Report - gogtp.sharepoint.com/:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9

Report Overview

Submitted URL
gogtp.sharepoint.com/:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9
IP
13.107.136.9
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-09-09 03:22:56
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Microsoft Services

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
res-1.cdn.office.net	1093	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	39 kB	23.38.200.227
statica.akamai.odsp.cdn.office.net	2534	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	7.2 kB	23.36.76.130
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
gogtp.sharepoint.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	93 kB	13.107.136.9
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	797 B	93.184.220.29
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.213.140.56
spoppe-b.azureedge.net	6028	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	1.1 kB	152.199.19.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	201 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:19 Times Seen134 Hash e99831d62ec99e199130a0d9791e6e1a 566166337bff530ff65c4c66c3d83fb1c8cfe583 0fc0c149cb8b20ec3dc9f991249a92c06ff7fa56ec313e5c754ad5e38a38ab2e Loading...

	res-1.cdn.office.net/files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js	164 kB	2023-03-07	2023-03-17
Pretty URL res-1.cdn.office.net/files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js IP 23.38.200.227 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:27 Last Seen2023-03-17 11:31:07 Times Seen1 Hash a0557e909719bcbf6f4f1775f825fb8c 7fa18da688592cf33db0e9bbbf0a86ed81be98cc 2dcec3950851303ee4f9f89a59ace5d9a1c1d320e644083b7905e64d1c5ac278 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	188 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen120 Hash 8463c179a7758484b7f4970757928c78 fb19aa940fda7e46c6171e87c55b361e861faa3a cfbbc926117d798b396e36e3e08feb87e9c57bbda4e298a4484b84edb11d4ef2 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	1.5 kB	2023-03-07	2024-04-03
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-03 17:29:31 Times Seen37 Hash effdfee2f6a01b8c45de49c52765052e 42dccb7f5eae2338837e1188cb6fcb4bfc7f7dd4 027c63506a9f48c0361ae83a847daf143f43bcb5e4d8ae72cee545be95cc0316 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	12 kB	2023-03-07	2023-03-17
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:01 Last Seen2023-03-17 11:31:07 Times Seen1 Hash 61db12583646c852ecd7145696c47bf9 8e1be796e3d28294e20d034d530cd2053c4acbe3 e285c4c8a80b1524059ed1339503fb65bacb5b8738ec64e3dd8cee398c7c38dd Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	210 B	2023-03-07	2023-03-17
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:01 Last Seen2023-03-17 11:31:07 Times Seen1 Hash dcab8165ffbfd2c230393aed757d6cba 6496510d802ec210e613c1b6cdc14d4e5e7f49db df6791500e3448c41747d0e042d140d6d060d27efa7921796faf3162cb122a67 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	11 kB	2023-03-07	2023-03-17
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:01 Last Seen2023-03-17 11:31:07 Times Seen1 Hash e8837171f45c6c360c9bc57ec6fc2bb1 27acddf9d8b6ca332226a0d45382dedc6d1d9450 2264885ee935d3e66ac04817b6215752957d22ba51ec39fbed1f7a3e1d540078 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	905 B	2023-03-07	2023-03-07
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:27 Last Seen2023-03-07 14:03:27 Times Seen1 Hash b40f4e2e204a1a14cff71128e6e0839d 6fd228ff4f11652013305bb40c74f64258a1089c 311e8209d4178e07ddb6ecb4855ac1aee0bd1fb0ed51603114e6ca9a8f94ede8 Loading...

	gogtp.sharepoint.com/WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080	23 kB	2023-03-07	2024-04-25
Pretty URL gogtp.sharepoint.com/WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080 IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-04-25 09:04:17 Times Seen42311 Hash 90ea7274f19755002360945d54c2a0d7 647b5d8bf7d119a2c97895363a07a0c6eb8cd284 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	115 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen134 Hash 8233eb45206e0c8a6e61f33538cacefe 4099d87aef8a331819ec64dfdc123a50bb1f1080 32a675cd243975a98bb59b97ae716bb451d5845da15d13ba62deff915bd1e589 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	164 B	2023-03-07	2023-03-07
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:27 Last Seen2023-03-07 14:03:27 Times Seen1 Hash 93f77acc0fa34c4583a939b8ab2c751a dd70aa7ff19662481442976ad4fd66fe1fe88042 7ba0df6e6d987c650b8274c74967a2bf7e3acb777d335e78d28d864b28b7965b Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	339 B	2023-03-07	2023-03-17
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:01 Last Seen2023-03-17 11:31:07 Times Seen1 Hash 09a0d98c520acfa07cd05cd83267a725 eb8fe36bc5bc373f5b336766f67641140b70fa87 0d3db853e13193476ae29aa64fe9872b10d69dc3b9c456ffd6e78bd5cec830af Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	771 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen142 Hash e93e4739545971d7456376465212bb78 4a901d6ba52bea30cb2a72b1967921b526c8439e c0579681aa9f72c37e8c845451c7afa246fedeb08d3c35453db1d5172382fabc Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	371 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen134 Hash 12ffe69b1290b6ef7408703676e33b06 04bb4dc719a4597d3a3903d33f8043e920b82e57 1eaca83e0bd12a46c87f49fbec67944ff92916398df6e6751ba3533a3dfdbb21 Loading...

	statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.22824.12006/require.js	18 kB	2023-03-07	2024-04-24
Pretty URL statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.22824.12006/require.js IP 23.36.76.130 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen293 Hash 6efddf589864d2e146a55c01c6764a35 efa8bba46cb97877eec5430c43f0ac32585b6b2f 2d92f0ce8491d2f9a27ea16d261a15089c4a9be879d1eedcb6f4a3859e7f1999 Loading...

	gogtp.sharepoint.com/ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8	40 kB	2023-03-07	2024-04-25
Pretty URL gogtp.sharepoint.com/ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8 IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:14 Last Seen2024-04-25 09:04:16 Times Seen1376 Hash da9dc1c32e89c02fc1e9eeb7e5aab91e 3efb110efa6068ce6b586a67f87da5125310bc30 398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1 Loading...

	gogtp.sharepoint.com/ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8	103 kB	2023-03-07	2024-04-25
Pretty URL gogtp.sharepoint.com/ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8 IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:14 Last Seen2024-04-25 09:04:15 Times Seen1368 Hash c89eaa5b28df1e17376be71d71649173 2b34df4c66bb57de5a24a2ef0896271dfca4f4cd 66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	262 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen125 Hash 5e0a177d241f0e82ce4f00226b733ef7 a5d2e3dd3b9a3ddffcd17d5d3406f14ddfdbdaea f74e86cdcc332b7350f0c9697c6635680926b24c4022bb468dd78eecbcec18fa Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	30 kB	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:19 Times Seen134 Hash 427cd803e9635f818d0434cfa74df413 998044c6e95b91b434bb7c6dc2a7a1fb81caa0f5 9c5a7946e98fb865ae2c2b3c8a9c63f452212a9491611a7292bfc9714634b61a Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	60 B	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen147 Hash 09b54d62daf53fbaa8ef017a428d246f 3f2a905d2d9d15146dee19f4b78629ded93ce96d d6bb3bde0934b6a5989c2c3bc12c83fd5a4e01260205c11c7c928ac7f78590b4 Loading...

	gogtp.sharepoint.com/ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50	27 kB	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50 IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:19 Times Seen16034 Hash b3d7a123be5203a1a3f0f10233ed373f f4c61f321d8f79a805b356c6ec94090c0d96215c ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192 Loading...

	gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA	2.5 kB	2023-03-07	2024-04-24
Pretty URL gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA IP 13.107.138.9 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen134 Hash 4c8232d108e433474f59e488e92ee436 94f9e97b5290d8c3200a4435c4623b756d10cc3d 5db6c3d9ac17d519b4012f20eb429dba86b38c951b2d7c202fb9f84b54e7ef44 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 62b075680a2d12f6f412fd59eaf41eca	56 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen12908 Hash 62b075680a2d12f6f412fd59eaf41eca fd9332a703b1580f8ba282fe23e8b416bf219523 c84c38a8ff573d4dde2cf7482a0c4d0d9c2584657a3fe6e522300809b0750448 Loading...

	#2 Eval - eb9e685e178957c1f8a490d1db11ad06	63 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen1301 Hash eb9e685e178957c1f8a490d1db11ad06 6be51af489f35d43446596aae76fb7d9e7658a1e 928e2ac1c8aab201b95426d675baa335deb6cfd5809e82fbc8ac88886924714c Loading...

	#3 Eval - a48979f7f0be1c1d0fab1adc5c4f7ede	67 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:28:18 Last Seen2024-04-24 21:59:20 Times Seen1012 Hash a48979f7f0be1c1d0fab1adc5c4f7ede c31ff08c3937293e43e5e78c108b82e07ced461b 68946a0e5e672ac400e85220a6faa5d2b3b3baaa57a0fd3ee83fb82787158831 Loading...

HTTP Transactions (28)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3425
Expires: Fri, 09 Sep 2022 04:19:50 GMT
Date: Fri, 09 Sep 2022 03:22:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 03:05:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q_3xLX-Ed4FZiCsKrZrVu9g2xgRkT2l9BmP3i8-MvLoVCpOC3KsiDA==
Age: 1025

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IolJvO8gNXviEV-MSMHAb2hZ2EUZvA0PIW2ANw4kNHzNkSnKGchm4g==
age: 84971
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 03:22:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

gogtp.sharepoint.com/:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9

13.107.136.9

301 Moved Permanently

0 B

URL HTTP/1.1
gogtp.sharepoint.com/:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9
IP
13.107.136.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-DataBoundary: None
X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
SPRequestGuid: 242763a0-10ba-d000-6277-e439916f08f9
request-id: 242763a0-10ba-d000-6277-e439916f08f9
MS-CV: oGMnJLoQANBid+Q5kW8I+Q.0
Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-OSL30r4B&frontEnd=AFD"}]}
NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
X-FRAME-OPTIONS: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com securebroker.sharepointonline.com;
SPRequestDuration: 23
SPIisLatency: 3
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.22824
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2C34DFBABF524DE080350C4E165308B9 Ref B: OSL30EDGE0517 Ref C: 2022-09-09T03:22:45Z
Date: Fri, 09 Sep 2022 03:22:45 GMT
Content-Length: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 02:56:07 GMT
Expires: Fri, 09 Sep 2022 03:28:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dUrwMTy1jh4KKhzqU3f8MkiQzEts1s9TvzD-8dDmA4k5xVNbmzmO1A==
Age: 1599

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6028
Cache-Control: max-age=109467
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 03:22:46 GMT
Etag: "6319a295-1d7"
Expires: Sat, 10 Sep 2022 09:47:13 GMT
Last-Modified: Thu, 08 Sep 2022 08:06:45 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.140.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.140.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EUF580ZJHi0U+bdHLDAvPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5bCUL03iPXMlUiXvxWeBxw5CpHQ=

gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA

13.107.138.9

200 OK

34 kB

URL HTTP/2
gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Size
34 kB (34014 bytes)
Hash
eddf0af11e708c85572511ed265ffc9b
1fc9563fbebb8f96d41b6c75d7b82a892871d60b
683a07c180eb18364f5b85d134dd4f5faa4c6b2d960b54de57dc9951bf496ac5

HTTP Headers

GET /sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: private
content-length: 34014
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-sharepointhealthscore: 0
x-aspnet-version: 4.0.30319
x-databoundary: None
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 242763a0-50e5-d000-6277-e752e59f3177
request-id: 242763a0-50e5-d000-6277-e752e59f3177
ms-cv: oGMnJOVQANBid+dS5Z8xdw.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=5e139fbf-7c4c-431d-be38-20238560faec&destinationEndpoint=Edge-Prod-OSL30r4B&frontEnd=AFD"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com securebroker.sharepointonline.com;
sprequestduration: 440
spiislatency: 1
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 107DED64FFC74C668D86E288EBE8D703 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:46Z
date: Fri, 09 Sep 2022 03:22:46 GMT
X-Firefox-Spdy: h2

res-1.cdn.office.net/files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js

23.38.200.227

200 OK

38 kB

URL HTTP/2
res-1.cdn.office.net/files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js
IP
23.38.200.227:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (4843)
Size
38 kB (38483 bytes)
Hash
cef91c0ebaefd44e66a7e53203573552
36866e907e45013ed237e74ae787675ce3c9f2cf
bba3356e5c48d327b8bdc0a7850b0462ade56dd7c407ba716c6def62dcf3e6dc

HTTP Headers

GET /files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gogtp.sharepoint.com
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 38483
last-modified: Tue, 30 Aug 2022 05:35:46 GMT
x-ms-request-id: f1b45ce9-c01e-005e-227c-bd1477000000
content-encoding: br
cache-control: public, max-age=630720000
date: Fri, 09 Sep 2022 03:22:47 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

gogtp.sharepoint.com/WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080

13.107.138.9

200 OK

6.0 kB

URL HTTP/2
gogtp.sharepoint.com/WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
6.0 kB (6007 bytes)
Hash
06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d

HTTP Headers

GET /WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-length: 6007
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 02:55:10 GMT
last-modified: Sat, 26 Feb 2022 09:42:54 GMT
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 4
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1F67A2CF255F4BFFA5EFDA3141433800 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:46 GMT
X-Firefox-Spdy: h2

statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.22824.12006/require.js

23.36.76.130

200 OK

6.6 kB

URL HTTP/2
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.22824.12006/require.js
IP
23.36.76.130:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (17444)
Size
6.6 kB (6643 bytes)
Hash
909bb7cf6dfc3d1481b50a03b4cfd027
fbcfe6509a539b17a4db0c356e0cbdae81e92e3f
a60e6b1b55bbffb1e27ffad5792e7740e1060ba72038855297291f668b7d3ae5

HTTP Headers

GET /bld/_layouts/15/16.0.22824.12006/require.js HTTP/1.1
Host: statica.akamai.odsp.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 6643
content-type: application/javascript
content-encoding: gzip
content-md5: kJu3z238PRSBtQoDtM/QJw==
last-modified: Wed, 07 Sep 2022 04:07:19 GMT
etag: 0x8DA9086754B8BA9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 39f32cd9-e01e-00d7-4f87-c28e42000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 09 Sep 2022 03:22:47 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

gogtp.sharepoint.com/_layouts/15/images/microsoft-logo.png

13.107.138.9

200 OK

3.3 kB

URL HTTP/2
gogtp.sharepoint.com/_layouts/15/images/microsoft-logo.png
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3331 bytes)
Hash
ef884bdedef280df97a4c5604058d8db
6f04244b51ad2409659e267d308b97e09ce9062b
825de044d5ac6442a094ff95099f9f67e9249a8110a2fbd57128285776632adb

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft Services

HTTP Headers

GET /_layouts/15/images/microsoft-logo.png HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 3331
content-type: image/png
last-modified: Fri, 02 Sep 2022 03:36:41 GMT
accept-ranges: bytes
etag: "806afa367dbed81:0"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
sprequestduration: 4
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 15A5227241D84EA8923970E3BEF0C3EC Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2

gogtp.sharepoint.com/ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8

13.107.138.9

200 OK

10 kB

URL HTTP/2
gogtp.sharepoint.com/ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (39257), with CRLF line terminators
Size
10 kB (9984 bytes)
Hash
027a7d52e1ceed8aef7dc13505b81d36
33cf0bce6a4c8b44b4a80b3116c978c12ee93fd0
29061464fb6fce2326b952eacaa95c3c6183bfea74c3851390e9838720d372a6

HTTP Headers

GET /ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-length: 9984
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 17:45:40 GMT
last-modified: Thu, 08 Sep 2022 17:45:40 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 5
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E651B2F033F34946B49EBAE31D9AE488 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2

gogtp.sharepoint.com/ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50

13.107.138.9

200 OK

5.5 kB

URL HTTP/2
gogtp.sharepoint.com/ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
5.5 kB (5479 bytes)
Hash
cd81a5effc23af770be1c6ad035a5e4e
ec3cdf31293e2e43fb1f189decc18019cd3d2f23
0bbe6b1d897c994aa54d02d1692b8dd4d64a2f28d809f954ce6ba356c7d16abb

HTTP Headers

GET /ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-length: 5479
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 13:54:38 GMT
last-modified: Thu, 08 Sep 2022 13:54:38 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 5
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E90A0EC0CAD2486EB3055C26602F3152 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2

gogtp.sharepoint.com/ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8

13.107.138.9

200 OK

26 kB

URL HTTP/2
gogtp.sharepoint.com/ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65326), with CRLF line terminators
Size
26 kB (25609 bytes)
Hash
b62553925bd98826c60457d2eb6b9a46
84dbbb6d9b36a587c21b5a56b1d9e587e33ba943
c58166fe4df4ba8f25a960c21451eaf841d97f6f552f104e43431c9db1c2e2cc

HTTP Headers

GET /ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-length: 25609
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 02:57:37 GMT
last-modified: Thu, 08 Sep 2022 02:57:37 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 4
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4539B72C586448418AEDE59510936C40 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F604dabfb-76cf-44ff-9e8d-3c4a32873980.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F604dabfb-76cf-44ff-9e8d-3c4a32873980.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7264 bytes)
Hash
074cd3f6015bf90af05eccc00b710ee1
550ad804cace44ce9f673d3ded29666e583db8a6
2f88bd842bd4c5e80fbab63b3aabd2567500fe8c500fc1c6588154af4887ba25

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F604dabfb-76cf-44ff-9e8d-3c4a32873980.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7264
x-amzn-requestid: b44ad06d-9a6a-486a-906c-6f9c9396d5ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEsYEEIHIAMF-OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63182766-4449388252a7e2cc172ee09a;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 05:08:54 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Kw0bja9Kkk71ME4jm5qWdvjjpHsRybSijZyCYiGHDq6UIe-go7yVTw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:16:12 GMT
age: 18396
etag: "550ad804cace44ce9f673d3ded29666e583db8a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 20232
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8675 bytes)
Hash
e2ed199f1cb98d32690c0b5c1fa90643
96f3088f1361a8c7a62e36f99b4c58c49a750f95
b2e52fa2d41478c8a23892bed1051bcde3c4a937350b149e65a35ef37cf7c4bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8675
x-amzn-requestid: a28b0b64-d536-4bc2-b659-f8255e9f73b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXe8HEUIAMFiag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309392c-032fdc54025b8fbe21987a57;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:20:44 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3BTk9yvSyeqYtrm9i1NdqmG6XNNJfluvgA4yEDv1DV_XDsJGcZDu0g==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
age: 20232
etag: "96f3088f1361a8c7a62e36f99b4c58c49a750f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6348 bytes)
Hash
3e2cb929798304af6df37283057249ad
646332f967868d58c2afa6a268677b3ea717f4f0
d490b6d3c084c92c92f34007b7f254f7d815a16d2442bbb75c8bae437d3565e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6348
x-amzn-requestid: 6b54628a-cdef-4171-af77-eb009325c973
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHDxVHZvoAMFpqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631919a1-40d667983dfd5f417f4ed81b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 22:22:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GYKU_FU20Je6se1HtcHX8_ISIOYpFnWPTHbJnnIs91pW4hvHHA2sCQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
age: 53708
etag: "646332f967868d58c2afa6a268677b3ea717f4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F941aee78-aa38-4160-9ace-6710bf30c1ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7524 bytes)
Hash
91b464f11732e00e4fd02f22a588db95
1ab4fc655948819c42906d19f60c69f399ab221d
d47f87039129d760f53735d65258611eb2debbc58024738bc60e5a0c99ec8cc5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F941aee78-aa38-4160-9ace-6710bf30c1ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7524
x-amzn-requestid: c97e5c90-4fde-400d-b07a-cb7c2f119419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgIGwDIAMFVcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-2dc24fae4af1a68c79dcee95;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: tEARM67qcdwpaRWiZ1l23Kp7XnMCHTy1uwtzk-UtxmELNRk5SHXyIw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:44:18 GMT
age: 20310
etag: "1ab4fc655948819c42906d19f60c69f399ab221d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56be459-e770-44e9-abe0-696bf138d24b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8883 bytes)
Hash
e2af88fbaca55b9f2f4fcb8556689433
4fd3f97256473a79a68d00a8557604207caea016
70ce6e4dc051ca75755a255ef7ee3751ccabacb542f54cfa3da1dd5d0ca556d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56be459-e770-44e9-abe0-696bf138d24b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8883
x-amzn-requestid: 11448359-f5d2-4f8f-b1e5-a9f52de6b877
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X39vaH4MoAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63130ffc-7dc129b564008f737c25e9d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 08:27:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HbQjPwpwrHEPE9BioHh_PLVzWOGZEOQfX4M8uQjZWzDVNAF0SYKqGA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 01:49:22 GMT
age: 5606
etag: "4fd3f97256473a79a68d00a8557604207caea016"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

spoppe-b.azureedge.net/files/fabric-cdn-prod_20220803.001/assets/item-types/32/video.png

152.199.19.161

200 OK

416 B

URL HTTP/2
spoppe-b.azureedge.net/files/fabric-cdn-prod_20220803.001/assets/item-types/32/video.png
IP
152.199.19.161:0
ASN
#15133 EDGECAST

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
416 B (416 bytes)
Hash
4d53bbdab185e90f313a2a70726cd8d0
32ae4d94d46b03f7d3b6078bae2e592202f6674c
5f3a02ddc3c634609d3715977a4e54145880f310116a27b31f81a298803ef2b7

HTTP Headers

GET /files/fabric-cdn-prod_20220803.001/assets/item-types/32/video.png HTTP/1.1
Host: spoppe-b.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1801861
cache-control: public, max-age=31536000
content-md5: TVO72rGF6Q8xOipwcmzY0A==
content-type: image/png
date: Fri, 09 Sep 2022 03:22:48 GMT
etag: 0x8DA75845B8F7692
last-modified: Wed, 03 Aug 2022 19:14:15 GMT
server: ECAcc (ska/F6F3)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d69ef256-901e-00b2-1498-b3c4d6000000
x-ms-version: 2009-09-19
content-length: 416
X-Firefox-Spdy: h2

gogtp.sharepoint.com/_layouts/15/images/favicon.ico?rev=47

13.107.138.9

200 OK

1.2 kB

URL HTTP/2
gogtp.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
IP
13.107.138.9:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
1.2 kB (1203 bytes)
Hash
217a89b4aac01b3febfa34165b64eb0b
36424db2bbae3e40ceffbaa42cb85e1cf72b2de6
eda42e809b4baaab6206a298c414a3408cc2b60ee840f55694b51504e6966622

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft Services

HTTP Headers

GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 1203
content-type: image/x-icon
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 03:37:02 GMT
accept-ranges: bytes
etag: "0c37e437dbed81:0"
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
sprequestduration: 4
spiislatency: 1
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 64891B465A5D4D8BA1C0D8D241DD0705 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:48Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations