Report - www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09

Report Overview

Submitted URL
www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
IP
13.107.213.53
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-11-25 04:45:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.mesharepoint.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.6 kB	100 kB	13.107.213.53
aadcdn.msauth.net	1421	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	5.3 kB	13.107.213.53
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.102.159
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	45 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
oneocsp.microsoft.com	1473	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	2.2 kB	204.79.197.203
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09	Office365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	www.mesharepoint.com/Content/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL www.mesharepoint.com/Content/jquery-3.5.1.min.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-19 15:45:34 Times Seen14143 Hash b61aa6e2d68d21b3546b5b418bf0e9c3 9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7 f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Loading...

	www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09	133 B	2023-03-07	2023-04-05
Pretty URL www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09 IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2023-04-05 22:13:29 Times Seen133 Hash 9425ba1983746fad60064458b1024818 d148d4c5281448aef3ad1fdfd9e39181eacab1fa 2f49f455e7aa9b8aca1578edce4d095eec897d2eb24c5d1668dab021b7e170c9 Loading...

HTTP Transactions (32)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11223
Expires: Fri, 25 Nov 2022 07:52:35 GMT
Date: Fri, 25 Nov 2022 04:45:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:45:32 GMT
Last-Modified: Fri, 25 Nov 2022 04:24:20 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
a9dc31241f56e7c347687c6884b5bf9e
6b2fbcfab5e9b6fdbe7b83548e3fc3792d3397ca
268a0f6698d1d26e419b2946ec40c0b90f752279b79720c8bc45099748c87595

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Mon, 28 Nov 2022 15:50:04 GMT
Last-Modified: Thu, 24 Nov 2022 14:13:34 GMT
ETag: "268a0f6698d1d26e419b2946ec40c0b90f752279b79720c8bc45099748c87595"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 0FE3B3157147414DB26D3DA47A5C35A9 Ref B: OSL30EDGE0416 Ref C: 2022-11-25T04:45:32Z
Date: Fri, 25 Nov 2022 04:45:31 GMT

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 04:19:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1589
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13081
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 04:45:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IYc9Z0kMJZ8xJ8A9l5u0p22RJ/tOyUgYnYgkkYUsbtrWAwqM4dG2+NezjkVkNpSoclySMJ9M5h0=
x-amz-request-id: DCMARP1P4NXQVWWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 04:43:42 GMT
age: 110
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:45:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 2061
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5651
Cache-Control: max-age=107727
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:45:33 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:41:00 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.187.102.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.102.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rqIqlLyi3EULT7PbSpXmeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HRoSkvSU2LMlTWQFy4hYKrSeIn4=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:45:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:45:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:45:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:45:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:45:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5211 bytes)
Hash
7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _FkuS0I2--xiqT4sOKa8ACg8BtI97R-bGe2UZ3o91wfqn_WgktspiQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:36:27 GMT
age: 25747
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 77487
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8006 bytes)
Hash
8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 25826
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8275 bytes)
Hash
4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uj2zluKZJzwlcymflJicV2rFLgOEYzWuhZsThZPRbCwiNoYxCgbEwg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
age: 25833
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4270 bytes)
Hash
648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NLXTbS53l_c-lByM8Ym4_tfOlgP2lB-F1dYxOSfdeEfBSM41X0Cpug==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
age: 25833
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rIKW7gaK37mlbk_TUo63AH9-XDOoF3Z-5mGaeOkzmESFLJ3GHz60lA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:10 GMT
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
age: 25824
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.mesharepoint.com/Content/Sign_In_files/style.css

13.107.213.53

200 OK

7.9 kB

URL HTTP/2
www.mesharepoint.com/Content/Sign_In_files/style.css
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
7.9 kB (7868 bytes)
Hash
bad3e4d73ab8638ef18d6b46780111a9
4c253cf88be490dd7e435bc3abfbbd18d2011227
f116760bd4b44c1a29b36dd4d59729bad9091a9b0e89c2b470bff0086982a822

HTTP Headers

GET /Content/Sign_In_files/style.css HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 7868
content-type: text/css
last-modified: Wed, 23 Nov 2022 08:35:54 GMT
accept-ranges: bytes
etag: "1d8ff1699ac4fbc"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0b0iAYwAAAACKT7LbDS/zQ5uAO5a4tMrsQU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:35 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

13.107.213.53

200 OK

673 B

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Size
673 B (673 bytes)
Hash
0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
x-cache: TCP_HIT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 99b70dd8-101e-0062-0295-fc2355000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0b0iAYwAAAABCWabJYN8qTpzg5SNyzVSdQU1TMDRFREdFMTgxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Fri, 25 Nov 2022 04:45:35 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

13.107.213.53

200 OK

1.4 kB

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
1.4 kB (1435 bytes)
Hash
9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1435
content-type: image/svg+xml
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373CB2849
x-cache: TCP_HIT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8259bc9c-401e-006f-235e-00fc4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0b0iAYwAAAACxA3Bplq8SR7B7ftF3871cQU1TMDRFREdFMTgxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Fri, 25 Nov 2022 04:45:35 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

13.107.213.53

200 OK

621 B

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators
Size
621 B (621 bytes)
Hash
4761405717e938d7e7400bb15715db1e
76fed7c229d353a27db3257f5927c1eaf0ab8de9
f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf

HTTP Headers

GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 621
content-type: image/svg+xml
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
x-cache: TCP_HIT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7b2786d4-601e-0091-692b-fffb06000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0b0iAYwAAAADY9wqTR2kxQq+tm1qU8GCPQU1TMDRFREdFMTgxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Fri, 25 Nov 2022 04:45:35 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/Content/jquery-3.5.1.min.js

13.107.213.53

200 OK

90 kB

URL HTTP/2
www.mesharepoint.com/Content/jquery-3.5.1.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
90 kB (89478 bytes)
Hash
b61aa6e2d68d21b3546b5b418bf0e9c3
9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

HTTP Headers

GET /Content/jquery-3.5.1.min.js HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 89478
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 09:32:08 GMT
accept-ranges: bytes
etag: "1d8ffe79f24c186"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0b0iAYwAAAACgcCmIZxhxQZfFbOJfxOt/QU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:36 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09

13.107.213.53

200 OK

0 B

URL HTTP/2
www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Office365
fortinet	Phishing

HTTP Headers

GET /aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09 HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0bEiAYwAAAACsCn5WKZQHTqyC8/ZslAzRQU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:34 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/Scripts/jquery-1.10.2.min.js

13.107.213.53

500 Internal Server Error

0 B

URL HTTP/2
www.mesharepoint.com/Scripts/jquery-1.10.2.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Scripts/jquery-1.10.2.min.js HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0b0iAYwAAAAAzH7U4PJRnSImkAaWjeWv5QU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:35 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/Content/bootstrap.min.js

13.107.213.53

500 Internal Server Error

0 B

URL HTTP/2
www.mesharepoint.com/Content/bootstrap.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Content/bootstrap.min.js HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0b0iAYwAAAABRjVQG8wovT6ZzZXGOU0vmQU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:35 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/Scripts/jquery-1.10.2.min.js

13.107.213.53

500 Internal Server Error

0 B

URL HTTP/2
www.mesharepoint.com/Scripts/jquery-1.10.2.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Scripts/jquery-1.10.2.min.js HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0cUiAYwAAAADJ+cwMOVqJSIjsrnsMi0XhQU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:36 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/Content/bootstrap.min.js

13.107.213.53

500 Internal Server Error

0 B

URL HTTP/2
www.mesharepoint.com/Content/bootstrap.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Content/bootstrap.min.js HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0cUiAYwAAAAB3XqqCD/ZLS4Rm6FUCF7HmQU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:36 GMT
X-Firefox-Spdy: h2

www.mesharepoint.com/favicon.ico

13.107.213.53

500 Internal Server Error

0 B

URL HTTP/2
www.mesharepoint.com/favicon.ico
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.mesharepoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mesharepoint.com/aus/6f40af2a-bd43-4f5f-b217-f5448356ea1e/68d853dd-2625-4e50-9ca1-ceb4c963520c/863cc991-0254-4fa5-aa96-dd37702859ba/login?id=VmZqVlJNS1dsL04zRmxENjVScTdjcmV1UE1naE9KeHUyZXhNRTUvbytZR0VYOENLMkRpQThsYjJya1VkNVR5dE1ub1B5VU9MZm1MUVBGTEdoTzZBdTNGWFFRSzVpbHFKTnJHSGd4TkFnNUN6dEJwbzhFWG5vdE82eVNwcnpPQy9KUE9XWXk0NzlWYzg0M2xrRk1VQTVHV3V4Znhhckg0Z1B2MC9GT29VcXlyZ2RaNFhwOWZvRVY1SndQWHJhcXlKRnI1ODNOVDhOZTVqWkdqZzZyOGNFeTJ1aWo3a2dSZ1JlRUY1amNxR21ENTVmcUlIT01xNEhtSGZIZldpZWh6NUFGLytBZi9XR1VZVko1dThaanBSVWtIM2dyZkJ5bkQzWnduSUdFMjBmKzAwSHBIUityN0tmTDE5azlxQWd5SGFSTkRCdkVGNlg3Z3dDUmk1c3k2OXNtbXQwbUZjVWYzdVJsaXpEV0RYVzc3MWNXUFV5NWhDZlpWcDZwOWNUTkNDaW8wWVp0ZklGbDR2WEw4OVZtdkVBQT09
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0cUiAYwAAAACXbNqkFBvjQ54luU/nxb2cQU1TMDRFREdFMTkwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Fri, 25 Nov 2022 04:45:36 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size