r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8446
Expires: Tue, 31 Jan 2023 20:31:56 GMT
Date: Tue, 31 Jan 2023 18:11:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4962
Expires: Tue, 31 Jan 2023 19:33:52 GMT
Date: Tue, 31 Jan 2023 18:11:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10881
Expires: Tue, 31 Jan 2023 21:12:31 GMT
Date: Tue, 31 Jan 2023 18:11:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cHvrSRyW/X7C5WBGJj+3m8tyK0ndppNeMNLkGkiX6K9zAPqezBc6YXN90wbd/ugSn9vPW+i3IVA=
x-amz-request-id: PSMJ36SNVCE57CT4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 17:22:18 GMT
age: 2932
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 17:43:18 GMT
content-type: application/json
age: 1672
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 18:11:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nswpath-fmis-preprod.powerappsportals.com/
13.77.50.96301 Moved Permanently 0 B URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Tue, 31 Jan 2023 18:11:10 GMT
Location: https://nswpath-fmis-preprod.powerappsportals.com/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 17:49:04 GMT
age: 1327
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5924
Expires: Tue, 31 Jan 2023 19:49:55 GMT
Date: Tue, 31 Jan 2023 18:11:11 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.187.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.187.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qv7DyOEHiIH0I5DTQZo1rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6mGBjCv5Y+iJzaQoHVzqNQyy4lA=
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7c6e16e63be51e4ed749a196458fcba5
62b0e495c24c0e1af71db0ee3ecc3b5015719997
70f4ec1c7b2aa1eec8157abc67084ab7e84b930c572ec136263135c480fcd8bc
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:09 GMT
ETag: "70f4ec1c7b2aa1eec8157abc67084ab7e84b930c572ec136263135c480fcd8bc"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2CC50EB824784EE09A755511F6B5CA1D Ref B: OSL30EDGE0515 Ref C: 2023-01-31T18:11:12Z
Date: Tue, 31 Jan 2023 18:11:11 GMT
nswpath-fmis-preprod.powerappsportals.com/
13.77.50.96200 OK 5.9 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (665), with CRLF, LF line terminators
Hash ef27459044dcf1abd17618bbd10cc0e5
4924e5cad07d52db7fe2de0f6648600cb1267e56
5faa0d2fce3bbe810374b03b20dbd619e6a7f1388074d87d625875ac084c0812
GET / HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Length: 5926
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 18:11:12 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Set-Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; expires=Mon, 01-May-2023 18:11:12 GMT; path=/; secure; HttpOnly; SameSite=None
ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; path=/; secure; HttpOnly; SameSite=None
ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af;Path=/;HttpOnly;Secure;Domain=nswpath-fmis-preprod.powerappsportals.com
ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af;Path=/;HttpOnly;SameSite=None;Secure;Domain=nswpath-fmis-preprod.powerappsportals.com
Vary: Accept-Encoding
x-ms-request-id: d5964fe8-e337-4179-85ed-ca51ad7136c3
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/_resources/getresourcemanager?lang=en-US
13.77.50.96200 OK 9.5 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/_resources/getresourcemanager?lang=en-US
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 0d895986623f9422698ff32f4d883e2b
91771a883d6219c07b930d5d7239924f971f0dcb
1eed7dcac8ec03f19e1c6887661c3d163444dd985aea285b072fd42252f013ec
GET /_resources/getresourcemanager?lang=en-US HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 9548
Content-Type: text/javascript; charset=utf-8
Date: Tue, 31 Jan 2023 18:11:12 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Expires: Wed, 01 Feb 2023 18:11:12 GMT
Last-Modified: Tue, 31 Jan 2023 18:11:12 GMT
Vary: Accept-Encoding
x-ms-request-id: 9a77043f-5c94-4d69-8884-14c049f0995e
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
content.powerapps.com/resource/powerappsportal/dist/app.bundle-edd0bd4a70.js
13.107.238.53200 OK 40 kB URL HTTP/2 content.powerapps.com/resource/powerappsportal/dist/app.bundle-edd0bd4a70.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0d6f4e13814e5e8439ec3e827cdc72d2
0e128d87601162a2a5e7bbd4c6601a27e6e0dc2a
f7a6ed0179aa173739790e7508af6bb9f166f651da2c99738de03416e089efbe
GET /resource/powerappsportal/dist/app.bundle-edd0bd4a70.js HTTP/1.1
Host: content.powerapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 40242
content-type: application/x-javascript
content-encoding: br
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-ms-islandgateway: GA0000003
x-ms-static-content: AL000000G
timing-allow-origin: *
x-servicefabric: NoRetry
x-ms-service-request-id: 8cab6e6c-1c70-44ad-ab53-98abd1788109
x-ms-correlation-id: 7773e421-b0db-447a-bd66-0cb67f4855f1
x-ms-activity-vector: 00.00.00.00
server-timing: x-ms-igw-upstream-headers;dur=498.4,x-ms-igw-req-overhead;dur=0.3
x-content-type-options: nosniff
x-azure-ref-originshield: 01bXYYwAAAAAxiXFb9VXkTq9MgthQ3NbrRlJBMjMxMDUwNDE4MDIxADIxMGZlN2QwLTlhYjEtNDRlMC1iYWY1LWIxYWFiZTExYmExZQ==
x-azure-ref: 0wVnZYwAAAABpuFZJcCTIRYZwNtAZO1FKQ1BIMzBFREdFMDQxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
date: Tue, 31 Jan 2023 18:11:12 GMT
X-Firefox-Spdy: h2
content.powerapps.com/resource/powerappsportal/dist/postpreform.bundle-f4f91a6eb4.js
13.107.238.53200 OK 53 kB URL HTTP/2 content.powerapps.com/resource/powerappsportal/dist/postpreform.bundle-f4f91a6eb4.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (40194)
Hash 8b3d154724bcb4996496a0ace4279b67
3fab097937a175013bae736654cdb6ed7f0b9131
3ed90e3dbce81aa6142de2704b60e80b58d141f7d7c413d11f527907f9c7fd96
GET /resource/powerappsportal/dist/postpreform.bundle-f4f91a6eb4.js HTTP/1.1
Host: content.powerapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 52614
content-type: application/x-javascript
content-encoding: br
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-ms-islandgateway: GA0000001
x-ms-static-content: AL000000O
timing-allow-origin: *
x-servicefabric: NoRetry
x-ms-service-request-id: 47ee8515-a669-4531-90b6-4d33cd36c17a
x-ms-correlation-id: ca02d6c2-9b61-4f60-abcb-38686e30a588
x-ms-activity-vector: 00.00.00.00
server-timing: x-ms-igw-upstream-headers;dur=498.2,x-ms-igw-req-overhead;dur=0.3
x-content-type-options: nosniff
x-azure-ref-originshield: 0EzbZYwAAAABHPayWNNHoRaaxos6v+7EKRlJBMjMxMDUwNDE4MDM3ADIxMGZlN2QwLTlhYjEtNDRlMC1iYWY1LWIxYWFiZTExYmExZQ==
x-azure-ref: 0wVnZYwAAAAC5yoxVRaMaQpxtnSPmeSB+Q1BIMzBFREdFMDQxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
date: Tue, 31 Jan 2023 18:11:12 GMT
X-Firefox-Spdy: h2
content.powerapps.com/resource/powerappsportal/dist/preform.bundle-b5b35d8c46.css
13.107.238.53200 OK 16 kB URL HTTP/2 content.powerapps.com/resource/powerappsportal/dist/preform.bundle-b5b35d8c46.css
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (64632), with CRLF line terminators
Hash a4ec11c26117ae591f5472f40fa3b9cf
8f39bfec4b22ac2fd6cdcbf5fcff61bc8111feba
873150cae53566b9986bbb78aafdc1f4fa227806fd52962170d8ca8e11c5a7a9
GET /resource/powerappsportal/dist/preform.bundle-b5b35d8c46.css HTTP/1.1
Host: content.powerapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 16155
content-type: text/css
content-encoding: br
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-ms-islandgateway: GA0000003
x-ms-static-content: al000000Q
timing-allow-origin: *
x-servicefabric: NoRetry
x-ms-service-request-id: c769bd16-7ba5-436d-943e-0b7d69f0b5a9
x-ms-correlation-id: f1b7c6d4-c31a-413b-ad59-67acf91f8dff
x-ms-activity-vector: 00.00.00.00
server-timing: x-ms-igw-upstream-headers;dur=392.7,x-ms-igw-req-overhead;dur=0.3
x-content-type-options: nosniff
x-azure-ref-originshield: 0pUXZYwAAAABAaMBoiyrwS5qcWvW3Z1LBRlJBMjMxMDUwNDE4MDExADIxMGZlN2QwLTlhYjEtNDRlMC1iYWY1LWIxYWFiZTExYmExZQ==
x-azure-ref: 0wVnZYwAAAACYz7tyfWhxQaAQGMk7lJbLQ1BIMzBFREdFMDQxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
date: Tue, 31 Jan 2023 18:11:12 GMT
X-Firefox-Spdy: h2
content.powerapps.com/resource/powerappsportal/dist/default-1033.bundle-eda4e638fd.js
13.107.238.53200 OK 174 B URL HTTP/2 content.powerapps.com/resource/powerappsportal/dist/default-1033.bundle-eda4e638fd.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (361), with no line terminators
Hash b1dbbb0ec99260a111c7e31e86d56e89
47934c859db9420630748a37eb148da8ef819121
004e73c6f17b3251ff642da7e0711b5545abc3d8fab788661228eef9d21afc97
GET /resource/powerappsportal/dist/default-1033.bundle-eda4e638fd.js HTTP/1.1
Host: content.powerapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 174
content-type: application/x-javascript
content-encoding: br
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-ms-islandgateway: GA0000002
x-ms-static-content: AL000000J
timing-allow-origin: *
x-servicefabric: NoRetry
x-ms-service-request-id: 83416137-1202-4e2a-8666-e6121cce6fb7
x-ms-correlation-id: 592e30e0-18b2-46e6-92a8-c8e5b29bd6e9
x-ms-activity-vector: 00.00.00.00
server-timing: x-ms-igw-upstream-headers;dur=395.3,x-ms-igw-req-overhead;dur=0.3
x-content-type-options: nosniff
x-azure-ref-originshield: 0NmjYYwAAAAC+foihtbYIQ695Mjilg6D3RlJBMjMxMDUwNDE3MDUxADIxMGZlN2QwLTlhYjEtNDRlMC1iYWY1LWIxYWFiZTExYmExZQ==
x-azure-ref: 0wVnZYwAAAACCHzZhdMewSqdLi50eULmRQ1BIMzBFREdFMDQxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
date: Tue, 31 Jan 2023 18:11:12 GMT
X-Firefox-Spdy: h2
content.powerapps.com/resource/powerappsportal/dist/pcf.bundle-bb82d8b481.js
13.107.238.53200 OK 172 kB URL HTTP/2 content.powerapps.com/resource/powerappsportal/dist/pcf.bundle-bb82d8b481.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (28287)
Size 172 kB (172527 bytes)
Hash 66d0d183434ab5c9154e24e82d6196d7
8e66112725824a7de77ff5b120e01a4449394868
6ae798c8388ed62a86de9f30cdb39e958a8ba798494f6804bf70042842b80ab2
GET /resource/powerappsportal/dist/pcf.bundle-bb82d8b481.js HTTP/1.1
Host: content.powerapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 172527
content-type: application/x-javascript
content-encoding: br
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-ms-islandgateway: GA0000004
x-ms-static-content: al000000T
timing-allow-origin: *
x-servicefabric: NoRetry
x-ms-service-request-id: f5e60326-79fe-4c2c-9309-83a661fbb961
x-ms-correlation-id: b9cc954f-0ffe-429f-84ab-68388946dc0a
x-ms-activity-vector: 00.00.00.00
server-timing: x-ms-igw-upstream-headers;dur=614.1,x-ms-igw-req-overhead;dur=0.2
x-content-type-options: nosniff
x-azure-ref-originshield: 0hmnYYwAAAAA4mIgYG315Tb1J2Xty2qMZRlJBMjMxMDUwNDE3MDExADIxMGZlN2QwLTlhYjEtNDRlMC1iYWY1LWIxYWFiZTExYmExZQ==
x-azure-ref: 0wVnZYwAAAAD03sf1hIUTSJ8JKdChVo8cQ1BIMzBFREdFMDQxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
date: Tue, 31 Jan 2023 18:11:12 GMT
X-Firefox-Spdy: h2
nswpath-fmis-preprod.powerappsportals.com/js/pcf/fela.js
13.77.50.96200 OK 17 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/js/pcf/fela.js
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (11840), with CRLF line terminators
Hash 546603b83d1b0251419d18256da4bbf0
6e637c50290107c8cebc4f5c7c265896cbd42d1e
a6bc7cb3fb2f27cc778c88b4ca2ea323119c12f7e468d7638df7c595d5a77f46
GET /js/pcf/fela.js HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 17320
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:12 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "06c36511aead81:0"
Last-Modified: Thu, 27 Oct 2022 15:39:36 GMT
Vary: Accept-Encoding
x-ms-request-id: 6af45ab2-4f2f-44bc-b515-13f3322203f1
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2525
Expires: Tue, 31 Jan 2023 18:53:18 GMT
Date: Tue, 31 Jan 2023 18:11:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 58478
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2525
Expires: Tue, 31 Jan 2023 18:53:18 GMT
Date: Tue, 31 Jan 2023 18:11:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 73376
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 59314
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 51621
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yDsY-3qpBlHMG9YWRQNiMNN3Ml1H4xQNKIO3D9u57sOPFW5hu_bQXQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:54:44 GMT
age: 72989
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 53197
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nswpath-fmis-preprod.powerappsportals.com/css/glyphicons-font-awesome-migrate.min.css
13.77.50.96200 OK 3.9 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/css/glyphicons-font-awesome-migrate.min.css
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (13123), with CRLF line terminators
Hash f642ec213a3b620bab8b5f8df6a4c0f2
80701be3cd878cef2e2af5328677a755de150230
7b5706f7dd29fc65d47ed177e2eefb200e466b2048945155a938829a754bdc16
GET /css/glyphicons-font-awesome-migrate.min.css HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3865
Content-Type: text/css
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "080216b15ead81:0"
Last-Modified: Thu, 27 Oct 2022 15:04:32 GMT
Vary: Accept-Encoding
x-ms-request-id: 6876300f-5509-4262-ac60-a96756195b55
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/css/offlinenotification.css
13.77.50.96200 OK 506 B URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/css/offlinenotification.css
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash baf3cb83172935050fb9374495a40b5c
4a932ce22f7e85307f7496e8c0cfebc1d1d474c8
10fd886bf74bb37fc3d724795e00608d92b839dd2c8f66a4420a4c9337ec57df
GET /css/offlinenotification.css HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 506
Content-Type: text/css
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "080216b15ead81:0"
Last-Modified: Thu, 27 Oct 2022 15:04:32 GMT
Vary: Accept-Encoding
x-ms-request-id: 29edaa63-9a81-4263-8fbf-57e8723e97ea
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/theme.css?1650491425000
13.77.50.96200 OK 15 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/theme.css?1650491425000
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text, with CRLF line terminators
Hash 993ff573c167894f40def4772a81a04d
f7d9cd290ebd09e328501798bc558b7c19827d44
fd1fe24f890dd9944334c4aea4b6719113626d6bdf455acd16be684c99a6e4e5
GET /theme.css?1650491425000 HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 15011
Content-Type: text/css
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public, max-age=3600
Content-Encoding: gzip
ETag: srmwrxKuOoGzD6jZ8Auvr/w8akCKD3F6NqLT54tMkcM=
Expires: Tue, 31 Jan 2023 19:11:13 GMT
Last-Modified: Wed, 20 Apr 2022 21:50:25 GMT
Vary: Accept-Encoding
x-ms-request-id: 0b1aa764-25a0-4fc2-84e7-aaac4b391bd1
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline;filename*=UTF-8''themeV2.1.css
nswpath-fmis-preprod.powerappsportals.com/js/pcf/prop-types.js
13.77.50.96200 OK 28 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/js/pcf/prop-types.js
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (849), with CRLF line terminators
Hash da7e1bab241d01d0612be3802af13ea1
74c3dd5d12df686db7510a1e677b70ac34815e70
c4ed8594a92317629afb7fd0734904b5e3dffbc0e3715b37186d05453fee727a
GET /js/pcf/prop-types.js HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 27882
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "031de481aead81:0"
Last-Modified: Thu, 27 Oct 2022 15:39:22 GMT
Vary: Accept-Encoding
x-ms-request-id: ab654588-4321-415b-8497-1e71ea60ac75
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/js/pcf/react-fela.js
13.77.50.96200 OK 22 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/js/pcf/react-fela.js
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (26378), with CRLF line terminators
Hash 373e17d44e95e2a8af07f028757b8e36
7cf6eb6854270d7080ec7b35aa4af75fa2de405e
f045a8090c033805fbaf70a8f95946c1a8bf165786e109d395536e99876409e5
GET /js/pcf/react-fela.js HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 22020
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "04a706b1aead81:0"
Last-Modified: Thu, 27 Oct 2022 15:40:20 GMT
Vary: Accept-Encoding
x-ms-request-id: 7cdf27b3-f570-4b45-978b-8df46b383b34
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/js/pcf/fela-dom.js
13.77.50.96200 OK 17 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/js/pcf/fela-dom.js
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (11797), with CRLF line terminators
Hash 12a9c22c8b7bfff0b057f214d80c658d
9535e2a8d7395fd2f3927b01c941c5a9ac2a8d8b
a8b4d5d0a845b51504b81ccfb166ecacf6808336f0aca39b19d5c4f90df18c1c
GET /js/pcf/fela-dom.js HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 17084
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "0c3dc671aead81:0"
Last-Modified: Thu, 27 Oct 2022 15:40:14 GMT
Vary: Accept-Encoding
x-ms-request-id: fed5d11b-8f0f-44fa-8c52-72a201dfe6ea
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZHBuqxHlZRUzPX8fxVMAZYR3nCNxGPB8alSgsMD2LAdfFRY33VBypL0s-oRoRkaoyA2&t=638032879433517673
13.77.50.96200 OK 6.0 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZHBuqxHlZRUzPX8fxVMAZYR3nCNxGPB8alSgsMD2LAdfFRY33VBypL0s-oRoRkaoyA2&t=638032879433517673
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZHBuqxHlZRUzPX8fxVMAZYR3nCNxGPB8alSgsMD2LAdfFRY33VBypL0s-oRoRkaoyA2&t=638032879433517673 HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6007
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public
Content-Encoding: gzip
Expires: Wed, 31 Jan 2024 18:11:13 GMT
Last-Modified: Sat, 05 Nov 2022 23:32:23 GMT
Vary: Accept-Encoding
x-ms-request-id: c6973410-e523-4719-8aed-1a4cf82aa179
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvj3modMM3MhFInyzAbnYYK4J311yftRvNzPSCjsJfFfHur1B02fdmFosR5y-x3KeuL9HN3kcX_Kouo7a77_MbdjzkMK6i_Ql8ledP_nuS4BGIBfOgsxZcszZIkMioHn43WTjPoEgec9KNADW1Zyq42M1&t=49337fe8
13.77.50.96200 OK 26 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvj3modMM3MhFInyzAbnYYK4J311yftRvNzPSCjsJfFfHur1B02fdmFosR5y-x3KeuL9HN3kcX_Kouo7a77_MbdjzkMK6i_Ql8ledP_nuS4BGIBfOgsxZcszZIkMioHn43WTjPoEgec9KNADW1Zyq42M1&t=49337fe8
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65326), with CRLF line terminators
Hash b62553925bd98826c60457d2eb6b9a46
84dbbb6d9b36a587c21b5a56b1d9e587e33ba943
c58166fe4df4ba8f25a960c21451eaf841d97f6f552f104e43431c9db1c2e2cc
GET /ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvj3modMM3MhFInyzAbnYYK4J311yftRvNzPSCjsJfFfHur1B02fdmFosR5y-x3KeuL9HN3kcX_Kouo7a77_MbdjzkMK6i_Ql8ledP_nuS4BGIBfOgsxZcszZIkMioHn43WTjPoEgec9KNADW1Zyq42M1&t=49337fe8 HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 25609
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public
Content-Encoding: gzip
Expires: Wed, 31 Jan 2024 18:11:14 GMT
Last-Modified: Tue, 31 Jan 2023 18:11:14 GMT
x-ms-request-id: d280e9f2-2758-47d7-9b38-170ac10360a8
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OOZ_cuUsm8szt3OoJDY2V5A8oMVHwI4W5CYoSZB1Fp7Idnc1QeS6iCmnxB_2GOTFmcgyYHX5cQ8NS0NlhkNl0QedbO2F57Ebo1Ply4s4M3-Vg5JxIl17nPqdZeA5NB3cDKQUuRn5c9HlcDx_69RMi-w1&t=49337fe8
13.77.50.96200 OK 10 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OOZ_cuUsm8szt3OoJDY2V5A8oMVHwI4W5CYoSZB1Fp7Idnc1QeS6iCmnxB_2GOTFmcgyYHX5cQ8NS0NlhkNl0QedbO2F57Ebo1Ply4s4M3-Vg5JxIl17nPqdZeA5NB3cDKQUuRn5c9HlcDx_69RMi-w1&t=49337fe8
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (39257), with CRLF line terminators
Hash 027a7d52e1ceed8aef7dc13505b81d36
33cf0bce6a4c8b44b4a80b3116c978c12ee93fd0
29061464fb6fce2326b952eacaa95c3c6183bfea74c3851390e9838720d372a6
GET /ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OOZ_cuUsm8szt3OoJDY2V5A8oMVHwI4W5CYoSZB1Fp7Idnc1QeS6iCmnxB_2GOTFmcgyYHX5cQ8NS0NlhkNl0QedbO2F57Ebo1Ply4s4M3-Vg5JxIl17nPqdZeA5NB3cDKQUuRn5c9HlcDx_69RMi-w1&t=49337fe8 HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 9984
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public
Content-Encoding: gzip
Expires: Wed, 31 Jan 2024 18:11:14 GMT
Last-Modified: Tue, 31 Jan 2023 18:11:14 GMT
x-ms-request-id: 45403364-d110-4f44-b7d8-d420b4f601b2
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/bootstrap.min.css?1649764818000
13.77.50.96200 OK 64 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/bootstrap.min.css?1649764818000
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (64843), with CRLF line terminators
Hash 50466eb3c1b991ef8360f798b6ef4dd0
0190dbdbaa2b3c2f0daa95b783d9c790f9db4cee
263485e2aa700f10432ce5a1808a7c004521154d3d1eee030c5139ae40d60e2d
GET /bootstrap.min.css?1649764818000 HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 64042
Content-Type: text/css
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public, max-age=3600
Content-Encoding: gzip
ETag: 1eZnw6LT6Bapqx3C6colW1Y13tVzCaLCzohUklmmvjM=
Expires: Tue, 31 Jan 2023 19:11:13 GMT
Last-Modified: Tue, 12 Apr 2022 11:59:02 GMT
Vary: Accept-Encoding
x-ms-request-id: 725a3381-17e5-46e1-ab77-729c4a59a541
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline;filename*=UTF-8''BootstrapV3-V4.min.css
nswpath-fmis-preprod.powerappsportals.com/nsw-logo
13.77.50.96200 OK 19 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/nsw-logo
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 257 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c639025b8850405405ba9945fc913e3
27755885b7b6536563c3da8189e2edc0fa523a5d
bc7f178b3a826ceb49fb9a73db13f2e7412824ff886037e0ec3c6ace67f82235
GET /nsw-logo HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 19026
Content-Type: image/png
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: private, max-age=3600
Expires: Tue, 31 Jan 2023 19:11:14 GMT
Last-Modified: Tue, 12 Apr 2022 11:58:58 GMT
x-ms-request-id: b6e90d0a-5cb6-49fd-b599-00ba932648e2
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline;filename*=UTF-8''NSW-logo.png
nswpath-fmis-preprod.powerappsportals.com/fonts/glyphicons-halflings-regular.woff2
13.77.50.96200 OK 18 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/fonts/glyphicons-halflings-regular.woff2
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/bootstrap.min.css?1649764818000
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 18028
Content-Type: application/font-woff2
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
ETag: "080216b15ead81:0"
Last-Modified: Thu, 27 Oct 2022 15:04:32 GMT
x-ms-request-id: 2d46a594-32af-424e-8d95-40ba620dd0e0
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/PublicSans-Regular
13.77.50.96200 OK 56 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/PublicSans-Regular
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 16 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright (c) 2015, Impallari Type (www.impallari.com)Public SansRegular1.007;NONE;PublicSans-Re\012- data
Hash 2ae2eb250f2d7264c3db2a7aadb47f1f
1fc453569359125a2a6ad60dd0289a468895972e
e10a00a863fcfffe936af8d54684e6acea97e5e91d0733696eccac6bd1fff134
GET /PublicSans-Regular HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/theme.css?1650491425000
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 56424
Content-Type: application/octet-stream
Date: Tue, 31 Jan 2023 18:11:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: private, max-age=3600
Expires: Tue, 31 Jan 2023 19:11:14 GMT
Last-Modified: Tue, 12 Apr 2022 11:59:03 GMT
x-ms-request-id: 5860dab6-3ca3-4c19-9369-8411c9b4e6e1
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline;filename*=UTF-8''PublicSans-Regular.ttf
nswpath-fmis-preprod.powerappsportals.com/PublicSans-Bold
13.77.50.96200 OK 57 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/PublicSans-Bold
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 16 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright (c) 2015, Impallari Type (www.impallari.com)Public SansBold1.007;NONE;PublicSans-BoldP\012- data
Hash 0c5a6e21b9435203276a4e445c31b9e1
6e494372ae9640b7d3010a71cc556d2310ac6454
53fde909c8448a9e606366344fd71aa05e6d9cd4bed9af3e27cbb5aa239f8186
GET /PublicSans-Bold HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/theme.css?1650491425000
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 56580
Content-Type: application/octet-stream
Date: Tue, 31 Jan 2023 18:11:14 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: private, max-age=3600
Expires: Tue, 31 Jan 2023 19:11:14 GMT
Last-Modified: Tue, 12 Apr 2022 11:59:04 GMT
x-ms-request-id: 4b365f95-6ebb-4591-a274-618aabf19770
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline;filename*=UTF-8''PublicSans-Bold.ttf
nswpath-fmis-preprod.powerappsportals.com/js/pcf/fluentui-react.js
13.77.50.96200 OK 363 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/js/pcf/fluentui-react.js
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65464)
Size 363 kB (363073 bytes)
Hash 05c6a94739b4f119b72841a7f6c62a84
3bec5fbcf915eac170fd0710d7473b88f1061eaa
8bed1434e6c04b9b7177a4316f2f66fbbfe7c0b50e48a1d9921e3fb02573e938
GET /js/pcf/fluentui-react.js HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 363073
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "0c3dc671aead81:0"
Last-Modified: Thu, 27 Oct 2022 15:40:14 GMT
Vary: Accept-Encoding
x-ms-request-id: 5513691a-0c97-4849-b347-24ce65867692
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/~/css/defaultpcfstyle.css
13.77.50.96302 Found 141 B URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/~/css/defaultpcfstyle.css
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 356c5d3062b4fbc904843395615d33eb
19169c67f0f1db71d08708169f006897a7c5f8ce
7736e25e339016a53376aae62f4f3011c55134c00bf57aed3c7d49e0755a1988
GET /~/css/defaultpcfstyle.css HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Length: 141
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 18:11:14 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Location: /css/defaultpcfstyle.css
x-ms-request-id: 0a1cc3b2-1754-47a5-9a73-8bfc93ecf98c
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/css/defaultpcfstyle.css
13.77.50.96200 OK 2.9 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/css/defaultpcfstyle.css
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2abcde5492dd972947c1896baecebcdd
c5f539e87e587f6f260dea4e46baf7b372c35df8
d526dbcd75b448f8edd33afe6b4078fd5e35941ee8925f657a7b6024f3092378
GET /css/defaultpcfstyle.css HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Connection: keep-alive
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; timezoneoffset=0; isDSTSupport=false; isDSTObserved=false; ContextLanguageCode=en-US
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2927
Content-Type: text/css
Date: Tue, 31 Jan 2023 18:11:15 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "080216b15ead81:0"
Last-Modified: Thu, 27 Oct 2022 15:04:32 GMT
Vary: Accept-Encoding
x-ms-request-id: 06cda61b-9858-48ba-96a3-754cb1284852
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
nswpath-fmis-preprod.powerappsportals.com/favicon.ico
13.77.50.96404 Not Found 15 kB URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/favicon.ico
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (432), with CRLF, LF line terminators
Hash cc81c9fe0eb5b1f228501c752ee7c08f
4bed2fae5c5100ba0067496469ec9771f3049188
ef0bdc8a5dcd2c890c53b6949791f8b8189739957182163da759b4a508209a15
GET /favicon.ico HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 14685
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 18:11:15 GMT
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
x-ms-request-id: 2ef2af89-df8c-4b2a-9024-f8dbc75bbd9d
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 76075
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nswpath-fmis-preprod.powerappsportals.com/js/pcf/loadPcfControls.js
13.77.50.96200 OK 0 B URL HTTP/1.1 nswpath-fmis-preprod.powerappsportals.com/js/pcf/loadPcfControls.js
IP 13.77.50.96:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/pcf/loadPcfControls.js HTTP/1.1
Host: nswpath-fmis-preprod.powerappsportals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Cookie: Dynamics365PortalAnalytics=2kvqXD4-h5wOeWcQfIo4zKPrechApmFC7RR3XM-arPPtIPG6fOKegEJIpPHFXPI0rcSoe7b-AaX9ZPMXzoiF_ezMz0BLcCyU8-vVTDV2ceGatFyYEb_ijg9wlIp-9I25LPaRo7S-4Ryxe1HE-dvqtQ2; ASP.NET_SessionId=3rawe3lgbc4ccdufxxert4gy; ARRAffinity=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af; ARRAffinitySameSite=98f3d7fdc87b7c13f12662cb8fd272c3e6464d14745e739c25b8a0ab6ed3d5af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 12449
Content-Type: application/x-javascript
Date: Tue, 31 Jan 2023 18:11:13 GMT
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://nswhpsmcnp.b2clogin.com
Cache-Control: public,max-age=604800
Content-Encoding: gzip
ETag: "082c881aead81:0"
Last-Modified: Thu, 27 Oct 2022 15:41:08 GMT
Vary: Accept-Encoding
x-ms-request-id: 9158f2e0-6fed-4088-89a9-ba5928e7a54c
x-ms-portal-app: site-9bdde8c5-a740-49bd-9ef2-c8eb33cf829c-AUse
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
img0.img.9xiuzb.com/download/9xiu_game/9ShowGame.exe?v=1674891029
36.250.251.132200 OK 0 B URL HTTP/1.1 img0.img.9xiuzb.com/download/9xiu_game/9ShowGame.exe?v=1674891029
IP 36.250.251.132:0
ASN #4837 CHINA UNICOM China169 Backbone
NIDS Severity Alert suricata high ET POLICY PE EXE or DLL Windows file download HTTP
GET /download/9xiu_game/9ShowGame.exe?v=1674891029 HTTP/1.1
Host: img0.img.9xiuzb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: Byte-nginx
Content-Type: application/octet-stream
Content-Length: 49475392
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 14
Etag: "5cde60cc-2f2ef40"
Last-Modified: Fri, 17 May 2019 07:20:44 GMT
Via: cache64.czmp,cache01.fjqzcu
X-Bdcdn-Cache-Status: TCP_MISS,TCP_HIT
X-M-Log: QNM:bc1033;SRCPROXY:bc1020;SRC:4;SRCPROXY:5;QNM3:14
X-M-Reqid: Pk4AAOC69ow1dz8X
X-Qnm-Cache: Miss
X-Request-Ip: 91.90.42.154
X-Response-Cache: parent_hit
X-Response-Cinfo: 91.90.42.154
X-Tt-Trace-Tag: id=5
Date: Tue, 31 Jan 2023 18:11:12 GMT
content.powerapps.com/resource/powerappsportal/dist/preform.bundle-238a2fff81.js
13.107.238.53200 OK 0 B URL HTTP/2 content.powerapps.com/resource/powerappsportal/dist/preform.bundle-238a2fff81.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /resource/powerappsportal/dist/preform.bundle-238a2fff81.js HTTP/1.1
Host: content.powerapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nswpath-fmis-preprod.powerappsportals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 131769
content-type: application/x-javascript
content-encoding: br
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-ms-islandgateway: GA0000004
x-ms-static-content: SI0000000
timing-allow-origin: *
x-servicefabric: NoRetry
x-ms-service-request-id: 7556f0bb-18ca-422c-aa83-a41d54f5fafd
x-ms-correlation-id: 8b6e9d83-ddba-4390-b04d-d7089980ac1c
x-ms-activity-vector: 00.00.00.00
server-timing: x-ms-igw-upstream-headers;dur=708.3,x-ms-igw-req-overhead;dur=0.2
x-content-type-options: nosniff
x-azure-ref-originshield: 0O0TZYwAAAADH27GitSevSYUm9xBdzBMmRlJBMjMxMDUwNDE3MDUxADIxMGZlN2QwLTlhYjEtNDRlMC1iYWY1LWIxYWFiZTExYmExZQ==
x-azure-ref: 0wVnZYwAAAAC4IVR7u1hjTKbSspwDKNDbQ1BIMzBFREdFMDQxNQAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
date: Tue, 31 Jan 2023 18:11:12 GMT
X-Firefox-Spdy: h2