r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11136
Expires: Thu, 01 Dec 2022 16:15:42 GMT
Date: Thu, 01 Dec 2022 13:10:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5890
Cache-Control: max-age=169156
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:10:06 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:09:22 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9022
Expires: Thu, 01 Dec 2022 15:40:28 GMT
Date: Thu, 01 Dec 2022 13:10:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3020
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eTvajpA3ZWEA8tgfrj3nks2Wc8gy10MmLlnMQRHQAg96AcP77inRGyQJJ3phMUIiTd03QbDHdd0=
x-amz-request-id: Y36S7XDSBJA91GJ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 12:45:40 GMT
age: 1466
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:10:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ba4c2df85966b8c101650b5a4ce1ed68
f268803359f5c77add3c6cb35892fd5698e1789b
881d4f97e0e7078911e4c5d96ee2147fb4517824d545464b2bdb20c9a08a1707
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:10:07 GMT
Server: ECS (amb/6B74)
Content-Length: 727
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:08:56 GMT
cache-control: public,max-age=3600
age: 71
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5886
Cache-Control: max-age=164088
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:10:07 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:44:55 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FqLpa9vY5Pt0eIzDByMRXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W4Mqg3xZngbL7wSc/uIQQDFZTkc=
creator.microsoftstart.com/
40.112.243.98200 OK 27 kB URL HTTP/1.1 creator.microsoftstart.com/
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11795), with CRLF, LF line terminators
Hash fde66aa82a3ba07ba2e7b2cdc407540d
414404b970140f695a0df0ed017dd86339de5443
c9005a0418aea40fc659f858f1c1ea377fadc3965df6b0e96690e5afc670ec95
Analyzer Verdict Alert openphish Office365
GET / HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Length: 27423
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 13:10:08 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5; path=/
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30, ASP.NET
Link: <https://creator.microsoftstart.com/wp-json/>; rel="https://api.w.org/", <https://creator.microsoftstart.com/wp-json/wp/v2/pages/115>; rel="alternate"; type="application/json", <https://creator.microsoftstart.com/>; rel=shortlink
statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
23.36.76.98200 OK 473 B URL HTTP/1.1 statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (342), with CRLF line terminators
Hash a40589609d8e75c109e93abbff0dcf60
76ae9c943d54022e24b90467713a73a431eddd6d
2c959c2618be84448b26de18639db8a66126449c6ebb29f4f6d33e00adb5b069
GET /statics/override.css HTTP/1.1
Host: statics-marketingsites-eus-ms-com.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
ETag: 0x8D6EEC3A2D67C35
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3fb0082d-901e-0063-7c1c-624c2f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Unused62: 8096267
Content-Length: 473
Date: Thu, 01 Dec 2022 13:10:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a7768a8a4d5f2b246e1c7184e4526eef
424a0bbdad4a58e0eeced80d976613d4925a8f55
6233da50858bbd760a4da93d72eaf8b0a3379184601e8eb76db9a306af568c71
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: max-age=98561
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:10:08 GMT
Etag: "63876ec3-117"
Expires: Fri, 02 Dec 2022 16:32:49 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:59 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
151.101.65.229200 OK 569 B URL HTTP/2 cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
IP 151.101.65.229:0
Hash 8089b828484e2269d5dcb1089c4004ba
9b61a0f5bf48ef08890dbae954ee9b5a90015d2c
35c1c8741af6e18aa88caca3d060e26808e1103a29b3ee0415ae3e3b648bcd09
GET /npm/slick-carousel@1.8.1/slick/slick.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 13:10:08 GMT
age: 22333941
x-served-by: cache-fra19155-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 569
X-Firefox-Spdy: h2
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ef-a24652?ver=2.0&_cf=02242021_3231
23.38.201.156200 OK 23 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ef-a24652?ver=2.0&_cf=02242021_3231
IP 23.38.201.156:0
File type Unicode text, UTF-8 text, with very long lines (64241)
Hash 42c9e145515c1181de810dca8de80962
2124aa979e0b9df035541fafa3bc29aca7bcf665
335cc2a8c473151675f38c33b2486bebaddce3a0e9192ac89bfa10794bada11b
GET /onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ef-a24652?ver=2.0&_cf=02242021_3231 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Nov 2022 20:24:46 GMT
x-activity-id: dde950d7-71ff-4b5c-b3c7-79d8c3b97bd6
ms-cv: oRoE4eNYbECD9lie.0
x-appversion: 1.0.8335.36378
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-10-28T03:12:36.0000000Z}
ms-operation-id: a8448f896f24c445966ef58e69b443c6
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-11-15T20:24:46
x-s2: 2022-11-15T20:24:46
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 22647
cache-control: public, max-age=30179636
expires: Wed, 15 Nov 2023 20:24:04 GMT
date: Thu, 01 Dec 2022 13:10:08 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 63af04afe266039d65645031ffb05daa
67aec28e4c3c774731f7f42b683e32eabaf5db9f
635e4426ec1dca6edc753167150482d347f11b1743ff9c91c1fcef0059fc49e0
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 13:10:08 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C885F7BDB798519C88B328A27C8E866FF7BB7327"
Expires: Fri, 02 Dec 2022 00:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3421
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c0fb1bb8f0b55-OSL
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
23.38.201.156200 OK 36 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
IP 23.38.201.156:0
File type ASCII text, with very long lines (42133)
Hash aece1107107ca4280de0d98c1855bdbb
b84a2a75eef1fb21dc5dcb1866ec232c0323befa
4f747d96a6976d859279fa30bdc58af942826d562ba3cb14eb0243995fc9ce68
GET /onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 18 Oct 2022 17:39:10 GMT
x-activity-id: b6d3ee50-fcfc-4286-8cd2-662da3f3e5fe
ms-cv: ZDzyws/2PUSznH42.0
x-appversion: 1.0.8301.38639
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-09-24T05:27:58.0000000Z}
ms-operation-id: 670cf0f0a57d4141b0bc0910055ad5ab
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-10-18T17:39:10
x-s2: 2022-10-18T17:39:10
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 35604
cache-control: public, max-age=27750488
expires: Wed, 18 Oct 2023 17:38:16 GMT
date: Thu, 01 Dec 2022 13:10:08 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a4caf608c96f49743a168e19f3b38f99
3519cd559bdd170b20e6486aef16fb6f1e583359
4194a7822e85c12181dead8a7804f1e1707cc585c04def00f6654003152fd32b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4194A7822E85C12181DEAD8A7804F1E1707CC585C04DEF00F6654003152FD32B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18927
Expires: Thu, 01 Dec 2022 18:25:35 GMT
Date: Thu, 01 Dec 2022 13:10:08 GMT
Connection: keep-alive
wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
13.107.227.53200 OK 82 kB URL HTTP/2 wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (63888), with no line terminators
Hash e51f388b62281af5b4a9193cce419941
364f3d737462b7fd063107fe2c580fdb9781a45a
348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c
GET /mscc/lib/v2/wcp-consent.js HTTP/1.1
Host: wcpstatic.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=43200
content-length: 81726
content-type: application/javascript
content-encoding: gzip
content-md5: X1JOIM5h9UISVFS6+GfEew==
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
age: 3743
etag: 0x8DA85F6EA62BF74
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 86c35651-a01e-0025-4e7d-05214a000000
x-ms-version: 2009-09-19
x-azure-ref: 0sKeIYwAAAAAYLi8L5uGPTLK0ehaX60amT1NMMjMxMDUwMjA0MDQ1ADM5YjQ2MTU3LWNiOWUtNDliNy1hNjVhLTg3MjJhM2Y4MjRlNA==
date: Thu, 01 Dec 2022 13:10:08 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5117
Expires: Thu, 01 Dec 2022 14:35:26 GMT
Date: Thu, 01 Dec 2022 13:10:09 GMT
Connection: keep-alive
creator.microsoftstart.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
40.112.243.98200 OK 18 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (47826)
Hash 543e52eecefa6ea6535a6073f07143fc
b78ecf11d4b9faf986891825188f4a91c92e9895
239910ec5a8c990375a70c48366c0b0f18169ef4cd5fdfdcc5cb5e642306a684
Analyzer Verdict Alert openphish Office365
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 17699
Content-Type: text/css
Date: Thu, 01 Dec 2022 13:10:08 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "c65748755df9d81:0"
Last-Modified: Wed, 16 Nov 2022 01:48:00 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5117
Expires: Thu, 01 Dec 2022 14:35:26 GMT
Date: Thu, 01 Dec 2022 13:10:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5117
Expires: Thu, 01 Dec 2022 14:35:26 GMT
Date: Thu, 01 Dec 2022 13:10:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 55522
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.cdnfonts.com/css/segoe-ui-4
104.26.15.62200 OK 665 B URL HTTP/2 fonts.cdnfonts.com/css/segoe-ui-4
IP 104.26.15.62:0
File type ASCII text, with very long lines (660), with no line terminators
Hash 30bcee12ce3280d3f2050d67a12d8506
a6c1a838214229bc03c11059f479a360848e2c4b
2271c27ef84feb0c32f45aa3ae49d948d819f6a6d04f697e68cf1994414a6b3f
GET /css/segoe-ui-4 HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:08 GMT
content-type: text/css;charset=UTF-8
cf-bgj: minify
cf-polished: origSize=786
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2999989
last-modified: Thu, 27 Oct 2022 19:50:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03Z74bpn%2BDOcDJsQh4MCRGeHuxZmboaREi%2FUsCiQwHurrSE%2BJ2drPWNX%2Fbs3HNdufY55X8t3MV3HR5X9v9a%2B9by4h1cgnvXunQ0lnPBD01SqSO7%2FgGwexN2nmMxM%2FIKjGV6tFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 772c0fb20fcb1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 55476
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 85715
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:29:35 GMT
age: 85234
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 31250
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 55249
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
152.199.19.161200 OK 78 kB URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.77.1005
IP 152.199.19.161:0
File type ASCII text, with very long lines (65494)
Hash bee88fab0bef34c36b2741a197808062
49cd42f19809ab6e3cd622776d3058294d81acec
0a09921fc26a17863dd4264ce94ea91909d538cb110523bce3e49c7a56bb385d
GET /public/latest/js/form-loader.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 521243
content-md5: LcL8NFpRk2NpqGa1adfIug==
content-type: application/x-javascript
date: Thu, 01 Dec 2022 13:10:09 GMT
etag: 0x8DACEDF5F577204
last-modified: Fri, 25 Nov 2022 12:19:59 GMT
server: ECAcc (ska/F762)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: dcb8fdc0-a01e-0054-52c8-001cf4000000
x-ms-version: 2009-09-19
content-length: 78516
X-Firefox-Spdy: h2
mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
152.199.19.161200 OK 2.3 kB URL HTTP/2 mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.77.1005
IP 152.199.19.161:0
File type ASCII text, with very long lines (5347), with no line terminators
Hash 85b7e8376f33628ff841fa41936b58a9
5596e4b19763b039486d80251bea6a569c06cff0
3095886c089d17d1e4063b88caac067a16aab1989b70937123dbf136096ca480
GET /public/latest/js/ws-tracking.js?v=1.77.1005 HTTP/1.1
Host: mktdplp102cdn.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 521243
content-md5: FjqakIjSeEkZwkM9tXKB2Q==
content-type: application/x-javascript
date: Thu, 01 Dec 2022 13:10:09 GMT
etag: 0x8DACEDF5F5CC871
last-modified: Fri, 25 Nov 2022 12:19:59 GMT
server: ECAcc (ska/F6EF)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8fc27b11-201e-0028-5ac8-00320b000000
x-ms-version: 2009-09-19
content-length: 2325
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
40.112.243.98200 OK 5.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (11126)
Hash f9aa3aa9fd0743851fe52747dc98ab58
20efd968d25b0f720cc71f97b8522f95120085a1
a6a2336d4bbf7f10472afd72c043f7a3bc4628665efcf53af07f0dd24a7c8483
Analyzer Verdict Alert openphish Office365
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4994
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 13:10:08 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "b4e746f355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:59 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e930409ce6909e3b73ce06e3dd7c42b9
1610f0cd3e24e1c22d2428231795cf1214ed93fb
236f86378ddb79c0161e3f0256fed8558b0f95a8d0eb854e62c2f5281b5f6326
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170006
Date: Thu, 01 Dec 2022 13:10:09 GMT
Etag: "63888812-1d7"
Expires: Sat, 03 Dec 2022 12:23:35 GMT
Last-Modified: Thu, 01 Dec 2022 10:55:14 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A6uDEGHTVcuZz9Wp9nLCSPhAVsaP-NXyHOMvenGFCvvxgyYKKNqQZw==
Age: 5301
creator.microsoftstart.com/wp-content/themes/tailpress-1/js/app.js?ver=3.0.0
40.112.243.98200 OK 311 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/themes/tailpress-1/js/app.js?ver=3.0.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4f30e8224e0ec35208a42471d885f1e4
f9e5f2e2af43c9ff7f1a5ff1cd4a1e6a27c3e247
6fd382a047ff7f029e94c85ab3dd9ccfd6eb40f2b29ff7689a5830d1521f6ee6
Analyzer Verdict Alert openphish Office365
GET /wp-content/themes/tailpress-1/js/app.js?ver=3.0.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 311
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 13:10:08 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "73e87d52355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:11 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/themes/tailpress-1/css/app.css?ver=3.0.0
40.112.243.98200 OK 8.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/themes/tailpress-1/css/app.css?ver=3.0.0
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 9c0c832b9094026dc3c76a7834517c74
24d2c1d1f5aa6dfd2f15854f15415d8a2a7ad09b
dd4af2a13659213f1d7d8dd2ca869d1be756bfcf130bc2aa8f574e9f9dfec6d8
GET /wp-content/themes/tailpress-1/css/app.css?ver=3.0.0 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8103
Content-Type: text/css
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e02b6d52355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:11 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.1.1
40.112.243.98200 OK 1.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash b0c3a8dd283c4d06d0dd344115d5087a
3a703fc9be34533f5436f95556ad96ec0565c0b7
1e1bd4421f7d0083b58e1a3298fbd93a73381f4c00f958e0afed39b44380f30f
GET /wp-content/plugins/login-with-azure/css/style_login_widget.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1207
Content-Type: text/css
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "b5f01141df5d81:0"
Last-Modified: Thu, 10 Nov 2022 15:57:04 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.1.1
40.112.243.98200 OK 8.3 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 25f5ae557d55c81ace56799736b0c209
636b9f604e9bf2a385ca45b49b26d713f23cb974
317c231ab9d03607e6872437e33f38aeb7dd22bffa2411d76155040c23f29c53
GET /wp-content/plugins/login-with-azure/css/font-awesome.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8322
Content-Type: text/css
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "3f34fd131df5d81:0"
Last-Modified: Thu, 10 Nov 2022 15:57:04 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/login-page.css?ver=6.1.1
40.112.243.98200 OK 581 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/login-with-azure/css/login-page.css?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 32a3f1a33c20576e3c3ea1a6e94cdb42
4f43d49c1975861527a7ecf1553e631c364b4865
654900e7461eb2a21517be0dcf1a4d1edc6210e288c9efc67e70cc6543abec3a
Analyzer Verdict Alert openphish Office365
GET /wp-content/plugins/login-with-azure/css/login-page.css?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 581
Content-Type: text/css
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e48dff131df5d81:0"
Last-Modified: Thu, 10 Nov 2022 15:57:04 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
40.112.243.98200 OK 6.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (15660)
Hash 5b49ac9423f60e2bc202fd0f262dcbca
8b8e9dc543c50fa37c93b4813e7b1df0b1e3c6ca
eece78511ada5a18c5969ad63f3458f1f1886adc05d198036c7dbf4f442299ab
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6568
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "208fc1daf06fd81:0"
Last-Modified: Wed, 25 May 2022 04:35:26 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1
40.112.243.98200 OK 1.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 192f497aacae1a97abdd1b6b84fc7737
9ccf73b7c2bc2a04caa02acbe4dbf36dc5e573f6
c3bd18b0b69758cc1c7f26e21e6ae7249081e912a02c888107cf9efa13d9f35a
GET /wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.1.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1210
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "848a3c29355ed81:0"
Last-Modified: Mon, 02 May 2022 14:59:02 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
40.112.243.98200 OK 40 kB URL HTTP/1.1 creator.microsoftstart.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 3b8308b6566c1741ff45d278fbb67ef3
41229c2c88cd733416596e7dbf69057151b86356
417070500fb27b2534931605625127c9edc1ea316c71fead7aa0e6adeac6e159
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 39867
Content-Type: application/x-javascript
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "d2d5e95b71eed81:0"
Last-Modified: Wed, 02 Nov 2022 04:12:44 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
23.38.201.156200 OK 26 kB URL HTTP/2 www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
IP 23.38.201.156:0
File type Web Open Font Format, TrueType, length 26288, version 0.0\012- data
Hash d0263dc03be4c393a90bda733c57d6db
8a032b6deab53a33234c735133b48518f8643b92
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 14 Jun 2022 13:23:15 GMT
x-activity-id: 433fff9c-ac1c-4827-bb3b-a2ca5fa6dd83
ms-cv: /0+3RKV7ykuNLoKI.0
x-appversion: 1.0.8167.41521
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-05-13T07:04:02.0000000Z}
ms-operation-id: 2f08fc2d143919438bfe914fdfecfc02
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=16848793
expires: Wed, 14 Jun 2023 13:23:22 GMT
date: Thu, 01 Dec 2022 13:10:09 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
fonts.cdnfonts.com/s/15051/Segoe%20UI%20Bold.woff
104.26.15.62200 OK 20 kB URL HTTP/2 fonts.cdnfonts.com/s/15051/Segoe%20UI%20Bold.woff
IP 104.26.15.62:0
File type Web Open Font Format, TrueType, length 20444, version 0.0\012- data
Hash 52382539737f4e9913e4bf6b9966bee3
d58d3dc5ff86fe8ff594134df53ea9b8074f6bc6
d711a54cb4822ccf7926b1a95b7a43107fcfe8ef99a817e6906a1063657c7b28
GET /s/15051/Segoe%20UI%20Bold.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://fonts.cdnfonts.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:09 GMT
content-type: font/woff
content-length: 20444
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "4fdc-5d73bbbd3deae"
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEMnO08HbnsOZ0h4b7W0%2FzNTm3c9zifxWvP7hTSHnsnykYyeGeD6MARJa4rZlWHaPPooad8wPZGHdYQL5%2F7u5jZ7gVroXpBc6fNjlFIxrJVGBq6C6TboshWDRLAPurTRnuFDvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 772c0fb7b84eb4fa-OSL
X-Firefox-Spdy: h2
fonts.cdnfonts.com/s/15051/Segoe%20UI.woff
104.26.15.62200 OK 20 kB URL HTTP/2 fonts.cdnfonts.com/s/15051/Segoe%20UI.woff
IP 104.26.15.62:0
File type Web Open Font Format, TrueType, length 19904, version 0.0\012- data
Hash 9a2931180d6b1dc7b33052657eef554b
77b8f3cb5410c779206782a310990c19af2b02ca
f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663
GET /s/15051/Segoe%20UI.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://fonts.cdnfonts.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:09 GMT
content-type: font/woff
content-length: 19904
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "4dc0-5d73bbbd3e296"
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkY%2FTd%2BFpQpQ0OIqKpoNu8l7NpxeS%2BbfhHTOrSgpMOJHoFfvwi7W7OBsUtvS21Q%2FT5eTT1oP4vcCuGbK4N0HH99ztTfMhhm933tl%2BePVOv5SA0W2l6NMeOXZY0QQ85sJ41iJUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 772c0fb7b849b4fa-OSL
X-Firefox-Spdy: h2
www.socialintents.com/json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1669900208320
44.241.47.149200 OK 128 B URL HTTP/2 www.socialintents.com/json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1669900208320
IP 44.241.47.149:0
Hash fd0614c274deceba828b50cd0b9dd1a2
3b150ad13bf09f3fc04ade698efb11f5f21596a6
eaf8c9505e4665fb9e74c4ede987c7d7db33f5843e1eeb020a550f46cf396111
GET /json/jsonGV.jsp?uid=2c9fa0e17fcdc835017fe661086e1ef7&callback=jsonCallback&_=1669900208320 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=ul1j8azNK/wrih6BO6Vi0at8wsBu0IsLpy6UDzArUwCYGSG1YdZrX8KvP8WJkpz9VJUYnSBErGrsO4dLADYe6ie0IWTD1EnJYvRp1ec58BXXgaDLsnbiUGx7cGgQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:10 GMT
content-type: application/json;charset=UTF-8
content-length: 128
set-cookie: AWSALB=CbzZKn+hdHVy9RdM41BC2LZrwm+DnoP6j2+ZCcspPk/xlbqIHcz5lKHECbKw3/ILlY/pnyhCo/0pJmJ+ReFMzdgFAYXkixm3JBb0kkvhiu5gbHd3YJi3z7laBOiE; Expires=Thu, 08 Dec 2022 13:10:10 GMT; Path=/
AWSALBCORS=CbzZKn+hdHVy9RdM41BC2LZrwm+DnoP6j2+ZCcspPk/xlbqIHcz5lKHECbKw3/ILlY/pnyhCo/0pJmJ+ReFMzdgFAYXkixm3JBb0kkvhiu5gbHd3YJi3z7laBOiE; Expires=Thu, 08 Dec 2022 13:10:10 GMT; Path=/; SameSite=None; Secure
JSESSIONID=3E6293C27521A87DF594F695AEAB1EA2; Path=/; Secure; SameSite=None; Secure; HttpOnly; SameSite=None
server: nginx/1.16.1
X-Firefox-Spdy: h2
creator.microsoftstart.com/app.css
40.112.243.98404 Not Found 25 kB URL HTTP/1.1 creator.microsoftstart.com/app.css
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11795)
Hash 03ae2d97a573c65812a639add4f2531f
73934cdb98618ae9fc5fd81701fc9e62e54dabe3
17be7662207b23d644b00ac5d98faabda1e3ef71bc298c7ab4f7761f581e5cab
Analyzer Verdict Alert openphish Office365
GET /app.css HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 25028
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 13:10:09 GMT
Server: Microsoft-IIS/10.0
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Pragma: no-cache
X-Powered-By: PHP/7.4.30, ASP.NET
Link: <https://creator.microsoftstart.com/wp-json/>; rel="https://api.w.org/"
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
23.36.76.186200 OK 4.1 kB URL HTTP/2 img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f14c20150a003d7ce4de57c298f0fba
daa53cf17cc45878a1b153f3c3bf47dc9669d78f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
GET /cms/api/am/imageFileData/RE1Mu3b?ver=5c31 HTTP/1.1
Host: img-prod-cms-rt-microsoft-com.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
last-modified: Thu, 10 Nov 2022 17:11:49 GMT
x-source-length: 4054
x-datacenter: northeu
x-activityid: 3299048c-d60d-46f5-a1f5-a85a9486614a
timing-allow-origin: *
x-frame-options: DENY
x-resizerversion: 1.0
content-length: 4054
cache-control: public, max-age=187397
expires: Sat, 03 Dec 2022 17:13:27 GMT
date: Thu, 01 Dec 2022 13:10:10 GMT
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/story-background.svg
40.112.243.98200 OK 852 B URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/story-background.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (492), with CRLF line terminators
Hash 5a536937285b2d1ab10617fbd4174878
07b2c4621df05bb33d16f47ddc6133d3b47f485a
412bae5ce0f1717032f7ab2706b1a99f0aedc40cbfb967c0fd860fa7dec66614
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/story-background.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 852
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "27fb275c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/go-global.svg
40.112.243.98200 OK 5.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/go-global.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5049), with CRLF line terminators
Hash 0e4e4ce3e5ac354ec5d282374c32515c
2b07f75e5720b98fedb30c6078359b97712362a7
db80a6fd749d6313a9bebc98ea2f2df49bd4465a0dbcb39b099ca42a434d7beb
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/go-global.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5156
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "fe58bc5b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
2.18.173.151200 OK 34 kB URL HTTP/2 c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
IP 2.18.173.151:0
File type Web Open Font Format (Version 2), TrueType, length 34052, version 0.0\012- data
Hash 36397a3bc139c6e9f81d383f060f080a
3f4f86c10920d4ed345f4858b6cde9f93e1aeb81
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
GET /static/fonts/segoe-ui/west-european/normal/latest.woff2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://creator.microsoftstart.com
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 34052
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "588d483e9c7d51:0"
cache-control: public, max-age=535711
expires: Wed, 07 Dec 2022 17:58:41 GMT
date: Thu, 01 Dec 2022 13:10:10 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/cash.svg
40.112.243.98200 OK 2.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/cash.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1337), with CRLF line terminators
Hash 4a487df08185f0b7c699e1d4dc5f4fc1
4c6ee04056780cd6d7d0cc48bfa295fa842929f5
28e530b34e424d16913a64a097d31e5c30d59fa65b2635f0c7c2595d33e302ad
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/cash.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2436
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "f75d25b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/create.svg
40.112.243.98200 OK 1.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/create.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (508), with CRLF line terminators
Hash c064ebf61129e717c0090b27f3cb677d
9bec4ea8cd0cef1b6ddbbcd4a7c876be77031158
3c1e09bc4d171035121d72b0ab7c6d1e71a94b1112cfc9c7142e8b396a01241e
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/create.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1588
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "e070155b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/usa-today.png
40.112.243.98200 OK 2.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/usa-today.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 121 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e6c75f43447416a5fff9ddff06f0ce1
abd8284784abbec80b84b703112905580a27d258
68789000567b30903d14da6f207c2c0960ae9b31d5644895c75a26e33dc5c957
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/usa-today.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2052
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "27e8495c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/connect.svg
40.112.243.98200 OK 2.1 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/connect.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1010), with CRLF line terminators
Hash eb5dc0e1905f09808aad0b9a4f5615dc
682be40dfc6e28b69b74865f0563d1838ea2dd52
11005bd96e1d108ddc55dacadcbfb3ea50b2f69feea6d6a9e0f6a63f91981903
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/connect.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2110
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "eb8595b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
www.socialintents.com/api/socialintents.1.3.js
44.241.47.149200 OK 527 kB URL HTTP/2 www.socialintents.com/api/socialintents.1.3.js
IP 44.241.47.149:0
Size 527 kB (527138 bytes)
Hash b732021e703592465775f6d3bbd01690
1c1f64c8dae171f0c42c599074acd07374023ab2
6b38f26981352ed4bfa4dc06585c01cc59bc51254dd54a08c17a724deb154cd5
GET /api/socialintents.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:09 GMT
content-type: application/javascript
set-cookie: AWSALB=ul1j8azNK/wrih6BO6Vi0at8wsBu0IsLpy6UDzArUwCYGSG1YdZrX8KvP8WJkpz9VJUYnSBErGrsO4dLADYe6ie0IWTD1EnJYvRp1ec58BXXgaDLsnbiUGx7cGgQ; Expires=Thu, 08 Dec 2022 13:10:09 GMT; Path=/
AWSALBCORS=ul1j8azNK/wrih6BO6Vi0at8wsBu0IsLpy6UDzArUwCYGSG1YdZrX8KvP8WJkpz9VJUYnSBErGrsO4dLADYe6ie0IWTD1EnJYvRp1ec58BXXgaDLsnbiUGx7cGgQ; Expires=Thu, 08 Dec 2022 13:10:09 GMT; Path=/; SameSite=None; Secure
server: nginx/1.16.1
access-control-allow-origin: *
etag: W/"5483-1668544892000"
last-modified: Tue, 15 Nov 2022 23:41:32 MSK
content-encoding: gzip
X-Firefox-Spdy: h2
creator.microsoftstart.com/wp-content/uploads/2022/03/los-angeles.png
40.112.243.98200 OK 2.0 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/los-angeles.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 194 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash c54ab89f392e64d47ed4ab9b5b2c25a5
6889092028caada6ffb011460ddbc0d85f97388c
ee2db7658ed3f7f0334608b4b59ac4d135ce0dd8c661b2ff078651ecbcb6bb54
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/los-angeles.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2035
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "032d45b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.svg
40.112.243.98200 OK 5.8 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5659), with CRLF line terminators
Hash 8a35fbcac86cc7d9a9674e77b48e4986
4f98074ee42113ba8144f486673636312d0e2c6c
636715bed5c7a0312773fc4ffae1920a8e978c1064fe8cab1e611577bab90bf7
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/get-paid.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5766
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "59476b5b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/msn.png
40.112.243.98200 OK 214 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/msn.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 214 kB (213560 bytes)
Hash 1c150c89d0a4a78006d507fbd646116d
81d1548d953390d06869af017538e498e5660a53
ba1012daa04a936f14b6ac8d3ba5f34b017bd9acfbff84bb5df7db74f5c272ec
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/msn.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 213560
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "44751e5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/widget.png
40.112.243.98200 OK 268 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/widget.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 268 kB (268105 bytes)
Hash 9f619afc0185cf5c10242b82f81f2977
2d9e446262dafbb0cf0b2f31b486a19580d7c03b
ad3bdda423eb8ed56307d0de294d2c73a451800ee14cab4838e1e5932eecdaa7
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/widget.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 268105
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "b8e99f5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.svg
40.112.243.98200 OK 2.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.svg
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1526), with CRLF line terminators
Hash a9d28edd90bb3a81da0221739efb31ae
85349b5c92f4e7b917b2b82c0e3867311e03634f
458167ee38f217b85c466deed29e7a6a48bd955369ab7fcb951d02e297e1f333
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/build-your-brand.svg HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2864
Content-Type: image/svg+xml
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5aaef15a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/bloomberg.png
40.112.243.98200 OK 2.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/bloomberg.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 133 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eacfa7d66abcc577ef245511358cd69
a1e08be805b13f2f95fc8a391449357cafa75516
7e28c4ab0b9e48d9821fdc26f15d32e508ee3321be203739ef351e4fd5c7153c
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/bloomberg.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2174
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "ced5ba5a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/univision.png
40.112.243.98200 OK 2.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/univision.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 159 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 6cf75a2dc00c4aaa672849df41f901cd
f1dc2962a32d220364923ce6ee7855a9d21a20aa
0d15ffc033dcc15878265026608a21591cc82d1de1f4fe3c6fc0e07e243bd930
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/univision.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2220
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5e20455c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/whats-in-it.png
40.112.243.98200 OK 510 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/whats-in-it.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1148 x 900, 8-bit colormap, non-interlaced\012- data
Size 510 kB (510253 bytes)
Hash a8e68c0b8fc857ed454faa5cad9c869c
5be8c7a101a12c223b86c62c76e6104a125d748e
cc9aa8fd259c660ba18b0b93754c47e9a324f2aaffcaedae2b5d9bdbfb5ec208
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/whats-in-it.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 510253
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1495795c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/traveler.png
40.112.243.98200 OK 2.6 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/traveler.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 107 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e56ab46b01dc0b9615f23d750eb7c76
65674c87cb02af6ca74dcf3bac68bd6803a82ddf
2a622b2278b184518c0f600dad5eae7864c23443e732d75476e7d8c0baacdc74
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/traveler.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2625
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "10c12c5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/reuters.png
40.112.243.98200 OK 3.2 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/reuters.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 146 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 62102294aa1b0579b2c6a3c5add52b53
92f40c07130228c7419a512fc0e08f53a615024f
5151c7945712723b6ac224d010f1fa52d37bd1e8a48a14221a726e6525caaefb
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/reuters.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3235
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "7036235c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/ugc.png
40.112.243.98200 OK 4.9 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/ugc.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 476 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash f5b6f4b8ad7e1df289c83dd4015f9346
0e9a048e3c348c1a6d1db5458dd4e0a0bd65cbdc
db72a946daec1766460be9d25fe0ecfb0fcf814f6378ae6de70025156e188a8a
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/ugc.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4921
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "15f3b5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/wordpress.png
40.112.243.98200 OK 9.5 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/wordpress.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 232 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash a52012cb47b36f2c610afbf0481c089c
f0ff1f3feef7c6347d767e019396549ec6805882
edbf851a2253eeb712d35ee7aef31e6a6eb4218d06c7c5a66d23e6804abfc530
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/wordpress.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 9533
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "cd2bc5c355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:28 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/mobile.png
40.112.243.98200 OK 137 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/mobile.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 137 kB (137372 bytes)
Hash d96597c5a9698e2a3e783d7d4ad92f37
6f41c4c5665b892dff585697d06d344ac6e549aa
da9bb7c6952e5d5a8d0952b5494538f3c3906a6910b2036f9c923010b5c33d49
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/mobile.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 137372
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:11 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "cefaf75b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:27 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.png
40.112.243.98200 OK 334 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/get-paid.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1190 x 828, 8-bit colormap, non-interlaced\012- data
Size 334 kB (333709 bytes)
Hash 06354125987528dad64794dfe0bf5464
320e5ccb00edd481595d5fec5d8a0e7f5c036e7e
7a79d57a9440bb5803f227bef463e267c4d286604c8e66a4ed9114c38a3eafcf
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/get-paid.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 333709
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:11 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "620645b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/edge.png
40.112.243.98200 OK 247 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/edge.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1180 x 660, 8-bit colormap, non-interlaced\012- data
Size 247 kB (246987 bytes)
Hash 7922dc45abf6f6bebf350629e6ebb8ed
6d12fc33e8ed79edfb7946b25b366cbf416afffb
f79d82c0a50950d392b79f3d5d620e666a3fd093381a530da4f3fd239d924d02
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/edge.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 246987
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "405c405b355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:26 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.png
40.112.243.98200 OK 1.3 MB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/03/build-your-brand.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1190 x 828, 8-bit/color RGB, non-interlaced\012- data
Size 1.3 MB (1308287 bytes)
Hash a558a67b034909a8e3f5ca4b1223e21f
fc859ece9c39b2633db0302ced4b4802ae95bab0
34135b3bacf539cde2e9518ab805938dc4a56fe41b8e953db58313a086592486
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/03/build-your-brand.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1308287
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:11 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "1fe8ec5a355ed81:0"
Last-Modified: Mon, 02 May 2022 15:00:25 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png
40.112.243.98200 OK 2.4 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 19d3e69ac575036cd017be290595f562
51548f898f815322d53098dbdb83d83408de08fe
4abe4bbebbba439032d8d36fd068948b4d67cd9f6bf5d7b51d26951ee09698b0
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-32x32.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5; msd365mkttr=6QRxVfg5zOn3vFgAlqZoXeIFZJul7-lOfmAMRlPD; msd365mkttrs=ddcRJ08F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2362
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:11 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "71a7342bd75fd81:0"
Last-Modified: Wed, 04 May 2022 16:51:15 GMT
X-Powered-By: ASP.NET
creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-192x192.png
40.112.243.98200 OK 37 kB URL HTTP/1.1 creator.microsoftstart.com/wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-192x192.png
IP 40.112.243.98:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e3b44a226089073a1d66f32172516aea
8fb8a2cff1ae12d3dd1d65859e3e5eb630b9aa17
1bd99e487d851733dfcb927ff9ac1e58b9886746e51026673fb0beb326408a2b
Analyzer Verdict Alert openphish Office365
GET /wp-content/uploads/2022/05/cropped-cropped-ms-start-logo-192x192.png HTTP/1.1
Host: creator.microsoftstart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: PHPSESSID=o9p9gmmd7183q0obesd52apuk5; msd365mkttr=6QRxVfg5zOn3vFgAlqZoXeIFZJul7-lOfmAMRlPD; msd365mkttrs=ddcRJ08F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 37317
Content-Type: image/png
Date: Thu, 01 Dec 2022 13:10:11 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "4f46132bd75fd81:0"
Last-Modified: Wed, 04 May 2022 16:51:15 GMT
X-Powered-By: ASP.NET
8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/6QRxVfg5zOn3vFgAlqZoXeIFZJul7-lOfmAMRlPD/ddcRJ08F?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=9981908226
52.159.151.194200 OK 1.9 kB URL HTTP/2 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com/t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/6QRxVfg5zOn3vFgAlqZoXeIFZJul7-lOfmAMRlPD/ddcRJ08F?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=9981908226
IP 52.159.151.194:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- C source text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1861), with no line terminators
Hash 7ac974ec2356ae06acf5732f8db4c7ee
8902a946f750994e6a82a2efd35e43d2c481ec8f
af5a3a4b50e409937ad05f3320276331b95e7cb580625d2f70ac808a2a5547af
GET /t/c/U4FqLtRnr3B3hJ7W4kt9Wjt0ZBFDVNMF4DoYm0V5PN4/6QRxVfg5zOn3vFgAlqZoXeIFZJul7-lOfmAMRlPD/ddcRJ08F?trackwebsitevisited=true&ad=https%3A%2F%2Fcreator.microsoftstart.com%2F&rf=&id=9981908226 HTTP/1.1
Host: 8b5b80ac1ce14aba811b14ed1abf8a26.svc.dynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 1861
content-type: text/html; charset=utf-8
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
set-cookie: 79f08280-5c63-4331-b04d-fb6f39afda51=jsnrVUumRJlbVMb3rFYnrvX2T88oZ73l6aZqI-u7_yg; expires=Sat, 30 Nov 2024 13:10:12 GMT; path=/; secure; httponly; SameSite=None
319af4c0-e197-4de9-8a9b-fe98c8a2ca04=jsnrVUumRJlbVMb3rFYnrvX2T88oZ73l6aZqI-u7_yg; path=/; secure; httponly; SameSite=None
x-activity-id: 0bb382fe-192d-4131-a4b6-1ab3b0e400f4
x-servicefabricrequestid: 19d513c4-f9c3-4bb0-8e40-fc6a8756ba55, 39d26beb-0c48-4c6f-8e59-fc43539fb533
x-ms-activity-id: 0bb382fe-192d-4131-a4b6-1ab3b0e400f4
api-deprecated: False
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 13:10:11 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 8511
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1669900208321
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1669900208321
IP 44.241.47.149:0
GET /api/chat/jsonGetVarsContext.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&callback=jsonCallbackchat&_=1669900208321 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=h2OxFGLHzc3JcxxdvTzsKSCqbL6OJjXvdvMuxh8BU3ih5Tg2PevtKx5JQwZ7tVh84xX1NfCsFUyS/kO/xkizQhzeo5T0XEt7ZC8BIbXCzTGMDjm2gHQ3Ll9m399L; JSESSIONID=3E6293C27521A87DF594F695AEAB1EA2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:11 GMT
content-type: text/javascript;charset=UTF-8
set-cookie: AWSALB=raEGnYUGl8SUfYqrJFa62AcoqBckudl5WlDd+YY+/b4mL5sSAwqURZXJ0Eqenr+D7edyduhI6CEu/QVQoKPH0yKrNb+mWElyWfBXNEeZpqz9yKFm5OLHcVdZim2K; Expires=Thu, 08 Dec 2022 13:10:11 GMT; Path=/
AWSALBCORS=raEGnYUGl8SUfYqrJFa62AcoqBckudl5WlDd+YY+/b4mL5sSAwqURZXJ0Eqenr+D7edyduhI6CEu/QVQoKPH0yKrNb+mWElyWfBXNEeZpqz9yKFm5OLHcVdZim2K; Expires=Thu, 08 Dec 2022 13:10:11 GMT; Path=/; SameSite=None; Secure
server: nginx/1.16.1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/siwidget.1.3.js
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/api/chat/siwidget.1.3.js
IP 44.241.47.149:0
GET /api/chat/siwidget.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=raEGnYUGl8SUfYqrJFa62AcoqBckudl5WlDd+YY+/b4mL5sSAwqURZXJ0Eqenr+D7edyduhI6CEu/QVQoKPH0yKrNb+mWElyWfBXNEeZpqz9yKFm5OLHcVdZim2K; JSESSIONID=3E6293C27521A87DF594F695AEAB1EA2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:11 GMT
content-type: application/javascript
set-cookie: AWSALB=bmCwu8pgwIocDgzG3QQR3IBv1/x6erdpfgphv0YBy7jPqD+TMS7A2Vk/YVOKBXgT9xwJ4WUpdGiLlQlsXkjavTayPkhMYbpzNeycmb8uu9lRNwywej788N6XlFtM; Expires=Thu, 08 Dec 2022 13:10:11 GMT; Path=/
AWSALBCORS=bmCwu8pgwIocDgzG3QQR3IBv1/x6erdpfgphv0YBy7jPqD+TMS7A2Vk/YVOKBXgT9xwJ4WUpdGiLlQlsXkjavTayPkhMYbpzNeycmb8uu9lRNwywej788N6XlFtM; Expires=Thu, 08 Dec 2022 13:10:11 GMT; Path=/; SameSite=None; Secure
server: nginx/1.16.1
access-control-allow-origin: *
etag: W/"63635-1668544892000"
last-modified: Tue, 15 Nov 2022 23:41:32 MSK
content-encoding: gzip
X-Firefox-Spdy: h2
www.socialintents.com/assets/css/si-include-chat.min.css
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/assets/css/si-include-chat.min.css
IP 44.241.47.149:0
GET /assets/css/si-include-chat.min.css HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=JPiuQO32voHpdlCMb8jbCv91hfmzkMJLXRY3XkMQnnfU4FSCGDnvx8HW2Xt135fWKd96SBahzVk9s7flPaBh6kamZhJxVSEDOqwdV4tw19xJdrVsKZHToG8H73mB; JSESSIONID=3E6293C27521A87DF594F695AEAB1EA2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:10 GMT
content-type: text/css
set-cookie: AWSALB=h2OxFGLHzc3JcxxdvTzsKSCqbL6OJjXvdvMuxh8BU3ih5Tg2PevtKx5JQwZ7tVh84xX1NfCsFUyS/kO/xkizQhzeo5T0XEt7ZC8BIbXCzTGMDjm2gHQ3Ll9m399L; Expires=Thu, 08 Dec 2022 13:10:10 GMT; Path=/
AWSALBCORS=h2OxFGLHzc3JcxxdvTzsKSCqbL6OJjXvdvMuxh8BU3ih5Tg2PevtKx5JQwZ7tVh84xX1NfCsFUyS/kO/xkizQhzeo5T0XEt7ZC8BIbXCzTGMDjm2gHQ3Ll9m399L; Expires=Thu, 08 Dec 2022 13:10:10 GMT; Path=/; SameSite=None; Secure
server: nginx/1.16.1
access-control-allow-origin: *
etag: W/"5777-1668544892000"
last-modified: Tue, 15 Nov 2022 23:41:32 MSK
cache-control: max-age=864000
expires: Sun, 11 Dec 2022 08:10:10 EST
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/alpinejs@3.7.1/dist/cdn.min.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/alpinejs@3.7.1/dist/cdn.min.js
IP 104.16.125.175:0
GET /alpinejs@3.7.1/dist/cdn.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:08 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"91b0-4rQh4geG7pykXp4ge/uD1c4uE6k"
via: 1.1 fly.io
fly-request-id: 01G4XF127DR67PH99Z1T9RWFXY-fra
cf-cache-status: HIT
age: 15349059
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772c0fb17d9ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/socialintents.1.3.js
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/api/chat/socialintents.1.3.js
IP 44.241.47.149:0
GET /api/chat/socialintents.1.3.js HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=CbzZKn+hdHVy9RdM41BC2LZrwm+DnoP6j2+ZCcspPk/xlbqIHcz5lKHECbKw3/ILlY/pnyhCo/0pJmJ+ReFMzdgFAYXkixm3JBb0kkvhiu5gbHd3YJi3z7laBOiE; JSESSIONID=3E6293C27521A87DF594F695AEAB1EA2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:10 GMT
content-type: application/javascript
set-cookie: AWSALB=JPiuQO32voHpdlCMb8jbCv91hfmzkMJLXRY3XkMQnnfU4FSCGDnvx8HW2Xt135fWKd96SBahzVk9s7flPaBh6kamZhJxVSEDOqwdV4tw19xJdrVsKZHToG8H73mB; Expires=Thu, 08 Dec 2022 13:10:10 GMT; Path=/
AWSALBCORS=JPiuQO32voHpdlCMb8jbCv91hfmzkMJLXRY3XkMQnnfU4FSCGDnvx8HW2Xt135fWKd96SBahzVk9s7flPaBh6kamZhJxVSEDOqwdV4tw19xJdrVsKZHToG8H73mB; Expires=Thu, 08 Dec 2022 13:10:10 GMT; Path=/; SameSite=None; Secure
server: nginx/1.16.1
access-control-allow-origin: *
etag: W/"8854-1668544892000"
last-modified: Tue, 15 Nov 2022 23:41:32 MSK
content-encoding: gzip
X-Firefox-Spdy: h2
www.socialintents.com/api/chat/ping.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&p=https%3A%2F%2Fcreator.microsoftstart.com%2F&t=1669900210630&cvid=null&uid=1669900210630&callback=jsonCallbackchat&_=1669900208322
44.241.47.149200 OK 0 B URL HTTP/2 www.socialintents.com/api/chat/ping.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&p=https%3A%2F%2Fcreator.microsoftstart.com%2F&t=1669900210630&cvid=null&uid=1669900210630&callback=jsonCallbackchat&_=1669900208322
IP 44.241.47.149:0
GET /api/chat/ping.jsp?wid=2c9fa0e17fcdc835017fe66108711ef8&p=https%3A%2F%2Fcreator.microsoftstart.com%2F&t=1669900210630&cvid=null&uid=1669900210630&callback=jsonCallbackchat&_=1669900208322 HTTP/1.1
Host: www.socialintents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creator.microsoftstart.com/
Cookie: AWSALBCORS=bmCwu8pgwIocDgzG3QQR3IBv1/x6erdpfgphv0YBy7jPqD+TMS7A2Vk/YVOKBXgT9xwJ4WUpdGiLlQlsXkjavTayPkhMYbpzNeycmb8uu9lRNwywej788N6XlFtM; JSESSIONID=3E6293C27521A87DF594F695AEAB1EA2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:10:12 GMT
content-type: text/javascript;charset=UTF-8
set-cookie: AWSALB=Oa+g0t1RlzDhRK+9DSWSfzVd8FPZPeYCmF7mxV0UQnkcvmuqskgRDt6G7cbhwOMPGUJL+HbN+3+Buo130ZjuYTiu+RWoussOMSDNdkLcoc0ghv555sAnZ5Szqs+6; Expires=Thu, 08 Dec 2022 13:10:12 GMT; Path=/
AWSALBCORS=Oa+g0t1RlzDhRK+9DSWSfzVd8FPZPeYCmF7mxV0UQnkcvmuqskgRDt6G7cbhwOMPGUJL+HbN+3+Buo130ZjuYTiu+RWoussOMSDNdkLcoc0ghv555sAnZ5Szqs+6; Expires=Thu, 08 Dec 2022 13:10:12 GMT; Path=/; SameSite=None; Secure
server: nginx/1.16.1
content-encoding: gzip
X-Firefox-Spdy: h2