firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 20:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5RE0Q5ylpGnEy9Yh7sRXQ_qCG9j-8SPC3OMNNe_P6fW7_KEEHbtReQ==
Age: 326
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4127
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 20:19:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5Xnu2U0tKsGMWhfCbD6A_a5RD3Btqq1QlsK93ICRmqNSOBY9PUF3_g==
age: 56654
X-Firefox-Spdy: h2
creator.microsoftstart.com/
40.112.243.98301 Moved Permanently 0 B URL HTTP/1.1 creator.microsoftstart.com/
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET / HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Thu, 22 Sep 2022 20:19:28 GMT
Location: https://creator.microsoftstart.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:19:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 20:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 20:17:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sAkA-lEwkWOHWtpqZ5wJwPUckkkgFUUQ-jN4jiRViPGwglv28wZMsg==
Age: 966
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:19:28 GMT
Last-Modified: Thu, 22 Sep 2022 18:37:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /I33C4CHnL5RgSTbv8RrNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fK6GveBWMn61IX1mIkvpfSce/lE=
statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
23.36.76.96200 OK 473 B URL HTTP/1.1 statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (342), with CRLF line terminators
Hash a40589609d8e75c109e93abbff0dcf60
76ae9c943d54022e24b90467713a73a431eddd6d
2c959c2618be84448b26de18639db8a66126449c6ebb29f4f6d33e00adb5b069
GET /statics/override.css HTTP/1.1
Host: statics-marketingsites-wcus-ms-com.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
ETag: 0x8D6EEC3A2D67C35
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0be3c9b2-601e-001b-2ec3-662498000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Unused62: 8096267
Content-Length: 473
Date: Thu, 22 Sep 2022 20:19:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5e136317c0c71275860fcce48a860311
ea873b454c69b6bed9c6bfb32ca8b3d500c8cf3a
8280ba5f21730cd6cde3d0a3581bbdc319b5d707e268bc50f3b59d2846350830
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:19:30 GMT
Last-Modified: Thu, 22 Sep 2022 19:04:40 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
creator.microsoftstart.com/
40.112.243.98200 OK 29 kB URL HTTP/1.1 creator.microsoftstart.com/
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10061), with CRLF, LF line terminators
Hash 41a1d1170a0c5f84047e0f5cc9312d68
5702a2328e703876b6e335f8df911f198dc3f641
3496481253c74642c3005b12365ab7d8ba0f43cdad08fdd6fa4c4ef966ad2a14
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET / HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Length: 29307
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 20:19:29 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath; path=/
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30, ASP.NET
Link: <https://creator.microsoftstart.com/wp-json/>; rel="https://api.w.org/", <https://creator.microsoftstart.com/wp-json/wp/v2/pages/115>; rel="alternate"; type="application/json", <https://creator.microsoftstart.com/>; rel=shortlink
www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/1a-bb39e7/ef-a24652?ver=2.0&_cf=02242021_3231
23.38.201.156200 OK 23 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/1a-bb39e7/ef-a24652?ver=2.0&_cf=02242021_3231
IP 23.38.201.156:0
File type Unicode text, UTF-8 text, with very long lines (64241)
Hash bb34fa956cd28133c85f395df38cd9d1
431626d79bb8538a90010651d1afae008bb0afd2
19ea0e7c6aee3590451b4dc1a1ed6b62e611cb478eb889aa7cdfe31968225ea5
GET /onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/1a-bb39e7/ef-a24652?ver=2.0&_cf=02242021_3231 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Aug 2022 21:37:58 GMT
x-activity-id: e769626d-8e0e-4f3f-b04a-85779eb43935
ms-cv: 4MCHWe9odEitRWH1.0
x-appversion: 1.0.8263.42159
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-17T07:25:18.0000000Z}
ms-operation-id: 6a1b9303a6c94a409f3b36b55ea07de4
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-08-23T21:37:58
x-s2: 2022-08-23T21:37:58
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 22578
cache-control: public, max-age=28948681
expires: Wed, 23 Aug 2023 21:37:31 GMT
date: Thu, 22 Sep 2022 20:19:30 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
23.38.201.156200 OK 36 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
IP 23.38.201.156:0
File type ASCII text, with very long lines (42133)
Hash 457c64e69f73a625fe291fae02c1b927
ab2aa2e7b4e37daaeb60f17698a5a886d501385e
094ea09c58e064dc91cfa128356e975744d1e546948c61ed9852e0fe3e158134
GET /onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Aug 2022 21:27:42 GMT
x-activity-id: ba1a6d7b-e993-45ae-a14b-260b61045c46
ms-cv: eHE/b/kYDkWjU+WL.0
x-appversion: 1.0.8263.42159
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-17T07:25:18.0000000Z}
ms-operation-id: 819762409931f041bf59e7a7daace4b8
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-08-23T21:27:42
x-s2: 2022-08-23T21:27:42
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 35578
cache-control: public, max-age=28948062
expires: Wed, 23 Aug 2023 21:27:12 GMT
date: Thu, 22 Sep 2022 20:19:30 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
152.199.19.161200 OK 78 kB URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
IP 152.199.19.161:0
File type ASCII text, with very long lines (65494)
Hash e069fff2aa03edbc21f45090fc4eb4db
39856fc28a29a4cc24e0e1209da98fd491725bee
666c13dbb7a77b0b96c3d7264974abcc9583b36951d9a40ae9b8bdae0fd6aa07
GET /public/latest/js/form-loader.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 285389
content-md5: 1KmUMplSdP7sojHoH8OUuw==
content-type: application/x-javascript
date: Thu, 22 Sep 2022 20:19:30 GMT
etag: 0x8DA9A3EDE6CC0A1
last-modified: Mon, 19 Sep 2022 13:00:03 GMT
server: ECAcc (ska/F762)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3d7aa630-601e-005b-2c28-cc6a98000000
x-ms-version: 2009-09-19
content-length: 78329
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
152.199.19.161200 OK 2.3 kB URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
IP 152.199.19.161:0
File type ASCII text, with very long lines (5347), with no line terminators
Hash dc605b6ac4974e513a4f08280bad84d4
8cf4827782c6e0bebca7850f9859f7c999a92c1d
ff5637f77aebb3242cbe8f9ca131e63cfe5f4de8e374080c6ec48d3b7c194bdf
GET /public/latest/js/ws-tracking.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 285390
content-md5: FjqakIjSeEkZwkM9tXKB2Q==
content-type: application/x-javascript
date: Thu, 22 Sep 2022 20:19:30 GMT
etag: 0x8DA9A3EDE75C095
last-modified: Mon, 19 Sep 2022 13:00:03 GMT
server: ECAcc (ska/F6EF)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c492624a-b01e-0067-7a28-cc435f000000
x-ms-version: 2009-09-19
content-length: 2325
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6852
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:19:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6852
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:19:30 GMT
Connection: keep-alive
creator.microsoftstart.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
40.112.243.98200 OK 12 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (43771)
Hash 8bd2d78164d781a770ac693fdb7f7efc
81436092a98cb3c5b8eecefbdea0b0bc7ee6dd2f
8e9d6c5dd73a3b0dea05f4f256bc8b2ef6be03e44f30b04557e581f8cc180119
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 11616
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80f2e707096d81:0"
Last-Modified: Wed, 13 Jul 2022 04:24:27 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 79407
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6852
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:19:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 18:56:48 GMT
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
age: 4962
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6852
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 20:19:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: itH-GLLUay6dtfjGStUDeT3wOwVf-S3tWSY31HjriEFaRUiD8aFKNw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:06:02 GMT
age: 11608
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 81908
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
age: 79687
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 81908
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
40.112.243.98200 OK 31 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 7be9738dc88e39fc481041335a4a42b4
5fbe17481029d4e344d3700ecd2320ccb3690e89
249b0a1c63da96a7cc4c6bf2ff777b2164cce977f935713d967d46e5bfa319af
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 30989
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80c7a46e355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:59 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 1ce36e8a87e030e4260315969e382d36
39f8aab0f85e12fb4b2f035080b77f53b5b66ebc
5fc6a22a285ba944c70306cd3e14d83ecd6cf1c16723fd35aa4e5f07ef87ff3f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 20:19:30 GMT
Last-Modified: Thu, 22 Sep 2022 19:20:13 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: otelLEvh2bJ0qI4-l0IAWEikCazuLGNr1gxHvD6hUYlmnmrOnbX_cA==
Age: 3557
creator.microsoftstart.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
40.112.243.98200 OK 4.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (11126)
Hash d7498b2e9a206f75a43170a14cb61710
8705153ace5f41d24fe22cff7d8b8a788107e6c3
314196a1eb0642c6288854149f08530a1c7a8905a8cb983d8a5658f863e39a61
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4172
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80c7a46e355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:59 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/themes/tailpress-1/css/app.css?ver=3.0.0
40.112.243.98200 OK 6.3 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/themes/tailpress-1/css/app.css?ver=3.0.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash a9adba825cef8da3841311c36cd57ac3
afe082eb71a1a11f2160a477241a83dd72d42126
5920e82db9d3e833556b114d08fdeb9f1e151db895e7220c7aba1554bcc662c4
GET /wp-content/themes/tailpress-1/css/app.css?ver=3.0.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6323
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "808f852355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:11 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.0.2
40.112.243.98200 OK 999 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.0.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 464985df062b4599b838ed2fee132d14
c5af26c62919a45926793cb11085b7babff9d158
a7444cec504d122cfcc0df83082facff7c4accd2055d4c450a590f21bbb9c734
GET /wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.0.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 999
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0ffe728355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:02 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.0.2
40.112.243.98200 OK 7.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.0.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 5ac6110046e2b9050633ecf390caea96
232317607e17db9c199606dec6ffe36d21aee1f0
a48324ebebace31d5cf6e7903611f05764c8d7a53fc34fe76b0be5304fca77e8
GET /wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.0.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6979
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80684f28355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:01 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.16.7
40.112.243.98200 OK 1.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.16.7
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (7444), with no line terminators
Hash cb8ef0770883574abaec3fa129029c25
087a558f04a73bc9d5c8cee42649952e2fc36f7c
efae24d31a6fbf8746ad71358ae23b68e1c203b94243ef1869e53aef8b2e4b18
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.16.7 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1881
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0ee436355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:24 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/login-page.css?ver=6.0.2
40.112.243.98200 OK 581 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/login-page.css?ver=6.0.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 32a3f1a33c20576e3c3ea1a6e94cdb42
4f43d49c1975861527a7ecf1553e631c364b4865
654900e7461eb2a21517be0dcf1a4d1edc6210e288c9efc67e70cc6543abec3a
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/plugins/login-with-azure/css/login-page.css?ver=6.0.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 581
Content-Type: text/css
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "c2b0e628355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:01 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/themes/tailpress-1/js/app.js?ver=3.0.0
40.112.243.98200 OK 311 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/themes/tailpress-1/js/app.js?ver=3.0.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4f30e8224e0ec35208a42471d885f1e4
f9e5f2e2af43c9ff7f1a5ff1cd4a1e6a27c3e247
6fd382a047ff7f029e94c85ab3dd9ccfd6eb40f2b29ff7689a5830d1521f6ee6
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/themes/tailpress-1/js/app.js?ver=3.0.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 311
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "73e87d52355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:11 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
40.112.243.98200 OK 6.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (15660)
Hash 5b49ac9423f60e2bc202fd0f262dcbca
8b8e9dc543c50fa37c93b4813e7b1df0b1e3c6ca
eece78511ada5a18c5969ad63f3458f1f1886adc05d198036c7dbf4f442299ab
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6568
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "208fc1daf06fd81:0"
Last-Modified: Wed, 25 May 2022 04:35:26 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1
40.112.243.98200 OK 1.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 192f497aacae1a97abdd1b6b84fc7737
9ccf73b7c2bc2a04caa02acbe4dbf36dc5e573f6
c3bd18b0b69758cc1c7f26e21e6ae7249081e912a02c888107cf9efa13d9f35a
GET /wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1210
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "848a3c29355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:02 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
40.112.243.98200 OK 8.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6eef3794b9d9d12e3cf9b1f59ff18d7b
f66e1ecba718850c89876aa833af3d315eb997d7
cca45babcbf4027ed2d560827bde4c164dbc75e30d51d0b12638353bd2261863
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8433
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "cce49bd9f06fd81:0"
Last-Modified: Wed, 25 May 2022 04:35:24 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.16.7
40.112.243.98200 OK 23 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.16.7
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b266ad017b93f1f7b48365eeb4854147
fba00420afec4212823ff9badacddab23efa46ea
a2b03d8e2a2eddd22087dc2f9dc44ad253338446eb2890960ac4ea76daed0a1b
Analyzer Verdict Alert openphish Office365
GET /wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.16.7 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 23228
Content-Type: application/x-javascript
Date: Thu, 22 Sep 2022 20:19:30 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "8d4a7037355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:26 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.socialintents.com/json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1663877970393
44.242.110.5200 OK 128 B URL HTTP/2 www.socialintents.com/json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1663877970393
IP 44.242.110.5:0
Hash fd0614c274deceba828b50cd0b9dd1a2
3b150ad13bf09f3fc04ade698efb11f5f21596a6
eaf8c9505e4665fb9e74c4ede987c7d7db33f5843e1eeb020a550f46cf396111
GET /json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1663877970393 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=0aWgZNVhzH6TUODbCHqQ0t4avzIUK6xfxez+QNQbnpWOFB6pkOPPEmGFjsQ/wd/LX/rrRgCcXM0EFJCM2B3mBYoWfbaLo37jnUGD7X/dkOQsgfoAilgRS7XwZoA7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:19:31 GMT
content-type: application/json;charset=UTF-8
content-length: 128
set-cookie: AWSALB=P0DYbVJEkMiTiw/VD+6YWf9hWuJVZHyqt98yhNvNFfbGU+0f6peioc1DELGYZ0Jl/ifvW3I1Dk9JUdwgSaAXu9vx6qUNxsVy/6rK5Z94lfwWEPO/JHqz2DB/hd4m; Expires=Thu, 29 Sep 2022 20:19:31 GMT; Path=/
AWSALBCORS=P0DYbVJEkMiTiw/VD+6YWf9hWuJVZHyqt98yhNvNFfbGU+0f6peioc1DELGYZ0Jl/ifvW3I1Dk9JUdwgSaAXu9vx6qUNxsVy/6rK5Z94lfwWEPO/JHqz2DB/hd4m; Expires=Thu, 29 Sep 2022 20:19:31 GMT; Path=/; SameSite=None; Secure
JSESSIONID=8DEAF62039944B78FB5215C7EA4BE589; Path=/; Secure; SameSite=None; Secure; HttpOnly; SameSite=None
server: nginx/1.20.0
X-Firefox-Spdy: h2
creator.microsoftstart.com/app.css
40.112.243.98404 Not Found 29 kB URL HTTP/1.1 creator.microsoftstart.com/app.css
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10061), with CRLF, LF line terminators
Hash 77d6472aa12d1e421e0dcffa64324d8c
ede57b1334d68af59553e546e5926b708f0861f5
fca5f638a381447c541b894c2d5a6ea6134e54c501eb23b5a03620d96fec1d13
Analyzer Verdict Alert openphish Office365
GET /app.css HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 28830
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Pragma: no-cache
X-Powered-By: PHP/7.4.30, ASP.NET
Link: <https://creator.microsoftstart.com/wp-json/>; rel="https://api.w.org/"
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
23.36.76.200200 OK 4.1 kB URL HTTP/2 img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f14c20150a003d7ce4de57c298f0fba
daa53cf17cc45878a1b153f3c3bf47dc9669d78f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
GET /cms/api/am/imageFileData/RE1Mu3b?ver=5c31 HTTP/1.1
Host: img-prod-cms-rt-microsoft-com.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
last-modified: Sat, 17 Sep 2022 20:22:04 GMT
x-source-length: 4054
x-datacenter: northeu
x-activityid: bbef4b2b-7038-48db-bee2-5c178f5fa7a2
timing-allow-origin: *
x-frame-options: DENY
x-resizerversion: 1.0
content-length: 4054
cache-control: public, max-age=388998
expires: Tue, 27 Sep 2022 08:22:49 GMT
date: Thu, 22 Sep 2022 20:19:31 GMT
X-Firefox-Spdy: h2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
23.38.201.156200 OK 26 kB URL HTTP/2 www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
IP 23.38.201.156:0
File type Web Open Font Format, TrueType, length 26288, version 0.0\012- data
Hash d0263dc03be4c393a90bda733c57d6db
8a032b6deab53a33234c735133b48518f8643b92
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 14 Jun 2022 13:23:15 GMT
x-activity-id: 433fff9c-ac1c-4827-bb3b-a2ca5fa6dd83
ms-cv: /0+3RKV7ykuNLoKI.0
x-appversion: 1.0.8167.41521
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-05-13T07:04:02.0000000Z}
ms-operation-id: 2f08fc2d143919438bfe914fdfecfc02
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=22871031
expires: Wed, 14 Jun 2023 13:23:22 GMT
date: Thu, 22 Sep 2022 20:19:31 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
23.38.201.156200 OK 34 kB URL HTTP/2 c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
IP 23.38.201.156:0
File type Web Open Font Format (Version 2), TrueType, length 34052, version 0.0\012- data
Hash 36397a3bc139c6e9f81d383f060f080a
3f4f86c10920d4ed345f4858b6cde9f93e1aeb81
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
GET /static/fonts/segoe-ui/west-european/normal/latest.woff2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 34052
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "588d483e9c7d51:0"
cache-control: public, max-age=350432
expires: Mon, 26 Sep 2022 21:40:03 GMT
date: Thu, 22 Sep 2022 20:19:31 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
152.199.19.161304 Not Modified 0 B URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
IP 152.199.19.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/latest/js/form-loader.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 19 Sep 2022 13:00:03 GMT
If-None-Match: 0x8DA9A3EDE6CC0A1
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 285390
date: Thu, 22 Sep 2022 20:19:31 GMT
etag: 0x8DA9A3EDE6CC0A1
last-modified: Mon, 19 Sep 2022 13:00:03 GMT
server: ECAcc (ska/F762)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3d7aa630-601e-005b-2c28-cc6a98000000
x-ms-version: 2009-09-19
X-Firefox-Spdy: h2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
23.38.201.156200 OK 29 kB URL HTTP/2 c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
IP 23.38.201.156:0
File type Web Open Font Format (Version 2), TrueType, length 29388, version 0.0\012- data
Hash 6e75a94d5f7170a1ab532d32c2a35755
9c1b6fff544089941bbeddbcf529c3f0b46d853a
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
GET /static/fonts/segoe-ui/west-european/Semibold/latest.woff2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 29388
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "5b68d583e9c7d51:0"
cache-control: public, max-age=339688
expires: Mon, 26 Sep 2022 18:40:59 GMT
date: Thu, 22 Sep 2022 20:19:31 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
152.199.19.161304 Not Modified 0 B URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
IP 152.199.19.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/latest/js/ws-tracking.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 19 Sep 2022 13:00:03 GMT
If-None-Match: 0x8DA9A3EDE75C095
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 285391
date: Thu, 22 Sep 2022 20:19:31 GMT
etag: 0x8DA9A3EDE75C095
last-modified: Mon, 19 Sep 2022 13:00:03 GMT
server: ECAcc (ska/F6EF)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c492624a-b01e-0067-7a28-cc435f000000
x-ms-version: 2009-09-19
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/create.svg
40.112.243.98200 OK 1.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/create.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (508), with CRLF line terminators
Hash c064ebf61129e717c0090b27f3cb677d
9bec4ea8cd0cef1b6ddbbcd4a7c876be77031158
3c1e09bc4d171035121d72b0ab7c6d1e71a94b1112cfc9c7142e8b396a01241e
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/create.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1588
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "e070155b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.svg
40.112.243.98200 OK 5.8 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5659), with CRLF line terminators
Hash 8a35fbcac86cc7d9a9674e77b48e4986
4f98074ee42113ba8144f486673636312d0e2c6c
636715bed5c7a0312773fc4ffae1920a8e978c1064fe8cab1e611577bab90bf7
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/get-paid.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5766
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "59476b5b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/cash.svg
40.112.243.98200 OK 2.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/cash.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1337), with CRLF line terminators
Hash 4a487df08185f0b7c699e1d4dc5f4fc1
4c6ee04056780cd6d7d0cc48bfa295fa842929f5
28e530b34e424d16913a64a097d31e5c30d59fa65b2635f0c7c2595d33e302ad
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/cash.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2436
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "f75d25b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/connect.svg
40.112.243.98200 OK 2.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/connect.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1010), with CRLF line terminators
Hash eb5dc0e1905f09808aad0b9a4f5615dc
682be40dfc6e28b69b74865f0563d1838ea2dd52
11005bd96e1d108ddc55dacadcbfb3ea50b2f69feea6d6a9e0f6a63f91981903
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/connect.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2110
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "eb8595b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/go-global.svg
40.112.243.98200 OK 5.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/go-global.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5049), with CRLF line terminators
Hash 0e4e4ce3e5ac354ec5d282374c32515c
2b07f75e5720b98fedb30c6078359b97712362a7
db80a6fd749d6313a9bebc98ea2f2df49bd4465a0dbcb39b099ca42a434d7beb
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/go-global.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5156
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "fe58bc5b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/los-angeles.png
40.112.243.98200 OK 2.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/los-angeles.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 194 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash c54ab89f392e64d47ed4ab9b5b2c25a5
6889092028caada6ffb011460ddbc0d85f97388c
ee2db7658ed3f7f0334608b4b59ac4d135ce0dd8c661b2ff078651ecbcb6bb54
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/los-angeles.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2035
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "032d45b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/story-background.svg
40.112.243.98200 OK 852 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/story-background.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (492), with CRLF line terminators
Hash 5a536937285b2d1ab10617fbd4174878
07b2c4621df05bb33d16f47ddc6133d3b47f485a
412bae5ce0f1717032f7ab2706b1a99f0aedc40cbfb967c0fd860fa7dec66614
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/story-background.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 852
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "27fb275c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/mobile.png
40.112.243.98200 OK 137 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/mobile.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 137 kB (137372 bytes)
Hash d96597c5a9698e2a3e783d7d4ad92f37
6f41c4c5665b892dff585697d06d344ac6e549aa
da9bb7c6952e5d5a8d0952b5494538f3c3906a6910b2036f9c923010b5c33d49
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/mobile.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 137372
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "cefaf75b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/msn.png
40.112.243.98200 OK 214 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/msn.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 214 kB (213560 bytes)
Hash 1c150c89d0a4a78006d507fbd646116d
81d1548d953390d06869af017538e498e5660a53
ba1012daa04a936f14b6ac8d3ba5f34b017bd9acfbff84bb5df7db74f5c272ec
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/msn.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 213560
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "44751e5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/banner.png
40.112.243.98200 OK 525 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/banner.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1600 x 788, 8-bit colormap, non-interlaced\012- data
Size 525 kB (525408 bytes)
Hash 1dfab9f95fc510fb538cc0af96014ce9
8c23771fc2413864cd0ebee84cb31ad085a82598
0d3fd94190ffa51a5c4440f2c1999f99f84cadca9c1390d6f41735c8ced9d39b
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/banner.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 525408
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "54aeb35a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.svg
40.112.243.98200 OK 2.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1526), with CRLF line terminators
Hash a9d28edd90bb3a81da0221739efb31ae
85349b5c92f4e7b917b2b82c0e3867311e03634f
458167ee38f217b85c466deed29e7a6a48bd955369ab7fcb951d02e297e1f333
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /wp-content/uploads/2022/03/build-your-brand.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2864
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5aaef15a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/usa-today.png
40.112.243.98200 OK 2.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/usa-today.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 121 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e6c75f43447416a5fff9ddff06f0ce1
abd8284784abbec80b84b703112905580a27d258
68789000567b30903d14da6f207c2c0960ae9b31d5644895c75a26e33dc5c957
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/usa-today.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2052
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "27e8495c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/univision.png
40.112.243.98200 OK 2.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/univision.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 159 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 6cf75a2dc00c4aaa672849df41f901cd
f1dc2962a32d220364923ce6ee7855a9d21a20aa
0d15ffc033dcc15878265026608a21591cc82d1de1f4fe3c6fc0e07e243bd930
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/univision.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2220
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5e20455c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/bloomberg.png
40.112.243.98200 OK 2.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/bloomberg.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 133 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eacfa7d66abcc577ef245511358cd69
a1e08be805b13f2f95fc8a391449357cafa75516
7e28c4ab0b9e48d9821fdc26f15d32e508ee3321be203739ef351e4fd5c7153c
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/bloomberg.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2174
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "ced5ba5a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/edge.png
40.112.243.98200 OK 247 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/edge.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 247 kB (246987 bytes)
Hash 7922dc45abf6f6bebf350629e6ebb8ed
6d12fc33e8ed79edfb7946b25b366cbf416afffb
f79d82c0a50950d392b79f3d5d620e666a3fd093381a530da4f3fd239d924d02
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/edge.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 246987
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "405c405b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/widget.png
40.112.243.98200 OK 268 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/widget.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 268 kB (268105 bytes)
Hash 9f619afc0185cf5c10242b82f81f2977
2d9e446262dafbb0cf0b2f31b486a19580d7c03b
ad3bdda423eb8ed56307d0de294d2c73a451800ee14cab4838e1e5932eecdaa7
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/widget.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 268105
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:31 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "b8e99f5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
unpkg.com/alpinejs@3.7.1/dist/cdn.min.js
104.16.124.175200 OK 18 kB URL HTTP/2 unpkg.com/alpinejs@3.7.1/dist/cdn.min.js
IP 104.16.124.175:0
File type ASCII text, with very long lines (32524)
Hash 7611a19fe18a5e2be50625c2f8eedf01
56751fcd5d77b8369fce8e086142fb3d5dce0269
aff88eb1c7b7d6f10feda56edf4bbc616ffcb670ea59e034fff3ed7734b94fcb
GET /alpinejs@3.7.1/dist/cdn.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:19:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"91b0-4rQh4geG7pykXp4ge/uD1c4uE6k"
via: 1.1 fly.io
fly-request-id: 01G4XF127DR67PH99Z1T9RWFXY-fra
cf-cache-status: HIT
age: 9326821
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74edbc620acb0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/socialintents.1.3.js
44.242.110.5200 OK 514 kB URL HTTP/2 www.socialintents.com/api/chat/socialintents.1.3.js
IP 44.242.110.5:0
Size 514 kB (513848 bytes)
Hash 95f1245456107e6a53e3e61da08ceb39
f0099d0cc23f3ee70fe479a0588d8c0596d5ebc3
3c0b40d39b26f20667a16ad2d4395bfd21d4e70e903093bd68543ba297310321
GET /api/chat/socialintents.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=P0DYbVJEkMiTiw/VD+6YWf9hWuJVZHyqt98yhNvNFfbGU+0f6peioc1DELGYZ0Jl/ifvW3I1Dk9JUdwgSaAXu9vx6qUNxsVy/6rK5Z94lfwWEPO/JHqz2DB/hd4m; JSESSIONID=8DEAF62039944B78FB5215C7EA4BE589
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:19:31 GMT
content-type: application/javascript
set-cookie: AWSALB=kDOWo7+nuJSS+Jj+7M/w1/i7nkupRSargfnfzOx0BtztVjhwwkvW5v2ClSv2p0BH77uGsuhGnMXyWIoN8IExUlDSH7EJ/lbpfPMr1XJDUx3stX/jEGg+7Qunu1a2; Expires=Thu, 29 Sep 2022 20:19:31 GMT; Path=/
AWSALBCORS=kDOWo7+nuJSS+Jj+7M/w1/i7nkupRSargfnfzOx0BtztVjhwwkvW5v2ClSv2p0BH77uGsuhGnMXyWIoN8IExUlDSH7EJ/lbpfPMr1XJDUx3stX/jEGg+7Qunu1a2; Expires=Thu, 29 Sep 2022 20:19:31 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
etag: W/"8854-1663171380000"
last-modified: Wed, 14 Sep 2022 16:03:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/traveler.png
40.112.243.98200 OK 2.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/traveler.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 107 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e56ab46b01dc0b9615f23d750eb7c76
65674c87cb02af6ca74dcf3bac68bd6803a82ddf
2a622b2278b184518c0f600dad5eae7864c23443e732d75476e7d8c0baacdc74
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/traveler.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2625
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "10c12c5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/wordpress.png
40.112.243.98200 OK 9.5 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/wordpress.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 232 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash a52012cb47b36f2c610afbf0481c089c
f0ff1f3feef7c6347d767e019396549ec6805882
edbf851a2253eeb712d35ee7aef31e6a6eb4218d06c7c5a66d23e6804abfc530
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/wordpress.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 9533
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "cd2bc5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/ugc.png
40.112.243.98200 OK 4.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/ugc.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 476 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash f5b6f4b8ad7e1df289c83dd4015f9346
0e9a048e3c348c1a6d1db5458dd4e0a0bd65cbdc
db72a946daec1766460be9d25fe0ecfb0fcf814f6378ae6de70025156e188a8a
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/ugc.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4921
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "15f3b5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.png
40.112.243.98200 OK 334 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1190 x 828, 8-bit colormap, non-interlaced\012- data
Size 334 kB (333709 bytes)
Hash 06354125987528dad64794dfe0bf5464
320e5ccb00edd481595d5fec5d8a0e7f5c036e7e
7a79d57a9440bb5803f227bef463e267c4d286604c8e66a4ed9114c38a3eafcf
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/get-paid.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 333709
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "620645b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.png
40.112.243.98200 OK 1.3 MB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1190 x 828, 8-bit/color RGB, non-interlaced\012- data
Size 1.3 MB (1308287 bytes)
Hash a558a67b034909a8e3f5ca4b1223e21f
fc859ece9c39b2633db0302ced4b4802ae95bab0
34135b3bacf539cde2e9518ab805938dc4a56fe41b8e953db58313a086592486
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/build-your-brand.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1308287
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:32 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1fe8ec5a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png
40.112.243.98200 OK 2.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 19d3e69ac575036cd017be290595f562
51548f898f815322d53098dbdb83d83408de08fe
4abe4bbebbba439032d8d36fd068948b4d67cd9f6bf5d7b51d26951ee09698b0
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath; msd365mkttr=CLFbKEXClao1Jm2ufRM-yxgomBPFJ6olgePoWr1j; msd365mkttrs=r_gorW4w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2362
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:33 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "71a7342bd75fd81:0"
Last-Modified: Wed, 04 May 2022 16:51:15 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-192x192.png
40.112.243.98200 OK 37 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-192x192.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e3b44a226089073a1d66f32172516aea
8fb8a2cff1ae12d3dd1d65859e3e5eb630b9aa17
1bd99e487d851733dfcb927ff9ac1e58b9886746e51026673fb0beb326408a2b
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-192x192.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=cgldr3uaka63b0l38pjhp82ath; msd365mkttr=CLFbKEXClao1Jm2ufRM-yxgomBPFJ6olgePoWr1j; msd365mkttrs=r_gorW4w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 37317
Content-Type: image/png
Date: Thu, 22 Sep 2022 20:19:33 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "4f46132bd75fd81:0"
Last-Modified: Wed, 04 May 2022 16:51:15 GMT
X-Powered-By: ASP.NET
images.mktsvcp102wu101.svc.dynamics.com/org-8b5b80ac1ce14aba811b14ed1abf8a26/4b95a4ac-63b7-ec11-983f-00224809c27b/pbckBSKumUgL_YsEITnU16ueg4FZ7rognK-QgEs4iSA!
13.107.246.53200 OK 442 kB URL HTTP/2 images.mktsvcp102wu101.svc.dynamics.com/org-8b5b80ac1ce14aba811b14ed1abf8a26/4b95a4ac-63b7-ec11-983f-00224809c27b/pbckBSKumUgL_YsEITnU16ueg4FZ7rognK-QgEs4iSA!
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size 442 kB (442018 bytes)
Hash 904409802824fb1a7cdc63cfb24db548
2fb7d12b5db498eb03875ae82b4eacf4d937316d
15dddb50b65c71cdd3fc213a51ff6908fbf3bce71ad82035ea8deaf7e4e1ebeb
GET /org-8b5b80ac1ce14aba811b14ed1abf8a26/4b95a4ac-63b7-ec11-983f-00224809c27b/pbckBSKumUgL_YsEITnU16ueg4FZ7rognK-QgEs4iSA! HTTP/1.1
Host: images.mktsvcp102wu101.svc.dynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=18000
content-length: 442018
content-type: image/png
x-cache: TCP_MISS
server: CXP gateway
access-control-allow-origin: *
x-ms-trace-id: 90843b671300eaf1f29e65b12987e30a
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
x-azure-ref: 0V8MsYwAAAACiiPs2WkuHTbIBFB1thHFqTE9OMjFFREdFMTcwOAA3YmU2NmQwNi0xMjMzLTQzZTktYTEwNS1iZjk4NjBkZWQxMWQ=
date: Thu, 22 Sep 2022 20:19:35 GMT
X-Firefox-Spdy: h2
8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/CLFbKEXClao1Jm2ufRM-yxgomBPFJ6olgePoWr1j/r_gorW4w?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=388515632&formPageIds=0d2b9e6e-1cc0-ec11-983e-000d3a3394ee
52.159.151.194200 OK 6.1 kB URL HTTP/2 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/CLFbKEXClao1Jm2ufRM-yxgomBPFJ6olgePoWr1j/r_gorW4w?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=388515632&formPageIds=0d2b9e6e-1cc0-ec11-983e-000d3a3394ee
IP 52.159.151.194:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- C source text\012- HTML document text\012- HTML document, ASCII text, with very long lines (43964), with no line terminators
Hash 3f51e28b676c935ed133c44d1a2ce4d3
c2e3ada0f4abe59dea4044ea672eac5e613da482
984f5d7c8ed443511575abb65a77196e67d29782c1bec85be2a769e6e5422523
GET /t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/CLFbKEXClao1Jm2ufRM-yxgomBPFJ6olgePoWr1j/r_gorW4w?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=388515632&formPageIds=0d2b9e6e-1cc0-ec11-983e-000d3a3394ee HTTP/1.1
Host: 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
set-cookie: 79f08280-5c63-4331-b04d-fb6f39afda51=qBRayflsw6pFKkBwqryZOvQOrlChqJqcqk2sFYeobFc; expires=Sat, 21 Sep 2024 20:19:34 GMT; path=/; secure; httponly; SameSite=None
319af4c0-e197-4de9-8a9b-fe98c8a2ca04=qBRayflsw6pFKkBwqryZOvQOrlChqJqcqk2sFYeobFc; path=/; secure; httponly; SameSite=None
x-activity-id: 4c3b3999-bcc6-4d88-8f11-3a4ba589bcbf
x-servicefabricrequestid: 977cf8af-9f35-4f43-afc9-6dcc5456bd13, f6e3e172-1dcb-4749-8ad7-f9faff950c88
x-ms-activity-id: 4c3b3999-bcc6-4d88-8f11-3a4ba589bcbf
api-deprecated: False
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Sep 2022 20:19:34 GMT
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1663877970394
44.242.110.5200 OK 295 B URL HTTP/2 www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1663877970394
IP 44.242.110.5:0
Hash a740979f99485cc801f3044f9722b0f9
bf995239198646d19307abcd6e2b06d15b87ff5e
0f492e59d4873dc92a89bc663e182e6d39178352f9f2ae662f2650f5f44c8faf
GET /api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1663877970394 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=WECuiNGWT/N5G/6tJ00kp5i/UkDsxNRd1LOPuKC5glN2yRgEnbANgnobrPD2CLYURVuTDXNsUIeBK7h4WiO4IHvvSIHTrd4mIxR7U3tPCBn+jS9npsKOQkgNx5bL; JSESSIONID=8DEAF62039944B78FB5215C7EA4BE589
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:19:32 GMT
content-type: text/javascript;charset=UTF-8
set-cookie: AWSALB=Yrj58BrpoV5hfiV2xohbWVz8JAl4wkfa9e7uf1C/eDpc1kplbDG2vkut49YkbDG59naUEYO0A3Elicis3qKM5TuXpx75Ye/N3BkbHWqeaWOI3fqyb7Qnd9ZmpeJQ; Expires=Thu, 29 Sep 2022 20:19:32 GMT; Path=/
AWSALBCORS=Yrj58BrpoV5hfiV2xohbWVz8JAl4wkfa9e7uf1C/eDpc1kplbDG2vkut49YkbDG59naUEYO0A3Elicis3qKM5TuXpx75Ye/N3BkbHWqeaWOI3fqyb7Qnd9ZmpeJQ; Expires=Thu, 29 Sep 2022 20:19:32 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/lookup/52a502df-fcbf-ec11-983e-000d3a3399c6
52.159.151.194200 OK 1.1 kB URL HTTP/2 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/lookup/52a502df-fcbf-ec11-983e-000d3a3399c6
IP 52.159.151.194:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1102), with no line terminators
Hash 42f58d63db36f959758370fdeab26fa9
c3f5853f1e252b0aca3f4681a03262cfa074910b
a46e88a5e99f414c1c4d6e481c85527e7528a4a14a04074596b62da1e6ba3c10
POST /t/lookup/52a502df-fcbf-ec11-983e-000d3a3399c6 HTTP/1.1
Host: 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 45
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1102
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
x-activity-id: 0ee26b7e-f671-49e1-8035-5bb58938ab96
x-servicefabricrequestid: ec9bb0ff-7538-4b00-8d28-1839512d0acb, 68568aa4-cc1b-4e55-b587-5ba8d43f5082
x-ms-activity-id: 0ee26b7e-f671-49e1-8035-5bb58938ab96
api-deprecated: False
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Sep 2022 20:19:35 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 79417
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.socialintents.com/api/socialintents.1.3.js
44.242.110.5200 OK 0 B URL HTTP/2 www.socialintents.com/api/socialintents.1.3.js
IP 44.242.110.5:0
GET /api/socialintents.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:19:31 GMT
content-type: application/javascript
set-cookie: AWSALB=0aWgZNVhzH6TUODbCHqQ0t4avzIUK6xfxez+QNQbnpWOFB6pkOPPEmGFjsQ/wd/LX/rrRgCcXM0EFJCM2B3mBYoWfbaLo37jnUGD7X/dkOQsgfoAilgRS7XwZoA7; Expires=Thu, 29 Sep 2022 20:19:31 GMT; Path=/
AWSALBCORS=0aWgZNVhzH6TUODbCHqQ0t4avzIUK6xfxez+QNQbnpWOFB6pkOPPEmGFjsQ/wd/LX/rrRgCcXM0EFJCM2B3mBYoWfbaLo37jnUGD7X/dkOQsgfoAilgRS7XwZoA7; Expires=Thu, 29 Sep 2022 20:19:31 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
etag: W/"5483-1663171380000"
last-modified: Wed, 14 Sep 2022 16:03:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/siwidget.1.3.js
44.242.110.5200 OK 0 B URL HTTP/2 www.socialintents.com/api/chat/siwidget.1.3.js
IP 44.242.110.5:0
GET /api/chat/siwidget.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=Yrj58BrpoV5hfiV2xohbWVz8JAl4wkfa9e7uf1C/eDpc1kplbDG2vkut49YkbDG59naUEYO0A3Elicis3qKM5TuXpx75Ye/N3BkbHWqeaWOI3fqyb7Qnd9ZmpeJQ; JSESSIONID=8DEAF62039944B78FB5215C7EA4BE589
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:19:33 GMT
content-type: application/javascript
set-cookie: AWSALB=ZhvtuI26pwtOWzEHBIBGNJ8aUg2Cww8EKIIBP/tr34AihoxaQgY/kRA1f1e7M7yY3aCt+YbWA1fA8fOg8pARCKNnuWJT+HCJ4zfXEE5OtmSSgxA9nrQrVKvn1UZ6; Expires=Thu, 29 Sep 2022 20:19:33 GMT; Path=/
AWSALBCORS=ZhvtuI26pwtOWzEHBIBGNJ8aUg2Cww8EKIIBP/tr34AihoxaQgY/kRA1f1e7M7yY3aCt+YbWA1fA8fOg8pARCKNnuWJT+HCJ4zfXEE5OtmSSgxA9nrQrVKvn1UZ6; Expires=Thu, 29 Sep 2022 20:19:33 GMT; Path=/; SameSite=None; Secure
server: nginx/1.20.0
access-control-allow-origin: *
etag: W/"63635-1663171380000"
last-modified: Wed, 14 Sep 2022 16:03:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100
IP 142.250.74.10:0
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 20:19:30 GMT
date: Thu, 22 Sep 2022 20:19:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
13.107.213.53200 OK 0 B URL HTTP/2 mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /meversion?partner=MSNPeregrine&market=en-us HTTP/1.1
Host: mem.gfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, no-transform, max-age=43200
content-type: application/javascript
content-encoding: br
expires: Fri, 23 Sep 2022 03:03:20 GMT
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 0UsMsYwAAAADWz8uDkRHRQpQ+BmQh593ATE9OMjFFREdFMTcwOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Thu, 22 Sep 2022 20:19:30 GMT
X-Firefox-Spdy: h2