 OK 49 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 13:07:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 00b5219e0248445f823d8adee10db9b0
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d28a36ffbfbb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
webmail.bell.net/bell/ux/font/fontello.ttf
209.71.212.18200 13 kB URL GET HTTP/1.1 webmail.bell.net/bell/ux/font/fontello.ttf
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type TrueType Font data, 15 tables, 1st "GSUB"\012- data
Hash 1cc7ccd253fbfa847849f7b330a61c65
70bea37108d0ad6810f7a17c276b3f73b5e6fae0
176ba26504f702e2e232cc0d1768b567750b11e79a41ca6643faf34deaef19d7
GET /bell/ux/font/fontello.ttf HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"71236-1657482738000"
Last-Modified: Sun, 10 Jul 2022 19:52:18 GMT
Content-Type: font/ttf
Content-Length: 71236
Date: Mon, 05 Jun 2023 13:07:27 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!ThE2opepa5Dl3MiKjod15JPsKvsaUgTZ7gHv1wMKv7rdNHAZDn4wcPQANKq98DtJW66Q/tS7XCpBjAozuU8NpZwU9MOB1g6n1RtjknzV8BGCQg==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/login/img/bg_cBoxExtra.png
209.71.212.18200 811 B URL GET HTTP/1.1 webmail.bell.net/bell/login/img/bg_cBoxExtra.png
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type PNG image data, 1050 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 12ad0db519b84a4856fd00ecd76f8a21
3b5d2057841adcb928100f00843d5e2f163037a3
038234677c46f9c530e08c832514daf43478372cd13f8683aee4d74c82b89e00
GET /bell/login/img/bg_cBoxExtra.png HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/bell/login/css/bell_prime_mod.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"811-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: image/png
Content-Length: 811
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!ykTivZx/3pYu3zWKjod15JPsKvsaUse0UUsniUBEx0ALdB+8kzIFN8/jf1y3knhI9tVNeqoPhMs8nhYw4cnCmsVYQ94p4MoOxn++oRIh/Wsv+w==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.10.207200 OK 51 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 13:07:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 29014292
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d28a370080b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
webmail.bell.net/bell/login/font/bellslim_semibold-webfont.woff
209.71.212.18200 14 kB URL GET HTTP/1.1 webmail.bell.net/bell/login/font/bellslim_semibold-webfont.woff
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type Web Open Font Format, TrueType, length 26676, version 1.0\012- data
Hash a72239ac0ebfed82db8362fcfc59492b
4139c93c2fd13ae1de2863363080e829a1e5cb8c
5aff4ab9743bdf588b64f1ee933805ef85b8e7c0ed77f6fce6ec6c719a053802
GET /bell/login/font/bellslim_semibold-webfont.woff HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"26676-1657482736000"
Last-Modified: Sun, 10 Jul 2022 19:52:16 GMT
Content-Type: font/woff
Content-Length: 26676
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!AGOivA0mp515hgyKjod15JPsKvsaUqa/kyT5Gs3PrSq35aCap9HecTItFR5P7VpInnbe6NoY0APssT2yu41zkiYdboJ2VXodZ6DV2p0k5EpE/A==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
webmail.bell.net/bell/ux/font/fontello.woff
209.71.212.18200 14 kB URL GET HTTP/1.1 webmail.bell.net/bell/ux/font/fontello.woff
IP 209.71.212.18:443
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerEntrust, Inc.
Subjectbell.net
Fingerprint69:62:4F:91:5C:7A:85:39:2F:DE:7C:C5:AC:A1:F5:B7:7B:E8:A8:4C
ValidityMon, 11 Jul 2022 14:26:34 GMT - Thu, 10 Aug 2023 14:26:34 GMT
File type Web Open Font Format, TrueType, length 41232, version 1.0\012- data
Hash 6bf1ddf0854b7a3d4765726e2c18bddd
00e96103a59d6de0af77440105903dde909df3ab
10c3cd7614428b8100d4256158588ae208fdd6c004c08288aa937267db57d1b8
GET /bell/ux/font/fontello.woff HTTP/1.1
Host: webmail.bell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://necessarysynonym.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://webmail.bell.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dns-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
Accept-Ranges: bytes
ETag: W/"41232-1657482738000"
Last-Modified: Sun, 10 Jul 2022 19:52:18 GMT
Content-Type: font/woff
Content-Length: 41232
Date: Mon, 05 Jun 2023 13:07:26 GMT
Set-Cookie: BIGipServerU47vgdC1jlGeImoUghs+Dw=!KFwB1YvlSttpURh1X38/VDhJ/s0IP1fIkEZAcBDtNYWzU67GxO2kjBMmKvqC03EE0cr+/r4ynpGZCVOne9cVi2fzFc6NNH79V9WuAOpq/mQCvA==; expires=Mon, 12-Jun-2023 13:07:27 GMT; path=/; Httponly; Secure
Cache-Control: no-store
necessarysynonym.z13.web.core.windows.net/
20.150.90.65200 OK 23 kB URL GET HTTP/1.1 necessarysynonym.z13.web.core.windows.net/
IP 20.150.90.65:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://necessarysynonym.z13.web.core.windows.net/
Certificate IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC9:3D:8F:1F:21:6B:3C:C4:E0:BF:E5:4F:03:B6:8D:E1:D6:80:42:22
ValidityWed, 22 Mar 2023 00:18:56 GMT - Fri, 22 Mar 2024 00:18:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic phishing
openphish Bell Canada
GET / HTTP/1.1
Host: necessarysynonym.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://necessarysynonym.z13.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 22930
Content-Type: text/html
Content-MD5: Zvq7q0cwddobr3677f55Nw==
Last-Modified: Fri, 17 Mar 2023 16:28:29 GMT
Accept-Ranges: bytes
ETag: "0x8DB2704A491D9D3"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fdd74b77-301e-000b-53ae-9729c4000000
x-ms-version: 2018-03-28
Date: Mon, 05 Jun 2023 13:07:26 GMT