r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3425
Expires: Fri, 09 Sep 2022 04:19:50 GMT
Date: Fri, 09 Sep 2022 03:22:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 03:05:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q_3xLX-Ed4FZiCsKrZrVu9g2xgRkT2l9BmP3i8-MvLoVCpOC3KsiDA==
Age: 1025
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IolJvO8gNXviEV-MSMHAb2hZ2EUZvA0PIW2ANw4kNHzNkSnKGchm4g==
age: 84971
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 03:22:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gogtp.sharepoint.com/:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9
13.107.136.9301 Moved Permanently 0 B URL HTTP/1.1 gogtp.sharepoint.com/:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9
IP 13.107.136.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /:v:/s/CustomerSharedFiles/Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-DataBoundary: None
X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
SPRequestGuid: 242763a0-10ba-d000-6277-e439916f08f9
request-id: 242763a0-10ba-d000-6277-e439916f08f9
MS-CV: oGMnJLoQANBid+Q5kW8I+Q.0
Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-OSL30r4B&frontEnd=AFD"}]}
NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
X-FRAME-OPTIONS: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com securebroker.sharepointonline.com;
SPRequestDuration: 23
SPIisLatency: 3
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.22824
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2C34DFBABF524DE080350C4E165308B9 Ref B: OSL30EDGE0517 Ref C: 2022-09-09T03:22:45Z
Date: Fri, 09 Sep 2022 03:22:45 GMT
Content-Length: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 02:56:07 GMT
Expires: Fri, 09 Sep 2022 03:28:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dUrwMTy1jh4KKhzqU3f8MkiQzEts1s9TvzD-8dDmA4k5xVNbmzmO1A==
Age: 1599
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6028
Cache-Control: max-age=109467
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 03:22:46 GMT
Etag: "6319a295-1d7"
Expires: Sat, 10 Sep 2022 09:47:13 GMT
Last-Modified: Thu, 08 Sep 2022 08:06:45 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EUF580ZJHi0U+bdHLDAvPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5bCUL03iPXMlUiXvxWeBxw5CpHQ=
gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
13.107.138.9200 OK 34 kB URL HTTP/2 gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Hash eddf0af11e708c85572511ed265ffc9b
1fc9563fbebb8f96d41b6c75d7b82a892871d60b
683a07c180eb18364f5b85d134dd4f5faa4c6b2d960b54de57dc9951bf496ac5
GET /sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private
content-length: 34014
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-sharepointhealthscore: 0
x-aspnet-version: 4.0.30319
x-databoundary: None
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 242763a0-50e5-d000-6277-e752e59f3177
request-id: 242763a0-50e5-d000-6277-e752e59f3177
ms-cv: oGMnJOVQANBid+dS5Z8xdw.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=5e139fbf-7c4c-431d-be38-20238560faec&destinationEndpoint=Edge-Prod-OSL30r4B&frontEnd=AFD"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com securebroker.sharepointonline.com;
sprequestduration: 440
spiislatency: 1
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 107DED64FFC74C668D86E288EBE8D703 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:46Z
date: Fri, 09 Sep 2022 03:22:46 GMT
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js
23.38.200.227200 OK 38 kB URL HTTP/2 res-1.cdn.office.net/files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js
IP 23.38.200.227:0
File type ASCII text, with very long lines (4843)
Hash cef91c0ebaefd44e66a7e53203573552
36866e907e45013ed237e74ae787675ce3c9f2cf
bba3356e5c48d327b8bdc0a7850b0462ade56dd7c407ba716c6def62dcf3e6dc
GET /files/odsp-web-prod_2022-08-26.003/spoguestaccess-a0557e90.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gogtp.sharepoint.com
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 38483
last-modified: Tue, 30 Aug 2022 05:35:46 GMT
x-ms-request-id: f1b45ce9-c01e-005e-227c-bd1477000000
content-encoding: br
cache-control: public, max-age=630720000
date: Fri, 09 Sep 2022 03:22:47 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
gogtp.sharepoint.com/WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080
13.107.138.9200 OK 6.0 kB URL HTTP/2 gogtp.sharepoint.com/WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d
GET /WebResource.axd?d=O1_c-WlGUZiT01kCvKlUjiAFIC7op2wItXlmUcmkRbrLL-CBHLGKoxJSSXf_tsmOBRDTCN3zTWIunlA1J8B3S9rxJsrW3WG2QB3sNCszX-M1&t=637814365746327080 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 6007
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 02:55:10 GMT
last-modified: Sat, 26 Feb 2022 09:42:54 GMT
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 4
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1F67A2CF255F4BFFA5EFDA3141433800 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:46 GMT
X-Firefox-Spdy: h2
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.22824.12006/require.js
23.36.76.130200 OK 6.6 kB URL HTTP/2 statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.22824.12006/require.js
IP 23.36.76.130:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (17444)
Hash 909bb7cf6dfc3d1481b50a03b4cfd027
fbcfe6509a539b17a4db0c356e0cbdae81e92e3f
a60e6b1b55bbffb1e27ffad5792e7740e1060ba72038855297291f668b7d3ae5
GET /bld/_layouts/15/16.0.22824.12006/require.js HTTP/1.1
Host: statica.akamai.odsp.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 6643
content-type: application/javascript
content-encoding: gzip
content-md5: kJu3z238PRSBtQoDtM/QJw==
last-modified: Wed, 07 Sep 2022 04:07:19 GMT
etag: 0x8DA9086754B8BA9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 39f32cd9-e01e-00d7-4f87-c28e42000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 09 Sep 2022 03:22:47 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
gogtp.sharepoint.com/_layouts/15/images/microsoft-logo.png
13.107.138.9200 OK 3.3 kB URL HTTP/2 gogtp.sharepoint.com/_layouts/15/images/microsoft-logo.png
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef884bdedef280df97a4c5604058d8db
6f04244b51ad2409659e267d308b97e09ce9062b
825de044d5ac6442a094ff95099f9f67e9249a8110a2fbd57128285776632adb
Analyzer Verdict Alert urlquery Phishing - Microsoft Services
GET /_layouts/15/images/microsoft-logo.png HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 3331
content-type: image/png
last-modified: Fri, 02 Sep 2022 03:36:41 GMT
accept-ranges: bytes
etag: "806afa367dbed81:0"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
sprequestduration: 4
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 15A5227241D84EA8923970E3BEF0C3EC Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2
gogtp.sharepoint.com/ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8
13.107.138.9200 OK 10 kB URL HTTP/2 gogtp.sharepoint.com/ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (39257), with CRLF line terminators
Hash 027a7d52e1ceed8aef7dc13505b81d36
33cf0bce6a4c8b44b4a80b3116c978c12ee93fd0
29061464fb6fce2326b952eacaa95c3c6183bfea74c3851390e9838720d372a6
GET /ScriptResource.axd?d=eTtKGAPGiBklSWw3ckUqTDT3aDSIY6L7q5PClRm4K4XY-5CDdtjK7T8oszTHwDw6athuL5_u3znvV0Ocl3BjcY34BHoxQOhw2OCfzVRnx0kRLOm5k6eW2_Kf5vBKVfEQkuDdzcTfWY_OM8wO1LXosMak24WND1TWxIahzD4H1bpD7kBQxSb0QSIc58NuY3x70&t=49337fe8 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 9984
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 17:45:40 GMT
last-modified: Thu, 08 Sep 2022 17:45:40 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 5
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E651B2F033F34946B49EBAE31D9AE488 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2
gogtp.sharepoint.com/ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50
13.107.138.9200 OK 5.5 kB URL HTTP/2 gogtp.sharepoint.com/ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash cd81a5effc23af770be1c6ad035a5e4e
ec3cdf31293e2e43fb1f189decc18019cd3d2f23
0bbe6b1d897c994aa54d02d1692b8dd4d64a2f28d809f954ce6ba356c7d16abb
GET /ScriptResource.axd?d=1oys08Ks1ysdFBn83LYKdMd2rAv3CC3XvezLso203b7In4VFQbGMAda2bTPTJFvH-0RL_cj6cR1mf9Bt8vJRl_aroV6S-AjI8oe5tgHGbBIQ1h3Gqiul_Wchp1cRG0Zo5MwmsZhaiujw5gSBFubM_Y2MJnrNVaom-nWWH7wh0fY1&t=14d69f50 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 5479
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 13:54:38 GMT
last-modified: Thu, 08 Sep 2022 13:54:38 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 5
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E90A0EC0CAD2486EB3055C26602F3152 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2
gogtp.sharepoint.com/ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8
13.107.138.9200 OK 26 kB URL HTTP/2 gogtp.sharepoint.com/ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65326), with CRLF line terminators
Hash b62553925bd98826c60457d2eb6b9a46
84dbbb6d9b36a587c21b5a56b1d9e587e33ba943
c58166fe4df4ba8f25a960c21451eaf841d97f6f552f104e43431c9db1c2e2cc
GET /ScriptResource.axd?d=Sji0hZOHxQINw8Y8nNfNnZdN6UWf92PDkb7kwngcB-86hTLGibeQjV9PbXkBdBCfAca37LuY05yCMs6mdLA6UjLH1b63gPJAZEzXWbCFqEupKY5gEpzLrBmxEgPPsq4azLaulgbYkmcNi3lj7HSn2ZW2NfkyRxx8-jkJlIDe5mdzrhb4sWMBH9yDzwtxbqIv0&t=49337fe8 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 25609
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 08 Sep 2023 02:57:37 GMT
last-modified: Thu, 08 Sep 2022 02:57:37 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
sprequestduration: 4
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4539B72C586448418AEDE59510936C40 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:47Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Sep 2022 05:03:56 GMT
Date: Fri, 09 Sep 2022 03:22:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F604dabfb-76cf-44ff-9e8d-3c4a32873980.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F604dabfb-76cf-44ff-9e8d-3c4a32873980.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 074cd3f6015bf90af05eccc00b710ee1
550ad804cace44ce9f673d3ded29666e583db8a6
2f88bd842bd4c5e80fbab63b3aabd2567500fe8c500fc1c6588154af4887ba25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F604dabfb-76cf-44ff-9e8d-3c4a32873980.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7264
x-amzn-requestid: b44ad06d-9a6a-486a-906c-6f9c9396d5ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEsYEEIHIAMF-OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63182766-4449388252a7e2cc172ee09a;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 05:08:54 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Kw0bja9Kkk71ME4jm5qWdvjjpHsRybSijZyCYiGHDq6UIe-go7yVTw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:16:12 GMT
age: 18396
etag: "550ad804cace44ce9f673d3ded29666e583db8a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 20232
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2ed199f1cb98d32690c0b5c1fa90643
96f3088f1361a8c7a62e36f99b4c58c49a750f95
b2e52fa2d41478c8a23892bed1051bcde3c4a937350b149e65a35ef37cf7c4bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8675
x-amzn-requestid: a28b0b64-d536-4bc2-b659-f8255e9f73b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXe8HEUIAMFiag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309392c-032fdc54025b8fbe21987a57;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:20:44 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3BTk9yvSyeqYtrm9i1NdqmG6XNNJfluvgA4yEDv1DV_XDsJGcZDu0g==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
age: 20232
etag: "96f3088f1361a8c7a62e36f99b4c58c49a750f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e2cb929798304af6df37283057249ad
646332f967868d58c2afa6a268677b3ea717f4f0
d490b6d3c084c92c92f34007b7f254f7d815a16d2442bbb75c8bae437d3565e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6348
x-amzn-requestid: 6b54628a-cdef-4171-af77-eb009325c973
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHDxVHZvoAMFpqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631919a1-40d667983dfd5f417f4ed81b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 22:22:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GYKU_FU20Je6se1HtcHX8_ISIOYpFnWPTHbJnnIs91pW4hvHHA2sCQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
age: 53708
etag: "646332f967868d58c2afa6a268677b3ea717f4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F941aee78-aa38-4160-9ace-6710bf30c1ee.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F941aee78-aa38-4160-9ace-6710bf30c1ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b464f11732e00e4fd02f22a588db95
1ab4fc655948819c42906d19f60c69f399ab221d
d47f87039129d760f53735d65258611eb2debbc58024738bc60e5a0c99ec8cc5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F941aee78-aa38-4160-9ace-6710bf30c1ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7524
x-amzn-requestid: c97e5c90-4fde-400d-b07a-cb7c2f119419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgIGwDIAMFVcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-2dc24fae4af1a68c79dcee95;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: tEARM67qcdwpaRWiZ1l23Kp7XnMCHTy1uwtzk-UtxmELNRk5SHXyIw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:44:18 GMT
age: 20310
etag: "1ab4fc655948819c42906d19f60c69f399ab221d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56be459-e770-44e9-abe0-696bf138d24b.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56be459-e770-44e9-abe0-696bf138d24b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2af88fbaca55b9f2f4fcb8556689433
4fd3f97256473a79a68d00a8557604207caea016
70ce6e4dc051ca75755a255ef7ee3751ccabacb542f54cfa3da1dd5d0ca556d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56be459-e770-44e9-abe0-696bf138d24b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8883
x-amzn-requestid: 11448359-f5d2-4f8f-b1e5-a9f52de6b877
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X39vaH4MoAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63130ffc-7dc129b564008f737c25e9d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 08:27:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HbQjPwpwrHEPE9BioHh_PLVzWOGZEOQfX4M8uQjZWzDVNAF0SYKqGA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 01:49:22 GMT
age: 5606
etag: "4fd3f97256473a79a68d00a8557604207caea016"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
spoppe-b.azureedge.net/files/fabric-cdn-prod_20220803.001/assets/item-types/32/video.png
152.199.19.161200 OK 416 B URL HTTP/2 spoppe-b.azureedge.net/files/fabric-cdn-prod_20220803.001/assets/item-types/32/video.png
IP 152.199.19.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d53bbdab185e90f313a2a70726cd8d0
32ae4d94d46b03f7d3b6078bae2e592202f6674c
5f3a02ddc3c634609d3715977a4e54145880f310116a27b31f81a298803ef2b7
GET /files/fabric-cdn-prod_20220803.001/assets/item-types/32/video.png HTTP/1.1
Host: spoppe-b.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1801861
cache-control: public, max-age=31536000
content-md5: TVO72rGF6Q8xOipwcmzY0A==
content-type: image/png
date: Fri, 09 Sep 2022 03:22:48 GMT
etag: 0x8DA75845B8F7692
last-modified: Wed, 03 Aug 2022 19:14:15 GMT
server: ECAcc (ska/F6F3)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d69ef256-901e-00b2-1498-b3c4d6000000
x-ms-version: 2009-09-19
content-length: 416
X-Firefox-Spdy: h2
gogtp.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
13.107.138.9200 OK 1.2 kB URL HTTP/2 gogtp.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
IP 13.107.138.9:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 217a89b4aac01b3febfa34165b64eb0b
36424db2bbae3e40ceffbaa42cb85e1cf72b2de6
eda42e809b4baaab6206a298c414a3408cc2b60ee840f55694b51504e6966622
Analyzer Verdict Alert urlquery Phishing - Microsoft Services
GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1
Host: gogtp.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogtp.sharepoint.com/sites/CustomerSharedFiles/_layouts/15/guestaccess.aspx?email=JFuoto@slurpmail.net&e=4:5NEfhO&at=9&share=Eatgw_BKR3ZOtO4C7IpU53EBNibIfiTVG-bDkqaCYPblDA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 1203
content-type: image/x-icon
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 03:37:02 GMT
accept-ranges: bytes
etag: "0c37e437dbed81:0"
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
sprequestduration: 4
spiislatency: 1
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.22824
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 64891B465A5D4D8BA1C0D8D241DD0705 Ref B: OSL30EDGE0109 Ref C: 2022-09-09T03:22:48Z
date: Fri, 09 Sep 2022 03:22:47 GMT
X-Firefox-Spdy: h2