| junair-dot-excelsharepoint-371603.uk.r.appspot.com/ | 216.58.211.20 | 302 Found | 0 B |
URL HTTP/1.1junair-dot-excelsharepoint-371603.uk.r.appspot.com/ IP216.58.211.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Outlook | | phishtank | Other | | fortinet | Phishing | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: junair-dot-excelsharepoint-371603.uk.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
X-Cloud-Trace-Context: 37bf923f92aff56155e6be120056a0f0
Date: Sun, 29 Jan 2023 06:44:50 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha2104f935c638b4767ca5ae0d738ef23 85c6af15af749be0ceeae6de17c36925b750f166 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8398
Expires: Sun, 29 Jan 2023 09:04:48 GMT
Date: Sun, 29 Jan 2023 06:44:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10492
Expires: Sun, 29 Jan 2023 09:39:42 GMT
Date: Sun, 29 Jan 2023 06:44:50 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 06:43:08 GMT
content-type: application/json
age: 102
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3483
Expires: Sun, 29 Jan 2023 07:42:53 GMT
Date: Sun, 29 Jan 2023 06:44:50 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xfnGEyx5N/Ee0BKajc5QX/bP42BHTZIgTuoRtrFENox0YtJKJmMyVuQxNU0bL8GrsN8ltw2bdsgq81LqVevohg==
x-amz-request-id: 146QBXF7HQD45W2K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 06:21:17 GMT
age: 1413
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:44:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashdbadf08c9d77a04f5a379257ad71bf3f ca1d88d3abccf3b1229e5a7573f921794f665fb3 91ed3701f80f802708893b7b89c10a0bf6d7238baf770d68caf36814ab6f7cc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| junair-dot-excelsharepoint-371603.uk.r.appspot.com/ | 216.58.211.20 | 200 OK | 15 kB |
URL HTTP/2junair-dot-excelsharepoint-371603.uk.r.appspot.com/ IP216.58.211.20:0
File typeHTML document, ASCII text, with very long lines (52807) Hashf5db3c2910b387b91fa6936c2d3e0280 1d795f9325126793157af0e5f6e15d13e98cbf92 53769e353c078f41c8fb7df1350369b0c48af46f1b4ca67efea397fb40770e27
Analyzer | Verdict | Alert | openphish | Outlook | | phishtank | Other | | fortinet | Phishing | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: junair-dot-excelsharepoint-371603.uk.r.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
content-encoding: gzip
x-cloud-trace-context: e81884a66729e0d2752de075d36808a4
vary: Accept-Encoding
date: Sun, 29 Jan 2023 06:44:50 GMT
server: Google Frontend
cache-control: private
content-length: 14569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashdbadf08c9d77a04f5a379257ad71bf3f ca1d88d3abccf3b1229e5a7573f921794f665fb3 91ed3701f80f802708893b7b89c10a0bf6d7238baf770d68caf36814ab6f7cc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css | 152.199.23.37 | 200 OK | 20 kB |
URL HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css IP152.199.23.37:0
File typeASCII text, with very long lines (61177) Hash6e3a82201f6b30464003c4eb38a44681 3962e31e0672345e8a2061dd8f99400d07c53fe6 1a22cd11ac7403823fd6dad25dfafeb65bb1dd01eed1723dcbf59c8de9b3d8fd
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_59_uuouser7hrkmvbaz1jw2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 16778362
cache-control: public, max-age=31536000
content-md5: bjqCIB9rMEZAA8TrOKRGgQ==
content-type: text/css
date: Sun, 29 Jan 2023 06:44:50 GMT
etag: 0x8D872D16C711C33
last-modified: Sat, 17 Oct 2020 19:18:26 GMT
server: ECAcc (ska/F6B6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ab49b811-201e-0093-2914-9b6a88000000
x-ms-version: 2009-09-19
content-length: 19771
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_ynywyfekfmsp3ljup2epra2.js | 152.199.23.37 | 200 OK | 44 kB |
URL HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_ynywyfekfmsp3ljup2epra2.js IP152.199.23.37:0
File typeASCII text, with very long lines (778) Hashed9aff44730dcc78628c87358c3610ff ee6296bdabe0e49f8378e3a318c0e3d5fac641f4 bb55d26b0410b346e0e9f9cfa8756db707a341a2f37143bd2f8cf30467611949
GET /ests/2.1/content/cdnbundles/aad.login.min_ynywyfekfmsp3ljup2epra2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 30344064
cache-control: public, max-age=31536000
content-md5: 7Zr/RHMNzHhijIc1jDYQ/w==
content-type: application/x-javascript
date: Sun, 29 Jan 2023 06:44:50 GMT
etag: 0x8D876CB187B0320
last-modified: Thu, 22 Oct 2020 20:43:13 GMT
server: ECAcc (ska/F773)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 08295444-a01e-0090-05b2-1f99e8000000
x-ms-version: 2009-09-19
content-length: 44333
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.1.11.min__yok_chwseypwbmuffnnaa2.js | 152.199.23.37 | 200 OK | 39 kB |
URL HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.1.11.min__yok_chwseypwbmuffnnaa2.js IP152.199.23.37:0
File typeASCII text, with very long lines (733) Hashae1fda14627a551f3d68375367b86875 473fa18585c4dd69703a8c090b1684996ff368bc e6ba42dfe48539973b5e161e172e1ee66fa648c2483edf3ab39933ebdd2b2b1b
GET /ests/2.1/content/cdnbundles/jquery.1.11.min__yok_chwseypwbmuffnnaa2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 17850369
cache-control: public, max-age=31536000
content-md5: rh/aFGJ6VR89aDdTZ7hodQ==
content-type: application/x-javascript
date: Sun, 29 Jan 2023 06:44:50 GMT
etag: 0x8D876CB2080AB77
last-modified: Thu, 22 Oct 2020 20:43:26 GMT
server: ECAcc (ska/F7B9)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 36fc386b-b01e-0072-3e54-91ee33000000
x-ms-version: 2009-09-19
content-length: 38927
X-Firefox-Spdy: h2
|
|
| outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363 | 52.98.228.210 | 302 Found | 264 B |
URL HTTP/1.1outlook.office365.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363 IP52.98.228.210:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash52bcded6ad060df3b7f25c411ea490d4 98bae55e192c1cc5b6bea81d6450136dbacf66e2 dcf760270ec58313134c7b9d11b4def7a1e3a840e6a294700736ea622c8b10e7
GET /owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363 HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none
Server: Microsoft-IIS/10.0
request-id: b7abde92-884d-0c84-94d4-f6ede729d004
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: UserContext=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
DefaultAnchorMailbox=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
O365Consumer=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
HostSwitchPrg=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SdfV2LDomain=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
OptInPrg=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
LI=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
UserContext=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SuiteServiceProxyKey=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
DefaultAnchorMailbox=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
O365Consumer=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
HostSwitchPrg=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SdfV2LDomain=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
OptInPrg=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
LI=; domain=outlook.office365.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
RPSAuth=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None
RPSSecAuth=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
RPSClearCT=; domain=outlook.office365.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
X-FirstHopCafeEFZ: GVX
X-FEProxyInfo: GVYP280CA0044.SWEP280.PROD.OUTLOOK.COM
X-FEEFZInfo: GVX
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 06:44:50 GMT
Content-Length: 264
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 05:49:04 GMT
age: 3347
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| logincdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg | 192.229.221.185 | 200 OK | 1.4 kB |
URL HTTP/2logincdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg IP192.229.221.185:0
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators Hash9f368bc4580fed907775f31c6b26d6cf e393a40b3e337f43057eee3de189f197ab056451 7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1246848
cache-control: public, max-age=31536000
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
content-type: image/svg+xml
date: Sun, 29 Jan 2023 06:44:51 GMT
etag: 0x8D79ED29CF0C29A
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ska/F7B5)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: fd0c0cdd-301e-0034-1256-28f450000000
x-ms-version: 2009-09-19
content-length: 1435
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 152.199.23.37 | 200 OK | 17 kB |
URL HTTP/2aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP152.199.23.37:0
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 21010183
cache-control: public, max-age=31536000
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Sun, 29 Jan 2023 06:44:51 GMT
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ska/F738)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 99c0ded5-501e-0046-2297-74c4e6000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9304
Expires: Sun, 29 Jan 2023 09:19:55 GMT
Date: Sun, 29 Jan 2023 06:44:51 GMT
Connection: keep-alive
|
|
| res-1.cdn.office.net/shellux/suiteux.shell.msaltokenfactoryiframe.c8ed55a2f40c1d5f04e9.js | 23.36.79.43 | 200 OK | 82 kB |
URL HTTP/2res-1.cdn.office.net/shellux/suiteux.shell.msaltokenfactoryiframe.c8ed55a2f40c1d5f04e9.js IP23.36.79.43:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (26620) Hashc438664aefe6f39e9e79e30513eee672 61d872081606a15de43d77b9a5a5491a0371ba61 345bb60d7a84f2719080ccaf1e48d24880ab07594ffc2f91b2df380a6217238a
GET /shellux/suiteux.shell.msaltokenfactoryiframe.c8ed55a2f40c1d5f04e9.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webshell.suite.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 81797
last-modified: Tue, 18 Oct 2022 19:50:00 GMT
x-ms-request-id: 0ce728c6-e01e-0049-71e1-e7bd7c000000
content-encoding: br
cache-control: max-age=630720000
date: Sun, 29 Jan 2023 06:44:51 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.70.68.230 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.70.68.230:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qn3G1Q+sDWXOuMLJW/x/OA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YPijkS5no250G9lsIoIoBBBKiEA=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21112
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 06:44:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21112
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 06:44:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21112
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 06:44:52 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6af6f32397882f56d14d22348e44a9f1 5a626376807e7507fa3a204c4e4e9e44aa074a37 478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:34:32 GMT
age: 11420
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 47336
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2cbbc57c4e469baec1bda006407877cc e988f007b1f9ec2327e7817f38cf56202096aeae 5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: 034023e1-bd96-4c41-aa48-cccf5fa7b366
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feLdTEXToAMF5Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58c54-5390c17952d82d9108bdd3f8;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:57:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACe_e899vrvXgDH3SKhGkebo6EgwW3c97aiFsr_p0g0cyWhl0XmjIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:04:06 GMT
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
age: 24046
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd5ed99a9aed6f367efc5c9498ce87ff1 3123eb6f550c51fe17fc62eff943b3739e239a9b 536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GEghrk0LlbdfqVAHey-W84Zk9XHT2PD268Vfxf85HEvil0Ra27YgPA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:43:37 GMT
age: 10875
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash10a6491e2c1dfde68c7cd7297e70700f d0f195319825a6d3e5e50ad15b2fcab27cb65896 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 27144
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash17da02bed84fa533c12b4e833f54ec69 e0862b84c3b449722536d8c7d1373af6ad32b7c5 742b05f0d88b86d1890bca55d3cbbd4a746546ab969b866bc4f69f4e2bc8ae38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8995
x-amzn-requestid: a0fb430c-1ec7-4dfe-80f9-db99bda894f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR6A_F2doAMFnbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0a39f-2bcbc4972b45dede227848f8;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:35:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PaMo9WW4hNvSRMhaoezhhoJIlDom9wVxbgjpQimXux_JJgeWQ28TNg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 10:29:29 GMT
age: 72923
etag: "e0862b84c3b449722536d8c7d1373af6ad32b7c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| webshell.suite.office.com/iframe/TokenFactoryIframe/Logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 | 52.111.209.6 | 200 OK | 0 B |
URL HTTP/2webshell.suite.office.com/iframe/TokenFactoryIframe/Logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 IP52.111.209.6:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /iframe/TokenFactoryIframe/Logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 HTTP/1.1
Host: webshell.suite.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 06:44:50 GMT
server: Kestrel
cache-control: private,max-age=3600
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
content-security-policy: default-src 'none'; frame-src *; script-src https://res-1.cdn.office.net https://shell.cdn.office.net 'nonce-oVf2GOA7+3xwbIXRKvmh+gMpUK1gq1eJdzoS3h3g2fs=' 'unsafe-inline'; connect-src *;
cross-origin-resource-policy: cross-origin
x-o365suiteuxshell-correlationid: db3312e8-d091-4019-a9f0-6d0688fc7eb3
X-Firefox-Spdy: h2
|
|
| www.microsoft365.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363&from=logout | 13.107.6.156 | 200 OK | 0 B |
URL HTTP/2www.microsoft365.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363&from=logout IP13.107.6.156:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363&from=logout HTTP/1.1
Host: www.microsoft365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.office.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: OH.SID=6fb47922-e69b-4d0f-97e7-32e96d2213f2; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-noe; expires=Sun, 29 Jan 2023 14:44:51 GMT; path=/; secure; samesite=none; httponly
OH.FLID=f541c138-a6d5-48bd-80a1-6c76f5eb3994; expires=Mon, 29 Jan 2024 06:44:51 GMT; path=/; secure; samesite=none; httponly
UserIndex=; expires=Sat, 28 Jan 2023 06:44:51 GMT; path=/; secure; samesite=none; httponly
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A4E69E823F4643EB8A639FBCA828CE15 Ref B: SVG20EDGE0213 Ref C: 2023-01-29T06:44:51Z
date: Sun, 29 Jan 2023 06:44:50 GMT
X-Firefox-Spdy: h2
|
|
| outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none | 52.98.228.226 | 200 OK | 0 B |
URL HTTP/2outlook.office.com/owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none IP52.98.228.226:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /owa/auth/logoff.aspx?cmd=logoff&exlive=1&lgtype=1&sid=494fe386-9fa1-4fbf-885f-5038fa243363&pngSites=none HTTP/1.1
Host: outlook.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: image/gif
server: Microsoft-IIS/10.0
request-id: 1a2cb7e6-7fd6-0823-9927-f038ab7331fd
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443",h3-29=":443"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-aspnet-version: 4.0.30319
set-cookie: UserContext=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
DefaultAnchorMailbox=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
O365Consumer=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
HostSwitchPrg=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SdfV2LDomain=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
OptInPrg=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
LI=; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
UserContext=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SuiteServiceProxyKey=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
DefaultAnchorMailbox=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
O365Consumer=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
HostSwitchPrg=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
SdfV2LDomain=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
OptInPrg=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
LI=; domain=outlook.office.com; expires=Fri, 29-Jan-1993 06:44:51 GMT; path=/; secure
RPSAuth=; domain=outlook.office.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None
RPSSecAuth=; domain=outlook.office.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
RPSClearCT=; domain=outlook.office.com; expires=Thu, 30-Oct-1980 16:00:00 GMT; path=/;SameSite=None; secure
x-firsthopcafeefz: GVX
x-feproxyinfo: GVYP280CA0019.SWEP280.PROD.OUTLOOK.COM
x-feefzinfo: GVX
x-powered-by: ASP.NET
date: Sun, 29 Jan 2023 06:44:50 GMT
X-Firefox-Spdy: h2
|
|
| www.office.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 | 13.107.6.156 | 200 OK | 0 B |
URL HTTP/2www.office.com/logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 IP13.107.6.156:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /logout?sid=494fe386-9fa1-4fbf-885f-5038fa243363 HTTP/1.1
Host: www.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junair-dot-excelsharepoint-371603.uk.r.appspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: OH.SID=0ab7dddd-b4ad-4c21-b9e4-6a41dbddd887; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-noe; expires=Sun, 29 Jan 2023 14:44:51 GMT; path=/; secure; samesite=none; httponly
OH.FLID=1e81f900-3c8e-4ee9-8bb6-3bd23346c6a6; expires=Mon, 29 Jan 2024 06:44:51 GMT; path=/; secure; samesite=none; httponly
UserIndex=; expires=Sat, 28 Jan 2023 06:44:51 GMT; path=/; secure; samesite=none; httponly
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B589A64E9F34446D8EA9130F538DDB43 Ref B: SVG20EDGE0213 Ref C: 2023-01-29T06:44:51Z
date: Sun, 29 Jan 2023 06:44:50 GMT
X-Firefox-Spdy: h2
|
|