r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8541
Expires: Fri, 31 Mar 2023 19:24:36 GMT
Date: Fri, 31 Mar 2023 17:02:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Fri, 31 Mar 2023 18:13:30 GMT
Date: Fri, 31 Mar 2023 17:02:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 52YJOGfLj7+M/RsJpeo9ZElNhUq/vvw4CnBnoM5AJCE/Qx1o/QgEfxtMWrheRIp5Pkys/tsr2hs=
x-amz-request-id: F237AGT4Q6JDF99V
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 16:12:15 GMT
age: 3000
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e0c84bb4c8b23c3953fa21ed9609304
bba386505b766cebba17189ebe8219b2a644ce28
303be01b154868d266380af88c77b7db1c9b427540e19d4927b42364e9adcb23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "303BE01B154868D266380AF88C77B7DB1C9B427540E19D4927B42364E9ADCB23"
Last-Modified: Thu, 30 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18164
Expires: Fri, 31 Mar 2023 22:04:59 GMT
Date: Fri, 31 Mar 2023 17:02:15 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 44 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5ac7b1178d8a200311148ca5873c0152
9fc87cb8ebc058fc80da5ea5a79da43ab78ead4d
b31fe3d430d90c4dcb63861988bc537883195817ffb5031cd8cf5b13681ed6ea
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: JJvt5e6mu-Eh3yRf5gNb7DkZ_jrxIpiH0i5nEceGSWiHm4l4KjLF6g==
content-encoding: gzip
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 16:56:22 GMT
age: 353
content-type: application/json
vary: Accept-Encoding
content-length: 44532
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16669
Expires: Fri, 31 Mar 2023 21:40:04 GMT
Date: Fri, 31 Mar 2023 17:02:15 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 17:02:15 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 16:16:12 GMT
content-type: application/json
age: 2763
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D
13.107.238.53302 Found 0 B URL HTTP/1.1 mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D HTTP/1.1
Host: mail.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D
X-Azure-Ref: 0FxInZAAAAABos4s0pChdQ5Av527KitqzQ1BIMzBFREdFMDQxMwBmMTM4YWViZC04OGIzLTRiNzktOWQ4NS1lMDI4MGM2Nzk2NmE=
Date: Fri, 31 Mar 2023 17:02:14 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae064c74a3769d42109473ad05d56fb9
d48029ab8568cee6ab7416d3b476ed792d780a56
9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3321
Expires: Fri, 31 Mar 2023 17:57:36 GMT
Date: Fri, 31 Mar 2023 17:02:15 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 046bd865aed8a325e39ba56f8bc60f11
0d18bf21df5350d1c1253e4a9ec4680d7da51692
200d0fa2fbeaa2cdfb20d2f7395664d0fa77ab9cb5f754a4086e88f76535063b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 17:02:15 GMT
Etag: "6425fcd5-1d7"
Server: ECAcc (amb/6B04)
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Expires, Pragma, Content-Length, ETag, Backoff, Cache-Control, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 16:17:26 GMT
age: 2690
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D
13.107.237.53302 Found 240 B URL HTTP/2 mail.itinternalhelp.com/ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text
Hash e546778570aafe7d397576b9a5edf3da
1d401f468d579eed2e3daa9bcfa943ba8a137202
7568b64e24c0b3e1cb4961f04cb478eca07b0c275a73a0c446d4d05f76c91df3
GET /ls/click?upn=8GeKl1YQT110biCctuDr-2BRz-2Fq3Cw9B3aQJPawVCPA2DlYtGUXdCwMU4-2ByG6TlR9jQln1j4HGtGY5Ggu5QHCvHKudBvBZqp6IATAQ71tlj7-2B6W7qytw6791-2Ff09npN-2BC4mVWz3AjYLfbMnX5qofSkBXEx3mhYbJxFtamrV8y4SPoTiyaUOt9tKArFINyxpy5XXPBQHFT1AXkVd6LBcmkQUEZ6DoGTiGgHOqE7iXjR4Ciy8wewJku5Fbbz7arQ0IU73xGURITYc0Bi7PAG0qbecJmZHs6crQ41qk7VqxWOFN2WBGloechTQmZgpYGTRmuqAJ1s_yta5SkolxWdbla-2FgK-2FSE7JQeTLprDRxH5dMkI1NjmB3CtGYHWh6Aqq3Qkb0BIHyeJngUc7uGHbQaliTbsUG4qwG-2Few-2Bk0YxKtAWBdHIw5CzyX1r49-2F9Wq3rIhTfaYCz-2Fyeew-2BvSm4r-2B9ReO7YaQrdsyQ8ft1qDeW2jQacLAnvQlcWv9rfLGsvosrDlJqE-2FaUba4eiILrN9v84GV1OrK4YHvUHtxpoyahyqTKwKTIGClx8a-2Fy7sk-2Fs5-2BBB1S1tSuaIIydbtjp-2B8rlLtoUuZ82PIvG-2BteQSGRjUPCrrHv-2BiUAB88OPRtHR1Ri745Ulbzd0pEM59HnUruHnbZhdabMEWYw-2FqCbdr9WakzWkd1W0hauxIEM8yE0nuAEi174v3Ud7DKxr98bdOYIrwl7mHyQvfRF5AFjUmcFVHfZEHnKfp0o0uRTpp3c-2B323W-2B6eH8iDdjFkFDzlpkfQt8DnWp1-2FJj4EY65By9woCbmhP-2Bn2jCso-3D HTTP/1.1
Host: mail.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-length: 240
content-type: text/html; charset=utf-8
location: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
x-robots-tag: noindex, nofollow
x-cache: CONFIG_NOCACHE
x-azure-ref: 0GBInZAAAAABXNBJGYkecQr1p8vpgKcFKQ1BIMzBFREdFMDQyMABmMTM4YWViZC04OGIzLTRiNzktOWQ4NS1lMDI4MGM2Nzk2NmE=
date: Fri, 31 Mar 2023 17:02:16 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LTOatDhvPWMWFIlKbkf5/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /N0LjZDdxMuGpmj/ThNDdQu6dbU=
Date: Fri, 31 Mar 2023 17:02:16 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash dd336b74befa2ecd02a697392edf922f
d6f3940c7b74eeda81636a1720e14273f0c5f04a
a376fa26b4464fad980b25f7b11a175fd0909c6134c48c1726a0e8681352b8c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142823
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 17:02:16 GMT
Etag: "64269cff-1d7"
Expires: Sun, 02 Apr 2023 08:42:39 GMT
Last-Modified: Fri, 31 Mar 2023 08:42:39 GMT
Server: nginx
Content-Length: 471
landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
13.107.237.53200 OK 5.4 kB URL HTTP/2 landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385), with CRLF, LF line terminators
Hash 59f446fd99e0e6933aaf9f9b6b347e9e
a650b309d5e6254be04e32fe6b0295fc737e3309
3d1bb617dcd3499b4cc2046cd45a69a89c347257c23a3fb96e82863a1489d2cc
GET /View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM= HTTP/1.1
Host: landing.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private
content-length: 5445
content-type: text/html; charset=utf-8
set-cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1; path=/; secure; HttpOnly
__RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1; path=/; secure; HttpOnly; SameSite=None
request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a
access-control-expose-headers: Request-Context
content-security-policy: frame-src 'self' https:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://login.microsoftonline.com
strict-transport-security: max-age=31536000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0GBInZAAAAAAY7LPdpLZlSoI28kZJgg9yQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM=
date: Fri, 31 Mar 2023 17:02:17 GMT
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://landing.itinternalhelp.com
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 17:02:17 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680282137.dop002.sk1.t,1680282137.cds022.sk1.hn,1680282137.cds208.sk1.c
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
188.114.99.234200 OK 21 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (65371)
Hash a34448106ef5aa877e67a612e5a6ef45
8f1b478a4c8f038ff58469cd199c47ad7f545c07
9207c708bae214beb26b75daf0e1b21fa209f19de16434a34b18a63c6ecb5503
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://landing.itinternalhelp.com
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 17:02:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 11/18/2022 06:18:39
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6f5dfa919059b653cff60ddd6abe8a03
cdn-cache: HIT
cf-cache-status: HIT
age: 114957
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b0a28c12e1cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
188.114.99.234200 OK 7.0 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (28596)
Hash edaf9f66988a263a4025acd3330c5b9f
96256e19027b448b42910f1192b469820dc643f2
4830fe9aec09c51c6fc762583d78318081202d99baa3407650b924d109ca6965
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 17:02:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-03 22:46:19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b43941af4bb8e32ed6d04a6a37617f28
cdn-cache: HIT
cf-cache-status: HIT
age: 6180884
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b0a28c13eceb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Fri, 31 Mar 2023 18:51:12 GMT
Date: Fri, 31 Mar 2023 17:02:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Fri, 31 Mar 2023 18:51:12 GMT
Date: Fri, 31 Mar 2023 17:02:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Fri, 31 Mar 2023 18:51:12 GMT
Date: Fri, 31 Mar 2023 17:02:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:44:51 GMT
age: 69446
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 69294
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jktkwc3JLU31AY5B5pC5JTjPGARjflqoJRZiD6IpF5-10IO6UNlH_Q==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:33 GMT
age: 69344
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:49:08 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 69189
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: AdbJgoCBGJGvjP53lBj3_GWyuRF8O_fgNTPPEjUmFmyRxMQl2pgTzw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:54:29 GMT
age: 68868
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41f0baa1423dbd529f6c47bd51fe708f
f09b44f30b63f5e29dd247f592147ffc6b308e72
313b769259453565919ab14410faea927a23ad75636abc57851dfe67d43ea156
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4370
x-amzn-requestid: 5791c184-d5eb-4666-bc94-f838cd0183af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllHrcIAMFSWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-15fb3d2f67359d6837df5d0d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: opMjAWEDBvz7pKcnuQrmD_7njQ0X28fR3Ngnoe7WI96zNNNt9oQL5A==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 09:17:34 GMT
age: 27883
etag: "f09b44f30b63f5e29dd247f592147ffc6b308e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnmetacompliancelive.metacompliance.com/phishtemplate/formimage_638108609152058471.png
152.199.21.175200 OK 21 kB URL HTTP/2 cdnmetacompliancelive.metacompliance.com/phishtemplate/formimage_638108609152058471.png
IP 152.199.21.175:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash dcba34024dc4d853430b247d6eac5077
41ec9d45a1139efcd77b7a517664fb14ba91c57b
19fe10f24032c7a59febe5f3eede519f131aee7be8d1cd85e5c831c4be9263a4
GET /phishtemplate/formimage_638108609152058471.png HTTP/1.1
Host: cdnmetacompliancelive.metacompliance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-md5: 3Lo0Ak3E2FNDCyR9bqxQdw==
content-type: image/png
date: Fri, 31 Mar 2023 17:02:17 GMT
etag: 0x8DB046630A2D8D6
last-modified: Wed, 01 Feb 2023 15:08:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Origin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 98e80079-e01e-004f-39f2-63f91e000000
x-ms-version: 2009-09-19
content-length: 20968
X-Firefox-Spdy: h2
landing.itinternalhelp.com/favicon.ico
13.107.237.53200 OK 32 kB URL HTTP/2 landing.itinternalhelp.com/favicon.ico
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 4859e39ae6c0f1f428f2126a6bb32bd9
1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
GET /favicon.ico HTTP/1.1
Host: landing.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 32038
content-type: image/x-icon
last-modified: Thu, 30 Mar 2023 10:52:54 GMT
accept-ranges: bytes
etag: "fd816c8f562d91:0"
x-cache: TCP_REMOTE_HIT
request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a
access-control-expose-headers: Request-Context
content-security-policy: frame-src 'self' https:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://login.microsoftonline.com
strict-transport-security: max-age=31536000
x-azure-ref-originshield: 0GhInZAAAAACgmfPePvdURY0mqBtqY/KlRlJBMjMxMDUwNDE3MDIzAGI5NGI3ODAxLTRhM2UtNGNmYi1hZmQ5LTY2NjNjMTk3MWQwMw==
x-azure-ref: 0GhInZAAAAABvWHs13ehOSo8IZCa3h44CQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM=
date: Fri, 31 Mar 2023 17:02:18 GMT
X-Firefox-Spdy: h2
landing.itinternalhelp.com/Main/UpdateIP
13.107.237.53200 OK 0 B URL HTTP/2 landing.itinternalhelp.com/Main/UpdateIP
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Main/UpdateIP HTTP/1.1
Host: landing.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: multipart/form-data; boundary=---------------------------2273675891638608376642793164
Content-Length: 1153
Origin: https://landing.itinternalhelp.com
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
set-cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1; path=/; secure; SameSite=None
request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a
access-control-expose-headers: Request-Context
content-security-policy: frame-src 'self' https:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://login.microsoftonline.com
strict-transport-security: max-age=31536000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0GhInZAAAAABFZ5bXMegqSqBUFYtcNdwjQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM=
date: Fri, 31 Mar 2023 17:02:18 GMT
content-length: 0
X-Firefox-Spdy: h2
landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.generic.js
13.107.237.53200 OK 0 B URL HTTP/2 landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.generic.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /Scripts/pnotify/custom/pnotify.generic.js HTTP/1.1
Host: landing.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 10:52:53 GMT
accept-ranges: bytes
etag: "71e357c7f562d91:0"
x-cache: TCP_MISS
request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a
access-control-expose-headers: Request-Context
content-security-policy: frame-src 'self' https:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://login.microsoftonline.com
strict-transport-security: max-age=31536000
x-azure-ref-originshield: 0GRInZAAAAACi48uNnrMUSZf0mYgiyOKORlJBMjMxMDUwNDE3MDIzAGI5NGI3ODAxLTRhM2UtNGNmYi1hZmQ5LTY2NjNjMTk3MWQwMw==
x-azure-ref: 0GRInZAAAAAD3HuPpowJgRo2nnGKnpoL7Q1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM=
date: Fri, 31 Mar 2023 17:02:17 GMT
X-Firefox-Spdy: h2
landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.custom.min.js
13.107.237.53200 OK 0 B URL HTTP/2 landing.itinternalhelp.com/Scripts/pnotify/custom/pnotify.custom.min.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /Scripts/pnotify/custom/pnotify.custom.min.js HTTP/1.1
Host: landing.itinternalhelp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/View/Link?gdYqsHOb8d0pRl2ETY7R/vWDxuUN9aMJ+JMS/LqYNKdOsmqdNQ1CctVbzBDbry1+6Po3ervH/Ki1j8B5oZSChefxD0I9gYf2YjsmWI5nSis95MPhPhSLKS0PwUxc3pCNsNI2Yxp+6VoLh49EwXvPHtxrBxwFoyDFlwYm+MvFtPM=
Cookie: __RequestVerificationToken=3QO9rSCw5FQGDtNHKBe9LFl83ikvNtGzntDPs57lyChNycLWgXrkcPWfQjkDAjoeI2PsxyV5CUJrYnQAcHwjl1p9iJVwURTTOZw7zcc7PPE1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 10:52:53 GMT
accept-ranges: bytes
etag: "71e357c7f562d91:0"
x-cache: TCP_MISS
request-context: appId=cid-v1:ee16d190-8753-4bb8-b8ff-e335cd41010a
access-control-expose-headers: Request-Context
content-security-policy: frame-src 'self' https:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://login.microsoftonline.com
strict-transport-security: max-age=31536000
x-azure-ref-originshield: 0GRInZAAAAAC5DKfisGl8R4FRrhcTRh4ERlJBMjMxMDUwNDE3MDI1AGI5NGI3ODAxLTRhM2UtNGNmYi1hZmQ5LTY2NjNjMTk3MWQwMw==
x-azure-ref: 0GRInZAAAAABrvdWYoQHESo1yh5J8qPCgQ1BIMzBFREdFMDQxOQBiOTRiNzgwMS00YTNlLTRjZmItYWZkOS02NjYzYzE5NzFkMDM=
date: Fri, 31 Mar 2023 17:02:17 GMT
X-Firefox-Spdy: h2
ipapi.co/json/
104.26.8.44200 OK 0 B IP 104.26.8.44:0
POST /json/ HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://landing.itinternalhelp.com
Connection: keep-alive
Referer: https://landing.itinternalhelp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Fri, 31 Mar 2023 17:02:18 GMT
content-type: application/json
allow: OPTIONS, POST, HEAD, GET, OPTIONS
x-frame-options: DENY
vary: Host, Origin
access-control-allow-origin: https://landing.itinternalhelp.com
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCrihp3rVuvBz0vhoMUnmymvKfJ3VDkEb0axvvN2gG2AbulApFm0a0qUyWYjkhbjSzzWAQ4NNoeaUTiNpbr3D27bSmpr4Zp5aZYPqnakI9h3tZrc3vbpcJQx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0a28c47b06b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2