r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Mon, 30 Jan 2023 07:23:56 GMT
Date: Mon, 30 Jan 2023 06:38:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3302
Expires: Mon, 30 Jan 2023 07:33:44 GMT
Date: Mon, 30 Jan 2023 06:38:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 05:43:11 GMT
content-type: application/json
age: 3331
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5757
Expires: Mon, 30 Jan 2023 08:14:39 GMT
Date: Mon, 30 Jan 2023 06:38:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HNpsvxkQ8ksB7KhNDoHc73+vv3HK/bxyfIJPrwlnZF0ripK7AvTeGHKub35qCApYJUNKpTb+txgHp3JOYjkViQ==
x-amz-request-id: H1KC3S9W61P4SCQG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 06:21:41 GMT
age: 1021
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ci.criticalimpact.com/go.cfm?a=1&eid=b3fa8668906087f736ff93d4ab7bd0b7&c=36783&jid=9fa3c8d0bd455016&d=4c4a8cf30bb438bac3d6b838967d376c&u=Elston.topshows.ec/Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ==
199.167.225.63302 302 0 B URL HTTP/1.1 ci.criticalimpact.com/go.cfm?a=1&eid=b3fa8668906087f736ff93d4ab7bd0b7&c=36783&jid=9fa3c8d0bd455016&d=4c4a8cf30bb438bac3d6b838967d376c&u=Elston.topshows.ec/Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ==
IP 199.167.225.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go.cfm?a=1&eid=b3fa8668906087f736ff93d4ab7bd0b7&c=36783&jid=9fa3c8d0bd455016&d=4c4a8cf30bb438bac3d6b838967d376c&u=Elston.topshows.ec/Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ== HTTP/1.1
Host: ci.criticalimpact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 302
Date: Mon, 30 Jan 2023 06:38:42 GMT
Server: Apache/2.4.55 (codeit)
Set-Cookie: JSESSIONIDTC2=A96083BC7E138AF012B56E3080D3A190; Path=/; HttpOnly
cfid=053d8542-8124-4a14-ad3f-62b5537d57df;Path=/;Expires=Sun, 19-Feb-2023 08:16:46 UTC;HTTPOnly
cftoken=0;Path=/;Expires=Sun, 19-Feb-2023 08:16:46 UTC;HTTPOnly
CF_CLIENT_TCICRITICALIMPACTCOM_LV=1675060722127;Path=/;Expires=Sun, 30-Apr-2023 06:38:42 UTC;HTTPOnly
CF_CLIENT_TCICRITICALIMPACTCOM_TC=1675060722127;Path=/;Expires=Sun, 30-Apr-2023 06:38:42 UTC;HTTPOnly
CF_CLIENT_TCICRITICALIMPACTCOM_HC=2;Path=/;Expires=Sun, 30-Apr-2023 06:38:42 UTC;HTTPOnly
location: http://Elston.topshows.ec/Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ==
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: close
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:38:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 05:41:41 GMT
age: 3421
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
elston.topshows.ec/Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ==
192.185.114.45200 OK 0 B URL HTTP/1.1 elston.topshows.ec/Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ==
IP 192.185.114.45:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /Elene/ZWxlbmUud29ydGhpbmd0b25AZWxzdG9uLmNvbS5hdQ== HTTP/1.1
Host: elston.topshows.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:38:42 GMT
Server: Apache
refresh: 0;url=https://microsoftonline.0-9i.com/?username=elene.worthington@elston.com.au
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16923
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 06:38:42 GMT
Connection: keep-alive
push.services.mozilla.com/
35.83.22.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.22.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p4OMDNgq4VymCljr8b8Fcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 55GTP6+1rftlLg/8CbemO+g/qt0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1dfa7b4d3ef692ab730cf8936ad030ee
eb0da9605ba4d51d0b987dcf3a615ec91cba52f8
37ca3eaa20c31e9cd2407f030bbcd8e2714a2a271dada505f3bb0f25fc0138e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37CA3EAA20C31E9CD2407F030BBCD8E2714A2A271DADA505F3BB0F25FC0138E5"
Last-Modified: Mon, 30 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 30 Jan 2023 12:37:48 GMT
Date: Mon, 30 Jan 2023 06:38:43 GMT
Connection: keep-alive
portal.office.com/servicestatus
13.107.6.156200 OK 9.1 kB URL HTTP/2 portal.office.com/servicestatus
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1252)
Hash 2d248d383758ef9bbd3c7c0b8699f3c1
f83786c6ff7f9dd30e750e55a0ad13e178f0a540
51061f576bd8b0952124dea41ef7d9949c14bc5962ab316989349a64c8736c63
GET /servicestatus HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 9105
content-type: text/html; charset=utf-8
expires: -1
set-cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; path=/; secure; HttpOnly
s.cachemap=20; path=/; secure; HttpOnly
s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; path=/; secure; HttpOnly
s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; path=/; secure; HttpOnly
s.cachemap=20; path=/; secure; HttpOnly
s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; path=/; secure; HttpOnly
x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A138DFC6E4414A2782BDCE1AFEBB5F10 Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:43Z
date: Mon, 30 Jan 2023 06:38:43 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12944
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:38:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12944
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:38:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12944
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:38:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WdAuArY0X2z4d6i17ZJ0521rzGRJS8FtaN-Kqvzg0fqW3F-HptEvNA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:10:01 GMT
age: 30523
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8901f99d8e3001e442c887f89e2e650
a61875fcee6c09087462f0443286482d903725bc
d3a69a5bce1852c464755452d7f5a88f0d20fbed14b9f16ac6f539d4d1bfdb21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5960
x-amzn-requestid: 313f5526-984b-4224-b321-732fe5ae5a7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkl0HimoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-430032d00080eff464e4d574;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TiZDGG_JsgbKWvLfQn_uioEKmxzYKKV8cT9wJ2PntoNPb4r1a2YKtg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:04:24 GMT
age: 30860
etag: "a61875fcee6c09087462f0443286482d903725bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 30419
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 435598df0723ba8070784ee6a8d6de8b
0dab67801b42d738a5074ec3f0489f04c5e6552c
05339073fff5fe4213a38505242c577f579aba68d5c249e8bac10b03d379a2dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10616
x-amzn-requestid: 809aadb4-f948-41a5-82bc-84a520a5689a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEZIIAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-2c659eae4d513b433aa749e3;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4v4fldiJ0EsLGeNNodBg_GPY8hiq1Yyr5kzBIYyZXuf8bcTZ4CmsHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 31642
etag: "0dab67801b42d738a5074ec3f0489f04c5e6552c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 31642
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 46968
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/embeddedfonts.css
23.36.79.43200 OK 320 B URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/embeddedfonts.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2802), with no line terminators
Hash 5a3f1dea25d9d633d7c979a90cbc82fe
bc035d028973021dbf369b639453ba4f71c05a87
eeb58e7bfcdf27308c8911e6cc7efa9300fdc4a4b0298659ac046faafb949040
GET /admincenter/admin-pkg/2023.1.23.1/en/css/embeddedfonts.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:29:18 GMT
x-ms-request-id: a82c8c4e-c01e-0003-5f31-311ef3000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 320
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/js/jquery/jquery-1_10_2_min.js
23.36.79.43200 OK 33 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/js/jquery/jquery-1_10_2_min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65399)
Hash 117f25436c096247cf6441b01fd09140
02e5fd58e0d4fd6e4c3eec8a5decfb5dcf7a14b6
70c50d516099cd4bdda83b580ee6af550a8cb7761ec7c7cbf926a14a4ba704ed
GET /admincenter/admin-pkg/2023.1.23.1/en/js/jquery/jquery-1_10_2_min.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 19:29:12 GMT
x-ms-request-id: f83f51aa-701e-0016-3731-310940000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 33304
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/jsc/headbundle.js
23.36.79.43200 OK 17 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/jsc/headbundle.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 32946175e701ba429d95acc363819e78
4f81237d0d6e331b2f5d595b9bcdbff99958c236
88399726d8bab3d4c5840ade7356177005922efd9fb03918a07d4a69149d3f4c
GET /admincenter/admin-pkg/2023.1.23.1/en/jsc/headbundle.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 19:16:22 GMT
x-ms-request-id: 71c499cb-101e-004d-5331-31307b000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 16905
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/jsc/commoncontrolbundle.js
23.36.79.43200 OK 15 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/jsc/commoncontrolbundle.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (50189)
Hash 03b93961ff6dd8a0f4f20cd812b37747
03e719f52e7dcc6fe926701ec265af349bd1a972
3ab7d2a0b5b2d9a0880322c86c652d465dbf38a69c612fbf56b5847b13d7c533
GET /admincenter/admin-pkg/2023.1.23.1/en/jsc/commoncontrolbundle.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 19:29:11 GMT
x-ms-request-id: 5e1e4996-801e-0060-5e31-318308000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 15183
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/jsc/microsoftajaxcombined.js
23.36.79.43200 OK 56 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/jsc/microsoftajaxcombined.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 91a46a9c92785ed247906f82d0c9df66
1c5f1440427f6dc8a42012c4f51417450aa328a9
ea042f7c95bdd0f10e426fc9e9987efbdab0690ee3859b36a6ceeed19a170eeb
GET /admincenter/admin-pkg/2023.1.23.1/en/jsc/microsoftajaxcombined.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 19:29:17 GMT
x-ms-request-id: 6e078745-b01e-0026-2631-31b78f000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 56341
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/support/oss/angular_1.3.0/angular.min.js
23.36.79.43200 OK 44 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/support/oss/angular_1.3.0/angular.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash c7f4f71b015b4acc308e524f42a90c23
fbfb82b43782207fab4136a73a32349a8f0eb675
89b83b5774082e8613b7251ad714849cc549b21758460dad2ce6733395385335
GET /admincenter/admin-pkg/2023.1.23.1/en/support/oss/angular_1.3.0/angular.min.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 19:29:51 GMT
x-ms-request-id: 913f6cbf-701e-0006-355d-31cc28000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 44417
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/js/instrument.js
23.36.79.43200 OK 1.4 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/js/instrument.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (5072), with no line terminators
Hash b03acc557158f5d0f4e766b4a31c2323
79c18aac27fb5e0a4a49d7b2bb5ce83ddd3c1fb8
fdc7ca73d2421f155c0dee3b18fe679a48c133f6dc3a9c610204a856487cc13e
GET /admincenter/admin-pkg/2023.1.23.1/en/js/instrument.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 19:29:40 GMT
x-ms-request-id: 8196de83-b01e-006b-5931-317863000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 1428
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/o365themedefault.css
23.36.79.43200 OK 1.1 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/o365themedefault.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7600), with no line terminators
Hash 3bb9ec9208da595a2baa881e6886a407
12ea658a1b714581a721e6892eebdadb75272fb1
eec6124d9eae29eb51baadf82d2d553bc0eaf1bc4b9923ae9c17ffce37414b91
GET /admincenter/admin-pkg/2023.1.23.1/en/css/o365themedefault.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:29:54 GMT
x-ms-request-id: 1d38e816-f01e-006a-265d-3127bf000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 1067
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/masterstyles15mvc.css
23.36.79.43200 OK 3.2 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/masterstyles15mvc.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15800), with no line terminators
Hash c0d47f3c6e18bde6f7574ba1c5344cdb
504148025f2f131cc7cbcd87db53032e04a0a67a
1bf632d32c8cb0c0e16611e416ddfb7b1b8b79b4907ad050e380f691dacea1a2
GET /admincenter/admin-pkg/2023.1.23.1/en/css/masterstyles15mvc.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:29:28 GMT
x-ms-request-id: 8c903ad5-101e-002f-5931-31f25c000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 3243
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/servicepulse.css
770 B URL res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/servicepulse.css
IP :0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 1c93ccf2b983f573313c1335d391130d
c46fb43ba846d174093cdfd12001c0528462be22
ea760fb0b547d2ef7364c23888b1a16549796d9d98c5f5141ce8a7fbe36c8969
GET /admincenter/admin-pkg/2023.1.23.1/en/css/servicepulse.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/support/oss/bootstrap_3.0.2/css/bootstrap.min.css
23.36.79.43200 OK 17 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/support/oss/bootstrap_3.0.2/css/bootstrap.min.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (64853)
Hash 015092ed531d0c5afd83ff29dfb63c3f
e5a6e1d3ea0d28f3dd07590887857b8145699166
8594bcbe260032f75cfb006e7aa8c1d02d59d6c1b617f2813c5702a70c7e5dc0
GET /admincenter/admin-pkg/2023.1.23.1/en/support/oss/bootstrap_3.0.2/css/bootstrap.min.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:29:44 GMT
x-ms-request-id: d61dc0c4-401e-0050-7b5d-313dc7000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 16984
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/masterstyles15.css
23.36.79.43200 OK 26 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-pkg/2023.1.23.1/en/css/masterstyles15.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65272), with no line terminators
Hash 47f09d3cf7bddabb66e3f5997cdf6f17
fea8010059a5c2cfaef8feb7d2cd7492eb42654a
54ac76bc85a8c291f498a7d3e407a8878e4fffe16a0f36f14fb2b33642595ce7
GET /admincenter/admin-pkg/2023.1.23.1/en/css/masterstyles15.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 25 Jan 2023 19:29:27 GMT
x-ms-request-id: 96e377fb-901e-0043-0f31-3119cb000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
content-length: 25650
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res.cdn.office.net/admincenter/admin-content/en/css/webfonts/segoeui-semilight-final.woff
23.36.79.43200 OK 26 kB URL HTTP/2 res.cdn.office.net/admincenter/admin-content/en/css/webfonts/segoeui-semilight-final.woff
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 25997, version 1.0\012- data
Hash 22b4d6f0afe44339cbbffc64ab0d385d
eeb383ef99f353ef64c70e84e44e6e633629ec3e
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
GET /admincenter/admin-content/en/css/webfonts/segoeui-semilight-final.woff HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portal.office.com
Connection: keep-alive
Referer: https://res.cdn.office.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 25997
last-modified: Wed, 25 Jan 2023 17:50:42 GMT
x-ms-request-id: 34dff827-401e-001d-7b63-31f22b000000
cache-control: max-age=630720000
date: Mon, 30 Jan 2023 06:38:44 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
portal.office.com/images/servicepulse/icon-alertoutline.png
13.107.6.156200 OK 539 B URL HTTP/2 portal.office.com/images/servicepulse/icon-alertoutline.png
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e745ab5020c353855ca79f7e99e8bc7
12c501799bf670143998ee041e624e9e1859bfb2
945b8a9d1fc9d3f0297595ffe13789ff37f3af4993c153379a091061d16e88e8
GET /images/servicepulse/icon-alertoutline.png HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-length: 539
content-type: image/png
expires: Tue, 30 Jan 2024 06:38:44 GMT
last-modified: Fri, 16 Dec 2022 20:26:25 GMT
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 662B80BAD2CC4826B5304DA016DF63B8 Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:44Z
date: Mon, 30 Jan 2023 06:38:44 GMT
X-Firefox-Spdy: h2
portal.office.com/api/servicestatus/index
13.107.6.156200 OK 895 B URL HTTP/2 portal.office.com/api/servicestatus/index
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (895), with no line terminators
Hash 49831e49887db71b1b68ec8f3d32e601
180b100df3699e9dbd787b1a75c22e6627d7cc91
1a0f57f2e36c7d70578fecc9f57ae65bfb5a97aafdfaadc67b2e1c3384caec7a
GET /api/servicestatus/index HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-length: 895
content-type: application/json; charset=utf-8
expires: -1
strict-transport-security: max-age=63072000
x-ms-correlation-id: fb9e17bc-5d64-4cb8-a3e5-412377b4c792
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A878008AFE8644D6B0F9163E5B06C763 Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:44Z
date: Mon, 30 Jan 2023 06:38:44 GMT
X-Firefox-Spdy: h2
portal.office.com/images/servicepulse/icon-check.png
13.107.6.156200 OK 442 B URL HTTP/2 portal.office.com/images/servicepulse/icon-check.png
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 3417592349017d9258b46fc2251326a5
45921855f79d6f5c7c73e8da0367d744e79d554f
812d976fb0cb581ea1b0e09a1c1c3d803f5dec1e490eabc6169b9652b0915e25
GET /images/servicepulse/icon-check.png HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-length: 442
content-type: image/png
expires: Tue, 30 Jan 2024 06:38:44 GMT
last-modified: Fri, 16 Dec 2022 20:26:22 GMT
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B959B28334674D60BE097870D40E04E3 Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:44Z
date: Mon, 30 Jan 2023 06:38:44 GMT
X-Firefox-Spdy: h2
portal.office.com/images/ServicePulse/banner_up.png
13.107.6.156200 OK 15 kB URL HTTP/2 portal.office.com/images/ServicePulse/banner_up.png
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 826 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c1b1839fac84224f0e32775baf0985e
11f5086384e2677054d2c345bea587a61359eeb6
90a1056ff18852567c1edab551907841b08d7c17b680d0cae64f45ff967668fe
GET /images/ServicePulse/banner_up.png HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-length: 15428
content-type: image/png
content-encoding: br
expires: Tue, 30 Jan 2024 06:38:44 GMT
last-modified: Fri, 16 Dec 2022 20:26:22 GMT
vary: Accept-Encoding
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 27720C6922FF4019A01192FE890A7F9A Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:44Z
date: Mon, 30 Jan 2023 06:38:44 GMT
X-Firefox-Spdy: h2
portal.office.com/images/servicepulse/msftlogo.png
13.107.6.156200 OK 1.4 kB URL HTTP/2 portal.office.com/images/servicepulse/msftlogo.png
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 112 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 92871804791c8945814074b4dae51241
913548c1e1a9975783dfe99c5faf0b96a36ea026
3dd1e07183c9f15543c2ada00a5770c86b6cff2b00ec87e7fef0557848735c16
GET /images/servicepulse/msftlogo.png HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-length: 1441
content-type: image/png
expires: Tue, 30 Jan 2024 06:38:45 GMT
last-modified: Fri, 16 Dec 2022 20:26:36 GMT
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 38EEC36B13E34C55AE4D6C652CAEE673 Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:44Z
date: Mon, 30 Jan 2023 06:38:44 GMT
X-Firefox-Spdy: h2
portal.office.com/favicon.ico
13.107.6.156200 OK 2.0 kB URL HTTP/2 portal.office.com/favicon.ico
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 31x32, 32 bits/pixel\012- data
Hash ce200aeb3fe950be7a2dac6beb572264
b138a395363c4bd8361d04bae4caa87060a15be4
5e9ab9a95f2a3707ba3b89b7b60c5a4866f90f47072caac2b1472b64ceed2693
GET /favicon.ico HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-length: 1981
content-type: image/x-icon
content-encoding: br
expires: Tue, 30 Jan 2024 06:38:45 GMT
last-modified: Wed, 25 Jan 2023 17:49:17 GMT
vary: Accept-Encoding
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2F3362B5A4114F51ADAD1A5F4AD449A2 Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:45Z
date: Mon, 30 Jan 2023 06:38:44 GMT
X-Firefox-Spdy: h2
portal.office.com/images/servicepulse/good.png
13.107.6.156200 OK 557 B URL HTTP/2 portal.office.com/images/servicepulse/good.png
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash ef5348033a76b0fdae105bf7170ab42e
7f119629d3351b88946cd31e2112762fab94d4e3
7b3dd648df5a61cc893d6414a85cf449392747a8d4b348251f6a1d443f1f14fc
GET /images/servicepulse/good.png HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-length: 557
content-type: image/png
expires: Tue, 30 Jan 2024 06:38:45 GMT
last-modified: Fri, 16 Dec 2022 20:26:26 GMT
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C16D7C4C99EB49D4BDD2790F59CC714B Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:44Z
date: Mon, 30 Jan 2023 06:38:45 GMT
X-Firefox-Spdy: h2
portal.office.com/pp.l?CID=3857ded6-b292-4498-846e-a326d435a511&pageId=servicestatus&d={B:{S:%27L%27,LT:1375,UT:-1,MT:563},A:{ET:-1,OT:2,DT:51,CT:88,RT:219,ST:220,MT:831,LT:1641},C:{LT:1675060736339}}
13.107.6.156200 OK 813 B URL HTTP/2 portal.office.com/pp.l?CID=3857ded6-b292-4498-846e-a326d435a511&pageId=servicestatus&d={B:{S:%27L%27,LT:1375,UT:-1,MT:563},A:{ET:-1,OT:2,DT:51,CT:88,RT:219,ST:220,MT:831,LT:1641},C:{LT:1675060736339}}
IP 13.107.6.156:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash dbc2b30ecd3ce2a7a8965e5b0a569dff
c32d2ffdbf66b5582c8c184e0c0b436048292807
9397d5506d9bb44184a4bd44001382209441bd80d8c5fb4f3dffdb1f966b7995
GET /pp.l?CID=3857ded6-b292-4498-846e-a326d435a511&pageId=servicestatus&d={B:{S:%27L%27,LT:1375,UT:-1,MT:563},A:{ET:-1,OT:2,DT:51,CT:88,RT:219,ST:220,MT:831,LT:1641},C:{LT:1675060736339}} HTTP/1.1
Host: portal.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://portal.office.com/servicestatus
Cookie: s.SessID=9c2f4e24-3abf-4bdc-bc86-b23aad6984b9; s.cachemap=20; s.ImpressionId=3857ded6-b292-4498-846e-a326d435a511; x-portal-routekey=weu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
pragma: no-cache
content-length: 813
content-type: image/gif
expires: Mon, 30 Jan 2023 06:37:45 GMT
set-cookie: x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DDC5645AB912474A9DDECC14BA6EDDAF Ref B: SVG20EDGE0121 Ref C: 2023-01-30T06:38:45Z
date: Mon, 30 Jan 2023 06:38:45 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 29934
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
microsoftonline.0-9i.com/?username=elene.worthington@elston.com.au
23.227.202.134302 Found 0 B URL HTTP/2 microsoftonline.0-9i.com/?username=elene.worthington@elston.com.au
IP 23.227.202.134:0
Analyzer Verdict Alert fortinet Phishing
GET /?username=elene.worthington@elston.com.au HTTP/1.1
Host: microsoftonline.0-9i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 06:38:43 GMT
content-type: text/html; charset=utf-8
location: https://portal.office.com/servicestatus
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2