Report - mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D

Report Overview

Submitted URL
mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D
IP
13.107.237.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-31 17:02:26
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-31T21:56:16Z	682 B	1.4 kB	192.229.221.95
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-31T18:13:43Z	422 B	31 kB	69.16.175.10
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-31T18:17:08Z	889 B	30 kB	188.114.99.234
cdnmetacompliancelive.metacompliance.com	828284	2018-09-07T09:50:18Z	2023-03-31T18:47:52Z	454 B	21 kB	152.199.21.175
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-31T18:39:46Z	435 B	45 kB	34.120.5.221
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
mail.itinternalhelp.com	unknown	2019-04-25T09:10:02Z	2023-03-31T15:26:52Z	2.6 kB	1.9 kB	13.107.238.53
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	55 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
landing.itinternalhelp.com	unknown	2021-02-12T21:26:24Z	2023-03-31T15:27:17Z	3.8 kB	42 kB	13.107.237.53
ipapi.co	195030	2017-01-31T10:07:01Z	2023-03-31T10:16:01Z	463 B	720 B	104.26.8.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-31 17:02:17	medium	Client IP	Internal IP	ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)
2023-03-31 17:02:17	medium	Client IP	Internal IP	ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 16:26:24 Times Seen139394 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.custom.min.js	38 kB	2023-04-01	2023-12-12
Pretty URL landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.custom.min.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:03:08 Last Seen2023-12-12 16:32:20 Times Seen29 Hash 15b2fcaca9f88048a10ae1ad4bd75253 de5649516d7676f8810f0254f02059bb8224cf82 0cd760f4073df7b692f7630ce50a40d5d22c84246b02c18656efa3af13e47e8c Loading...

	landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.generic.js	4.3 kB	2023-04-01	2023-12-12
Pretty URL landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.generic.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:03:08 Last Seen2023-12-12 16:32:20 Times Seen15 Hash b051c6f8708c1179acf78ea24480183b a03a4048f0c48b21ab8b54898eaf57fa63e894f6 b76eea4459c347c0c6ea5db02eb7358083175ba4f10402e947b95a26399eb215 Loading...

	landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=	1.4 kB	2023-04-01	2023-04-01
Pretty URL landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:03:08 Last Seen2023-04-01 11:03:08 Times Seen1 Hash 8e62a2ed31bed3dd7de85b6755ff1f13 5910d694f228dacd90fe9629d2a5c07092bdfbba d29a45986331b47d8c2ba8b671f2c1f482b93b66792fbc2a3ce8d8b0b1acf014 Loading...

HTTP Transactions (34)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7af19a5145a4ee99bdf18831bad04bfd 7bdd2a4785b999ef54a2644211d2b2b7190fb8e1 3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0" Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8541 Expires: Fri, 31 Mar 2023 19:24:36 GMT Date: Fri, 31 Mar 2023 17:02:15 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 76218c893040d958ae1c4231cdd2133c 6a7b336dee91d4aec26ace0a5883ecdfac52e68f d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4" Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4275 Expires: Fri, 31 Mar 2023 18:13:30 GMT Date: Fri, 31 Mar 2023 17:02:15 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: 52YJOGfLj7+M/RsJpeo9ZElNhUq/vvw4CnBnoM5AJCE/Qx1o/QgEfxtMWrheRIp5Pkys/tsr2hs= x-amz-request-id: F237AGT4Q6JDF99V x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 31 Mar 2023 16:12:15 GMT age: 3000 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8e0c84bb4c8b23c3953fa21ed9609304 bba386505b766cebba17189ebe8219b2a644ce28 303be01b154868d266380af88c77b7db1c9b427540e19d4927b42364e9adcb23 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "303BE01B154868D266380AF88C77B7DB1C9B427540E19D4927B42364E9ADCB23" Last-Modified: Thu, 30 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18164 Expires: Fri, 31 Mar 2023 22:04:59 GMT Date: Fri, 31 Mar 2023 17:02:15 GMT Connection: keep-alive`

	getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30	34.120.5.221	200 OK	44 kB
URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 IP 34.120.5.221:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size 44 kB (44532 bytes) Hash 5ac7b1178d8a200311148ca5873c0152 9fc87cb8ebc058fc80da5ea5a79da43ab78ead4d b31fe3d430d90c4dcb63861988bc537883195817ffb5031cd8cf5b13681ed6ea HTTP Headers `GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 Host: getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx content-location: global-recs.php tcn: choice x-frame-options: SAMEORIGIN status: 200 OK x-source: Pocket pragma: cache p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE" x-cache: Hit from cloudfront x-amz-cf-pop: SEA73-P2 x-amz-cf-id: JJvt5e6mu-Eh3yRf5gNb7DkZ_jrxIpiH0i5nEceGSWiHm4l4KjLF6g== content-encoding: gzip via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 16:56:22 GMT age: 353 content-type: application/json vary: Accept-Encoding content-length: 44532 cache-control: s-maxage=900,public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cca063332ba9a89eadd62a8dd7f81a9b d473b2a7a32c964599ff3bac8f98fa578f03d1d1 02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC" Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16669 Expires: Fri, 31 Mar 2023 21:40:04 GMT Date: Fri, 31 Mar 2023 17:02:15 GMT Connection: keep-alive`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 31 Mar 2023 17:02:15 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 31 Mar 2023 16:16:12 GMT content-type: application/json age: 2763 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D	13.107.238.53	302 Found	0 B
URL HTTP/1.1 mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D HTTP/1.1 Host: mail.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Found Location: https://mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D X-Azure-Ref: 0FxInZAAAAABos4s0pChdQ5Av527KitqzQ1BIMzBFREdFMDQxMwBmMTM4YWViZC04OGIzLTRiNzktOWQ4NS1lMDI4MGM2Nzk2NmE= Date: Fri, 31 Mar 2023 17:02:14 GMT Content-Length: 0

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ae064c74a3769d42109473ad05d56fb9 d48029ab8568cee6ab7416d3b476ed792d780a56 9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F" Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3321 Expires: Fri, 31 Mar 2023 17:57:36 GMT Date: Fri, 31 Mar 2023 17:02:15 GMT Connection: keep-alive`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 046bd865aed8a325e39ba56f8bc60f11 0d18bf21df5350d1c1253e4a9ec4680d7da51692 200d0fa2fbeaa2cdfb20d2f7395664d0fa77ab9cb5f754a4086e88f76535063b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 17:02:15 GMT Etag: "6425fcd5-1d7" Server: ECAcc (amb/6B04) Content-Length: 471`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Alert, Expires, Pragma, Content-Length, ETag, Backoff, Cache-Control, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 31 Mar 2023 16:17:26 GMT age: 2690 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D	13.107.237.53	302 Found	240 B
URL HTTP/2 mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D IP 13.107.237.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document, ASCII text Size 240 B (240 bytes) Hash e546778570aafe7d397576b9a5edf3da 1d401f468d579eed2e3daa9bcfa943ba8a137202 7568b64e24c0b3e1cb4961f04cb478eca07b0c275a73a0c446d4d05f76c91df3 HTTP Headers GET /ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D HTTP/1.1 Host: mail.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found content-length: 240 content-type: text/html; charset=utf-8 location: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= x-robots-tag: noindex, nofollow x-cache: CONFIG_NOCACHE x-azure-ref: 0GBInZAAAAABXNBJGYkecQr1p8vpgKcFKQ1BIMzBFREdFMDQyMABmMTM4YWViZC04OGIzLTRiNzktOWQ4NS1lMDI4MGM2Nzk2NmE= date: Fri, 31 Mar 2023 17:02:16 GMT X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: LTOatDhvPWMWFIlKbkf5/g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: /N0LjZDdxMuGpmj/ThNDdQu6dbU= Date: Fri, 31 Mar 2023 17:02:16 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash dd336b74befa2ecd02a697392edf922f d6f3940c7b74eeda81636a1720e14273f0c5f04a a376fa26b4464fad980b25f7b11a175fd0909c6134c48c1726a0e8681352b8c2 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=142823 Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 17:02:16 GMT Etag: "64269cff-1d7" Expires: Sun, 02 Apr 2023 08:42:39 GMT Last-Modified: Fri, 31 Mar 2023 08:42:39 GMT Server: nginx Content-Length: 471`

	landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=	13.107.237.53	200 OK	5.4 kB
URL HTTP/2 landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= IP 13.107.237.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385), with CRLF, LF line terminators Size 5.4 kB (5445 bytes) Hash 59f446fd99e0e6933aaf9f9b6b347e9e a650b309d5e6254be04e32fe6b0295fc737e3309 3d1bb617dcd3499b4cc2046cd45a69a89c347257c23a3fb96e82863a1489d2cc HTTP Headers GET /View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= HTTP/1.1 Host: landing.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK cache-control: private content-length: 5445 content-type: text/html; charset=utf-8 set-cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1; path=/; secure; HttpOnly __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1; path=/; secure; HttpOnly; SameSite=None request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a access-control-expose-headers: Request-Context content-security-policy: frame-src 'self' https: x-content-type-options: nosniff x-xss-protection: 1; mode=block access-control-allow-origin: https://login.microsoftonline.com strict-transport-security: max-age=31536000 x-cache: CONFIG_NOCACHE x-azure-ref: 0GBInZAAAAAAY7LPdpLZlSoI28kZJgg9yQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM= date: Fri, 31 Mar 2023 17:02:17 GMT X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.5.1.min.js	69.16.175.10	200 OK	31 kB
URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.10:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (65451) Size 31 kB (30879 bytes) Hash 3700d0b271343804b9b9aa1c13efa521 3d6b03dbd74872ca3dfbb0529f6c80943788f918 fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e HTTP Headers `GET /jquery-3.5.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://landing.itinternalhelp.com Connection: keep-alive Referer: https://landing.itinternalhelp.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Fri, 31 Mar 2023 17:02:17 GMT content-encoding: gzip content-length: 30879 content-type: application/javascript; charset=utf-8 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-15d84" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680282137.dop002.sk1.t,1680282137.cds022.sk1.hn,1680282137.cds208.sk1.c X-Firefox-Spdy: h2`

	maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css	188.114.99.234	200 OK	21 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css IP 188.114.99.234:0 ASN #0 File type ASCII text, with very long lines (65371) Size 21 kB (20813 bytes) Hash a34448106ef5aa877e67a612e5a6ef45 8f1b478a4c8f038ff58469cd199c47ad7f545c07 9207c708bae214beb26b75daf0e1b21fa209f19de16434a34b18a63c6ecb5503 HTTP Headers `GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://landing.itinternalhelp.com Connection: keep-alive Referer: https://landing.itinternalhelp.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Fri, 31 Mar 2023 17:02:17 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"2f624089c65f12185e79925bc5a7fc42" last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 11/18/2022 06:18:39 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 755 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 6f5dfa919059b653cff60ddd6abe8a03 cdn-cache: HIT cf-cache-status: HIT age: 114957 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7b0a28c12e1cb4f7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css	188.114.99.234	200 OK	7.0 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css IP 188.114.99.234:0 ASN #0 File type ASCII text, with very long lines (28596) Size 7.0 kB (7036 bytes) Hash edaf9f66988a263a4025acd3330c5b9f 96256e19027b448b42910f1192b469820dc643f2 4830fe9aec09c51c6fc762583d78318081202d99baa3407650b924d109ca6965 HTTP Headers `GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://landing.itinternalhelp.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Fri, 31 Mar 2023 17:02:17 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: US cdn-edgestorageid: 617, 617 last-modified: Mon, 25 Jan 2021 22:04:54 GMT cdn-cachedat: 2021-06-03 22:46:19 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cache-control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff cdn-requestid: b43941af4bb8e32ed6d04a6a37617f28 cdn-cache: HIT cf-cache-status: HIT age: 6180884 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7b0a28c13eceb529-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6535 Expires: Fri, 31 Mar 2023 18:51:12 GMT Date: Fri, 31 Mar 2023 17:02:17 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6535 Expires: Fri, 31 Mar 2023 18:51:12 GMT Date: Fri, 31 Mar 2023 17:02:17 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6535 Expires: Fri, 31 Mar 2023 18:51:12 GMT Date: Fri, 31 Mar 2023 17:02:17 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10271 bytes) Hash 424b55535e5fd622b2fc96aac1246324 cf7cf08aa8969a86bf03695af2129686fd62fe86 c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10271 x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkBoXGh5oAMFfzw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:44:51 GMT age: 69446 etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg	34.120.237.76	200 OK	6.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.4 kB (6380 bytes) Hash 8a2b8f737604b7983cf686c82599dc73 aa63be93c4cd641f09ce0d5144ef60aab21caed1 78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6380 x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnUn6E19IAMF9SQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ== via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:47:23 GMT age: 69294 etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg	34.120.237.76	200 OK	5.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.8 kB (5806 bytes) Hash 8600e41520408df4865627256a0a0736 dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef 9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5806 x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnUllFFooAMFQ2g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Jktkwc3JLU31AY5B5pC5JTjPGARjflqoJRZiD6IpF5-10IO6UNlH_Q== via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:46:33 GMT age: 69344 etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11061 bytes) Hash 39bdd16276747b1445a79e674a2a3347 d0676f63738484298a78b7abf7e4934c3d256065 67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11061 x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnVFnFf0IAMFTvQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:49:08 GMT etag: "d0676f63738484298a78b7abf7e4934c3d256065" content-type: image/jpeg age: 69189 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10490 bytes) Hash 0530376e431b6563796e4abb0db0bc4e 6921f4bd83a806e1ea8247854ad4c045fa7ee298 d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10490 x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnUnTEztoAMFzMQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: AdbJgoCBGJGvjP53lBj3_GWyuRF8O_fgNTPPEjUmFmyRxMQl2pgTzw== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:54:29 GMT age: 68868 etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg	34.120.237.76	200 OK	4.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.4 kB (4370 bytes) Hash 41f0baa1423dbd529f6c47bd51fe708f f09b44f30b63f5e29dd247f592147ffc6b308e72 313b769259453565919ab14410faea927a23ad75636abc57851dfe67d43ea156 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4370 x-amzn-requestid: 5791c184-d5eb-4666-bc94-f838cd0183af x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnUllHrcIAMFSWA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260156-15fb3d2f67359d6837df5d0d;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: opMjAWEDBvz7pKcnuQrmD_7njQ0X28fR3Ngnoe7WI96zNNNt9oQL5A== via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 09:17:34 GMT age: 27883 etag: "f09b44f30b63f5e29dd247f592147ffc6b308e72" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	cdnmetacompliancelive.metacompliance.com/phishtemplate/formimage_638108609152058471.png	152.199.21.175	200 OK	21 kB
URL HTTP/2 cdnmetacompliancelive.metacompliance.com/phishtemplate/formimage_638108609152058471.png IP 152.199.21.175:0 ASN #15133 EDGECAST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data Size 21 kB (20968 bytes) Hash dcba34024dc4d853430b247d6eac5077 41ec9d45a1139efcd77b7a517664fb14ba91c57b 19fe10f24032c7a59febe5f3eede519f131aee7be8d1cd85e5c831c4be9263a4 HTTP Headers `GET /phishtemplate/formimage_638108609152058471.png HTTP/1.1 Host: cdnmetacompliancelive.metacompliance.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://landing.itinternalhelp.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-md5: 3Lo0Ak3E2FNDCyR9bqxQdw== content-type: image/png date: Fri, 31 Mar 2023 17:02:17 GMT etag: 0x8DB046630A2D8D6 last-modified: Wed, 01 Feb 2023 15:08:35 GMT server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 vary: Origin x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 98e80079-e01e-004f-39f2-63f91e000000 x-ms-version: 2009-09-19 content-length: 20968 X-Firefox-Spdy: h2`

	landing.itinternalhelp.com/favicon.ico	13.107.237.53	200 OK	32 kB
URL HTTP/2 landing.itinternalhelp.com/favicon.ico IP 13.107.237.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size 32 kB (32038 bytes) Hash 4859e39ae6c0f1f428f2126a6bb32bd9 1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0 a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d HTTP Headers GET /favicon.ico HTTP/1.1 Host: landing.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK content-length: 32038 content-type: image/x-icon last-modified: Thu, 30 Mar 2023 10:52:54 GMT accept-ranges: bytes etag: "fd816c8f562d91:0" x-cache: TCP_REMOTE_HIT request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a access-control-expose-headers: Request-Context content-security-policy: frame-src 'self' https: x-content-type-options: nosniff x-xss-protection: 1; mode=block access-control-allow-origin: https://login.microsoftonline.com strict-transport-security: max-age=31536000 x-azure-ref-originshield: 0GhInZAAAAACgmfPePvdURY0mqBtqY/KlRlJBMjMxMDUwNDE3MDIzAGI5NGI3ODAxLTRhM2UtNGNmYi1hZmQ5LTY2NjNjMTk3MWQwMw== x-azure-ref: 0GhInZAAAAABvWHs13ehOSo8IZCa3h44CQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM= date: Fri, 31 Mar 2023 17:02:18 GMT X-Firefox-Spdy: h2

	landing.itinternalhelp.com/Main/UpdateIP	13.107.237.53	200 OK	0 B
URL HTTP/2 landing.itinternalhelp.com/Main/UpdateIP IP 13.107.237.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /Main/UpdateIP HTTP/1.1 Host: landing.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Content-Type: multipart/form-data; boundary=---------------------------2273675891638608376642793164 Content-Length: 1153 Origin: https://landing.itinternalhelp.com Connection: keep-alive Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK cache-control: private set-cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1; path=/; secure; SameSite=None request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a access-control-expose-headers: Request-Context content-security-policy: frame-src 'self' https: x-content-type-options: nosniff x-xss-protection: 1; mode=block access-control-allow-origin: https://login.microsoftonline.com strict-transport-security: max-age=31536000 x-cache: CONFIG_NOCACHE x-azure-ref: 0GhInZAAAAABFZ5bXMegqSqBUFYtcNdwjQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM= date: Fri, 31 Mar 2023 17:02:18 GMT content-length: 0 X-Firefox-Spdy: h2

	landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.generic.js	13.107.237.53	200 OK	0 B
URL HTTP/2 landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.generic.js IP 13.107.237.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /Scripts/pnotify/custom/pnotify.generic.js HTTP/1.1 Host: landing.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK cache-control: no-cache content-type: application/javascript content-encoding: br last-modified: Thu, 30 Mar 2023 10:52:53 GMT accept-ranges: bytes etag: "71e357c7f562d91:0" x-cache: TCP_MISS request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a access-control-expose-headers: Request-Context content-security-policy: frame-src 'self' https: x-content-type-options: nosniff x-xss-protection: 1; mode=block access-control-allow-origin: https://login.microsoftonline.com strict-transport-security: max-age=31536000 x-azure-ref-originshield: 0GRInZAAAAACi48uNnrMUSZf0mYgiyOKORlJBMjMxMDUwNDE3MDIzAGI5NGI3ODAxLTRhM2UtNGNmYi1hZmQ5LTY2NjNjMTk3MWQwMw== x-azure-ref: 0GRInZAAAAAD3HuPpowJgRo2nnGKnpoL7Q1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM= date: Fri, 31 Mar 2023 17:02:17 GMT X-Firefox-Spdy: h2

	landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.custom.min.js	13.107.237.53	200 OK	0 B
URL HTTP/2 landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.custom.min.js IP 13.107.237.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /Scripts/pnotify/custom/pnotify.custom.min.js HTTP/1.1 Host: landing.itinternalhelp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK cache-control: no-cache content-type: application/javascript content-encoding: br last-modified: Thu, 30 Mar 2023 10:52:53 GMT accept-ranges: bytes etag: "71e357c7f562d91:0" x-cache: TCP_MISS request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a access-control-expose-headers: Request-Context content-security-policy: frame-src 'self' https: x-content-type-options: nosniff x-xss-protection: 1; mode=block access-control-allow-origin: https://login.microsoftonline.com strict-transport-security: max-age=31536000 x-azure-ref-originshield: 0GRInZAAAAAC5DKfisGl8R4FRrhcTRh4ERlJBMjMxMDUwNDE3MDI1AGI5NGI3ODAxLTRhM2UtNGNmYi1hZmQ5LTY2NjNjMTk3MWQwMw== x-azure-ref: 0GRInZAAAAABrvdWYoQHESo1yh5J8qPCgQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM= date: Fri, 31 Mar 2023 17:02:17 GMT X-Firefox-Spdy: h2

	ipapi.co/json/	104.26.8.44	200 OK	0 B
URL HTTP/2 ipapi.co/json/ IP 104.26.8.44:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `POST /json/ HTTP/1.1 Host: ipapi.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://landing.itinternalhelp.com Connection: keep-alive Referer: https://landing.itinternalhelp.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Content-Length: 0` HTTP/2 200 OK date: Fri, 31 Mar 2023 17:02:18 GMT content-type: application/json allow: OPTIONS, POST, HEAD, GET, OPTIONS x-frame-options: DENY vary: Host, Origin access-control-allow-origin: https://landing.itinternalhelp.com x-content-type-options: nosniff referrer-policy: same-origin cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCrihp3rVuvBz0vhoMUnmymvKfJ3VDkEb0axvvN2gG2AbulApFm0a0qUyWYjkhbjSzzWAQ4NNoeaUTiNpbr3D27bSmpr4Zp5aZYPqnakI9h3tZrc3vbpcJQx"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7b0a28c47b06b4f7-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type