r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10266
Expires: Tue, 04 Oct 2022 01:37:00 GMT
Date: Mon, 03 Oct 2022 22:45:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 21:46:59 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8EIpU7VwigV3aB4D3jCYogu2H5JtVKu5NDwgbZYAP7S1IJS0aVv92A==
Age: 3535
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b8769801e8712cb7b401b5752da2c2
30d14bf20b20507a4fda3d7dbee9fbba7327139a
69d097718cac37cc6b77d417711c4356557f2b47c78026303bfe5f985b94a5a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3115
Expires: Mon, 03 Oct 2022 23:37:49 GMT
Date: Mon, 03 Oct 2022 22:45:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 12yn3ZG5sihTHtUOoRRIwmhMlmg//iX22XPVsk+ffcB01JyYOPHZbo5KrjAO7Jv5cJ5L0BBbiLw=
x-amz-request-id: BN5K6CT762XFVQ5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Oct 2022 21:50:48 GMT
age: 3306
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 22:45:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 22:29:33 GMT
Expires: Mon, 03 Oct 2022 23:08:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x63eYMASUEG6VXPAa1hhog0rUvLwFCn5oTpsCxGKz2_OIgANN6wnXA==
Age: 982
fe3.microsoft-outlook-update.workers.dev/
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 474b36223bdbf0ae9289d9264ee82da9
18afff756e0b1fa5d0b2780dc5582d0778db3333
9f46d5b775ca2676b0a2c906d3bde0a0326ff967ccb99c463634f56007a1a23d
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET / HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935f5fed5fac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOLFSBCA:00000083
x-operationid: 93044ccc5c5669df447b9eb6e6dca8cd
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHpPIPI6mtOjoD%2FuzNYZ1RHv0yBfIvZMZSAcJrICE2G8wWCmOlC3%2BWj%2F6R6pxK%2BvkNGt%2FBmu%2BcEPvq%2FGO7zcprIaP7wldxK4ah17zagiDEkcQxxzC4Ns7LbjEwNw54ilKWd4AieXd7k2amju372tl05Q3LGAzk%2F0JMCC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5933
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 22:45:55 GMT
Last-Modified: Mon, 03 Oct 2022 21:07:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.1.min.js
152.199.19.160200 OK 31 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash 01ed540a1edc0b1cae4b91ef5d576be3
0f4aa0ea331348a4c2bca0f3898dd681646455c4
da348028c4b581592016ee99ec4ee38cdaaac87d2c0317962c52c18a9338a101
GET /ajax/jQuery/jquery-3.5.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 4593680
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 03 Oct 2022 22:45:55 GMT
etag: "80e72fc8fd6fd61:0"
last-modified: Tue, 11 Aug 2020 16:38:03 GMT
server: ECAcc (ska/F74F)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30976
X-Firefox-Spdy: h2
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c382642ff4ee9103f781022efb2e0b47
4534d1d28343b73331df1c9d8ee5aaab270edf33
2163acf648cdbcbfd0c8b45d1372a0afdc7043badf700c32f14cdb60034d2ba0
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 08 Oct 2022 15:50:09 GMT
Last-Modified: Mon, 03 Oct 2022 13:09:34 GMT
ETag: "2163acf648cdbcbfd0c8b45d1372a0afdc7043badf700c32f14cdb60034d2ba0"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 4DB0007E5ECD4030B6341B5034C7DCB3 Ref B: OSL30EDGE0320 Ref C: 2022-10-03T22:45:55Z
Date: Mon, 03 Oct 2022 22:45:54 GMT
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash cf64f0ab00bb81d0ee98e63251bdb0ce
f2d4ea7a4c462a93b6607993e37bd3a9978a53b5
5eb2eb2f1544f80e4ee140c7b704adf6ef1077b902ac583f2644f02af2f5f065
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 08 Oct 2022 15:50:09 GMT
Last-Modified: Mon, 03 Oct 2022 13:09:34 GMT
ETag: "5eb2eb2f1544f80e4ee140c7b704adf6ef1077b902ac583f2644f02af2f5f065"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: EADE8E4EF7674C009ADE4D8FC4751686 Ref B: OSL30EDGE0409 Ref C: 2022-10-03T22:45:55Z
Date: Mon, 03 Oct 2022 22:45:55 GMT
statics-marketingsites-neu-ms-com.akamaized.net/statics/override.css
23.36.76.114200 OK 473 B URL HTTP/1.1 statics-marketingsites-neu-ms-com.akamaized.net/statics/override.css
IP 23.36.76.114:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (342), with CRLF line terminators
Hash a40589609d8e75c109e93abbff0dcf60
76ae9c943d54022e24b90467713a73a431eddd6d
2c959c2618be84448b26de18639db8a66126449c6ebb29f4f6d33e00adb5b069
GET /statics/override.css HTTP/1.1
Host: statics-marketingsites-neu-ms-com.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
ETag: 0x8D6EEC3A2D67C35
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7502d9a5-901e-0068-28c4-66545b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 473
Unused62: 8096267
Date: Mon, 03 Oct 2022 22:45:55 GMT
Connection: keep-alive
wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
13.107.219.53200 OK 82 kB URL HTTP/2 wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (63888), with no line terminators
Hash e51f388b62281af5b4a9193cce419941
364f3d737462b7fd063107fe2c580fdb9781a45a
348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c
GET /mscc/lib/v2/wcp-consent.js HTTP/1.1
Host: wcpstatic.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=43200
content-length: 81726
content-type: application/javascript
content-encoding: gzip
content-md5: X1JOIM5h9UISVFS6+GfEew==
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
age: 41547
etag: 0x8DA85F6EA62BF74
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 100e6c8d-801e-001b-4e19-d7a246000000
x-ms-version: 2009-09-19
x-azure-ref: 0I2Y7YwAAAAAzmRyQzYdpTq+oNpahzJoHT1NMMjMxMDUwMjAzMDE3ADM5YjQ2MTU3LWNiOWUtNDliNy1hNjVhLTg3MjJhM2Y4MjRlNA==
date: Mon, 03 Oct 2022 22:45:55 GMT
X-Firefox-Spdy: h2
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c382642ff4ee9103f781022efb2e0b47
4534d1d28343b73331df1c9d8ee5aaab270edf33
2163acf648cdbcbfd0c8b45d1372a0afdc7043badf700c32f14cdb60034d2ba0
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 08 Oct 2022 15:50:09 GMT
Last-Modified: Mon, 03 Oct 2022 13:09:34 GMT
ETag: "2163acf648cdbcbfd0c8b45d1372a0afdc7043badf700c32f14cdb60034d2ba0"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 5C9FDDBC3C1B492192F0411E597F3A2C Ref B: OSL30EDGE0320 Ref C: 2022-10-03T22:45:55Z
Date: Mon, 03 Oct 2022 22:45:54 GMT
support.microsoft.com/SocContent/topNavCss
23.38.200.116200 OK 1.2 kB URL HTTP/1.1 support.microsoft.com/SocContent/topNavCss
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (4186), with no line terminators
Hash 478d21e3b23593406d83049036421157
0c690ca47e7d9ebe54d85dd76c4b0c949b0ec27b
647a08572d1b764fe0e28f24a4eac4bfaa183b55f5bfb5b1ac2223004abb3fc7
GET /SocContent/topNavCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: fba63915-903b-41c1-be70-30ba2d231c02
X-UserSessionId: fba63915-903b-41c1-be70-30ba2d231c02
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Length: 1178
Connection: keep-alive
Set-Cookie: EXPID=c981a2d9-574b-4dc1-ae28-a9345db2a1aa; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/officeShared
23.38.200.116200 OK 636 B URL HTTP/1.1 support.microsoft.com/SocContent/officeShared
IP 23.38.200.116:0
File type ASCII text, with very long lines (1576), with no line terminators
Hash c552445dfdd7ea4de00874233e3d88cc
2ba812615470808e26780d736122c7d46c2bec0e
ba5215c29d63a42b9cef03ab2506f7a28f3446880a5e7c5b38f47cb809da637c
GET /SocContent/officeShared HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: b6cb0957-a449-46ab-9f9d-8730aa03d712
X-UserSessionId: b6cb0957-a449-46ab-9f9d-8730aa03d712
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Length: 636
Connection: keep-alive
Set-Cookie: EXPID=e3fc7a7a-19a4-4a5b-9756-ee668bbacad1; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash cf64f0ab00bb81d0ee98e63251bdb0ce
f2d4ea7a4c462a93b6607993e37bd3a9978a53b5
5eb2eb2f1544f80e4ee140c7b704adf6ef1077b902ac583f2644f02af2f5f065
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 08 Oct 2022 15:50:09 GMT
Last-Modified: Mon, 03 Oct 2022 13:09:34 GMT
ETag: "5eb2eb2f1544f80e4ee140c7b704adf6ef1077b902ac583f2644f02af2f5f065"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 33F11B5EF737480994E2AC90BB7F01A8 Ref B: OSL30EDGE0409 Ref C: 2022-10-03T22:45:55Z
Date: Mon, 03 Oct 2022 22:45:55 GMT
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c503d486cfd72d6c52bc54ba0da87d3d
f5d2f03156c0289f5b3f514e745c13c0ec82f8a6
1b9925e5b6943e347d80e740a3127a5a2ffcf106e3cdd02b30fec66bd8dc4dc4
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 08 Oct 2022 15:50:09 GMT
Last-Modified: Mon, 03 Oct 2022 13:09:34 GMT
ETag: "1b9925e5b6943e347d80e740a3127a5a2ffcf106e3cdd02b30fec66bd8dc4dc4"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: E62DBDA5543D4DC38CF9FF8B08CAAD5E Ref B: OSL30EDGE0410 Ref C: 2022-10-03T22:45:55Z
Date: Mon, 03 Oct 2022 22:45:54 GMT
www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
23.38.201.156200 OK 36 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
IP 23.38.201.156:0
File type ASCII text, with very long lines (42133)
Hash 457c64e69f73a625fe291fae02c1b927
ab2aa2e7b4e37daaeb60f17698a5a886d501385e
094ea09c58e064dc91cfa128356e975744d1e546948c61ed9852e0fe3e158134
GET /onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Aug 2022 21:27:42 GMT
x-activity-id: ba1a6d7b-e993-45ae-a14b-260b61045c46
ms-cv: eHE/b/kYDkWjU+WL.0
x-appversion: 1.0.8263.42159
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-17T07:25:18.0000000Z}
ms-operation-id: 819762409931f041bf59e7a7daace4b8
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-08-23T21:27:42
x-s2: 2022-08-23T21:27:42
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 35578
cache-control: public, max-age=27988877
expires: Wed, 23 Aug 2023 21:27:12 GMT
date: Mon, 03 Oct 2022 22:45:55 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/1a-bb39e7/ef-a24652?ver=2.0&_cf=02242021_3231
23.38.201.156200 OK 23 kB URL HTTP/2 www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/1a-bb39e7/ef-a24652?ver=2.0&_cf=02242021_3231
IP 23.38.201.156:0
File type Unicode text, UTF-8 text, with very long lines (64241)
Hash bb34fa956cd28133c85f395df38cd9d1
431626d79bb8538a90010651d1afae008bb0afd2
19ea0e7c6aee3590451b4dc1a1ed6b62e611cb478eb889aa7cdfe31968225ea5
GET /onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/1a-bb39e7/ef-a24652?ver=2.0&_cf=02242021_3231 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Aug 2022 21:37:58 GMT
x-activity-id: e769626d-8e0e-4f3f-b04a-85779eb43935
ms-cv: 4MCHWe9odEitRWH1.0
x-appversion: 1.0.8263.42159
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-17T07:25:18.0000000Z}
ms-operation-id: 6a1b9303a6c94a409f3b36b55ea07de4
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2022-08-23T21:37:58
x-s2: 2022-08-23T21:37:58
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 22578
cache-control: public, max-age=27989496
expires: Wed, 23 Aug 2023 21:37:31 GMT
date: Mon, 03 Oct 2022 22:45:55 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eq7dCIgREW4jjz+i1zFApg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fUwfG1wrxAMIbUxbZutJmrT9C8k=
support.microsoft.com/socbundles/TopNav
23.38.200.116200 OK 421 B URL HTTP/1.1 support.microsoft.com/socbundles/TopNav
IP 23.38.200.116:0
File type ASCII text, with very long lines (1382), with no line terminators
Hash 6f2a848c68e283a9c86749c6e8f0b3b6
7bfbfa421b975823294338a8845085c9b0ca24f2
08d07814c5ad2fc0ab764fa8a7c8da27bdf9f0e20a9db44099c8f03d54c6a604
GET /socbundles/TopNav HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: 210e1dd8-f0c9-4e43-84f4-66ab2a311f70
X-UserSessionId: 210e1dd8-f0c9-4e43-84f4-66ab2a311f70
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Length: 421
Connection: keep-alive
Set-Cookie: EXPID=d0662590-a799-4899-af67-90fde01f69be; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/stickyFeedbackCss
23.38.200.116200 OK 1.3 kB URL HTTP/1.1 support.microsoft.com/SocContent/stickyFeedbackCss
IP 23.38.200.116:0
File type ASCII text, with very long lines (4321), with no line terminators
Hash 24d38d135c7ae00605b485273c6bf6ea
5732940adf9ac4da968673e7fb86b000c2423ab6
c6f9523dcbb1fb71fa62d280542f310bf0bb54fb53af47e37eaf1811d5a7f885
GET /SocContent/stickyFeedbackCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: 47c78da6-141f-4026-a8ba-a086f5b73397
X-UserSessionId: 47c78da6-141f-4026-a8ba-a086f5b73397
X-OfficeFE: OdcSupFrontEnd_IN_2
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Length: 1266
Connection: keep-alive
Set-Cookie: EXPID=1aaaf075-246f-474e-86cf-308a26b8f2ba; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/socbundles/article
23.38.200.116200 OK 15 kB URL HTTP/1.1 support.microsoft.com/socbundles/article
IP 23.38.200.116:0
File type ASCII text, with very long lines (62046), with no line terminators
Hash a7a35095b42d66f97324a02e61aeabbd
fc5b2ce888868bb62b40f2b580c16d0e23b53f4a
138863d8ea2818321a86df2e3f72b28feb8348def4d72d5d29b09d57fe235a83
GET /socbundles/article HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: a052e79e-63db-4f08-8f6c-3543a0635582
X-UserSessionId: a052e79e-63db-4f08-8f6c-3543a0635582
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Length: 15150
Connection: keep-alive
Set-Cookie: EXPID=41a5debd-556e-4cc4-9483-44701d1a78cb; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/css
23.38.200.116200 OK 23 kB URL HTTP/1.1 support.microsoft.com/SocContent/css
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 68f3c668bd3369699a9e554c2294ff29
b06cb70c310a429d5000361e3ab7bb07146b23f6
392a288aaa8044b0344dc11b86a8291ec3ec7094f4efa773666e7048a5f98576
GET /SocContent/css HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: b9d3cbc5-5406-4dc3-a504-45c97846015e
X-UserSessionId: b9d3cbc5-5406-4dc3-a504-45c97846015e
X-OfficeFE: OdcSupFrontEnd_IN_3
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: weu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 22921
Cache-Control: public, max-age=1800
Expires: Mon, 03 Oct 2022 23:15:55 GMT
Date: Mon, 03 Oct 2022 22:45:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: EXPID=ada07962-9466-4032-8b32-2325cdc48fff; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/articleCss
23.38.200.116200 OK 18 kB URL HTTP/1.1 support.microsoft.com/SocContent/articleCss
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash c7ba37b48928b384b22f4f7d6545527d
e9485e22cad166b3f8f034b9660742c11c6d21fb
6bafa73ffd39a8b9cd9d34c13c8b4438a9781e7b33cec891a293560004fc1a80
GET /SocContent/articleCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:55 GMT
X-CorrelationId: 4660d1fe-a607-4fc6-9edf-48c5923626ed
X-UserSessionId: 4660d1fe-a607-4fc6-9edf-48c5923626ed
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Length: 17809
Connection: keep-alive
Set-Cookie: EXPID=356a8f48-0ff0-4019-ab54-1c1fdee4f60c; expires=Tue, 03-Oct-2023 22:45:55 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
fe3.microsoft-outlook-update.workers.dev/css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash d82e2dfd2a0d569acfd8de7ecac8e5df
aade391094e4e9e69f13286f80ec21f839fade3f
db6ff970eb14d2b12288dfcda98b6a4ef8cd5d6c0442c071db4d961863a44ea2
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935fcb941fac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:55 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:00000026
x-operationid: 003624088c3ee13d7207ea5240fbe331
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2Xvku3V1QEr6x9RnZ6vIkP69ouzHGEvYcidh%2BtSLff2%2F2QcezXr%2FbIAJR8j0GaEqkjwlDIhi1d1y0n0fCBQwsa9n4Y1refisslegXOX9cPK%2BHr5RtLNzDGDDEbayV34R5zeN1dSt7WWUR2OsLRg72FI84zIJWATteU0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash cc0df8f5ec988b333a5be4941c9d5d59
0afe885cd86658f5523db493b0a9d6a1f2764e12
f1c361d7627418d9a7a398c3db9d707fef594d9adb6789dc547c2833b5ff43c4
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935fcb9e4b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOLFSBCA:00000086
x-operationid: 989c797229060936a4e04aa6a7b2bed4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8Txd%2BVWDp%2BMOhjPKznh2MPvGxxYsbr6srEB1Mv%2Fm5Qmd9B7QPfKlQVg4qIIrA5Z3JMEM0wNRtDvzu3hMHVUAZ5qceZqOqvcR%2BHYaAjbgy5YVEKv9%2BhAkMoeJXrpVaQr0pzrKStHstIc%2Bt1v8XZe7NNIEZfu3AuV2UMU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
188.114.96.1200 OK 655 B URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 188.114.96.1:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:52 GMT
ETag: W/"633188f8-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH4SuqMmz6dBTNrYCPSoDoUIm2Uy443tx2%2BFK8uACLQqg32aV5PymAvX6TrWjWXdYvEd3u4WKqZ8R3UFdlh3FoNhrzmMO7khecFX2AHqtC1KvCTA5H8G5BtiuEEEdi7qdV212WG2z%2B0ImrEtur56nv02ZN0eGaUU6YmF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754936012d4eb4f9-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 05 Oct 2022 22:45:56 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fe3.microsoft-outlook-update.workers.dev/css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 9d63f970c6bca6785914f65aa7842b14
f570cec12aac3fe75dd6c0d96f5abfce7ceba597
0eab5fff41a57716bb080dd3f7990838c888a2f66000b888af261e761f7b186e
GET /css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935fcbbd9b4f4-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:0000001F
x-operationid: 3fc7c0d8f62db008492a0e58c2acc3cc
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCkmGqgBtZmmlqEthemkP%2BMS5j8PeK%2FFHXpo5OAEjREu%2B7DKt2xWXXKUHMFJYFW3RaQH3atNinSeVivlQPuw9lEnOlAzIiwMtPRl73qTdYG96c4Sdoe%2BaZoE47mn29IPAAaL9Z0VwXh0n%2BLEVQgCl14AdWXwLjjzZKjl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash c0e4c9dd32d13aa3c23a40de6a5876a3
a6a192e6919b62454cf7dbdfbe0a90792d6ea55c
b2d6806a7dd2ef4bd9cfcea25f84ca50a07e66ee96584fa06e23ea623189fd53
GET /css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935fcb9821c16-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:00000003
x-operationid: 3e7bab69f42f49023947be06db5dbda2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Zi0VYFVdC2biXElxl7VgU7SEdnIw30Q7l1h5krtMI6KcESV6s9%2BsBOmUHKfYY2pFryc986bU7aS0EIHNunCrbkDpaqI1WsKr20vTWJatd9LJGFX1hR19ViWmRKPyzUSjcPWo1pvFvnsffI6Yj082Mw56%2B0pNiEZmQ57"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 88855cb5291bdc9e2483e1b6e78a8c62
24969aa39df0985a3f36ebdd7eb21b1f6a7f5365
7ed21a150dab2b05605abb86365d042e4f25d978466ced022658158921ceffbb
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4 HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935fcbb1cb4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:00000021
x-operationid: d9003b425023f0acd7a0ae7d61682985
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWFj%2Fd2ILNb3ZY9jx4HzvdDTlw6ooamNotZ7r9ijESgVM%2Fqyy4A5O45fyFtvMt2Rgrh0IYXXHEFGT%2BGYVyRlmK5JE3rTUS1GduRja7BSRYdhW7reUyMMKen8EJKu%2BFmLFGszCLGAPhn3ymLvq1jVHqg5Ae3y3TMKkGVD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/PremiumBadge/premium-badge.css?v=cEt7WOR8PuG1vdwdSzC2TfEgZsvs0S6NLvhUo6ggByQ
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/PremiumBadge/premium-badge.css?v=cEt7WOR8PuG1vdwdSzC2TfEgZsvs0S6NLvhUo6ggByQ
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 36771bd86beb67009b16147933f4ab9c
b16effc2c28f537f97e521af72efbb1501e729a5
a44abe8cb79383108d81b742396146b2edf3fb2fa313dc8d6648e054f1b5243f
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/PremiumBadge/premium-badge.css?v=cEt7WOR8PuG1vdwdSzC2TfEgZsvs0S6NLvhUo6ggByQ HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754935fcbfeb1c12-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DPUDQ01K:00000003
x-operationid: 635e18cf1beb4a723708a10feb96080a
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3lxQaZEs%2BMSmQhmPWo6kjORh9R0lS%2FZ450EL8CpwW05TMzTTYxX0UGLlLsjqIzCnSNDU1ojyu0qgO%2F1YxlrtQ%2Ba%2FHf39WsILIU3b0nyUvsYvVehAYOR9fM4gSdt4XJEfO1OHJW5OwqswhLp6yWn15TLFe3ZLbuPxhJ7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
23.36.76.186200 OK 4.1 kB URL HTTP/2 img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f14c20150a003d7ce4de57c298f0fba
daa53cf17cc45878a1b153f3c3bf47dc9669d78f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
GET /cms/api/am/imageFileData/RE1Mu3b?ver=5c31 HTTP/1.1
Host: img-prod-cms-rt-microsoft-com.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
last-modified: Sat, 17 Sep 2022 20:22:04 GMT
x-source-length: 4054
x-datacenter: northeu
x-activityid: bbef4b2b-7038-48db-bee2-5c178f5fa7a2
timing-allow-origin: *
x-frame-options: DENY
x-resizerversion: 1.0
content-length: 4054
cache-control: public, max-age=207903
expires: Thu, 06 Oct 2022 08:30:59 GMT
date: Mon, 03 Oct 2022 22:45:56 GMT
X-Firefox-Spdy: h2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
23.38.201.156200 OK 26 kB URL HTTP/2 www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
IP 23.38.201.156:0
File type Web Open Font Format, TrueType, length 26288, version 0.0\012- data
Hash d0263dc03be4c393a90bda733c57d6db
8a032b6deab53a33234c735133b48518f8643b92
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 14 Jun 2022 13:23:15 GMT
x-activity-id: 433fff9c-ac1c-4827-bb3b-a2ca5fa6dd83
ms-cv: /0+3RKV7ykuNLoKI.0
x-appversion: 1.0.8167.41521
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-05-13T07:04:02.0000000Z}
ms-operation-id: 2f08fc2d143919438bfe914fdfecfc02
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=21911846
expires: Wed, 14 Jun 2023 13:23:22 GMT
date: Mon, 03 Oct 2022 22:45:56 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
support.microsoft.com/socfonts/OffSMDL2.4.50.woff
23.38.200.116200 OK 44 kB URL HTTP/1.1 support.microsoft.com/socfonts/OffSMDL2.4.50.woff
IP 23.38.200.116:0
File type Web Open Font Format, TrueType, length 44136, version 0.0\012- data
Hash 4c6c928daf19e2a06faf12bd2f002d2e
027d4709db809d9e9b2627b74a152aec29066ee8
2c9728c235211d8956826af42d99936b409536e6027e9162835731d5b005d462
GET /socfonts/OffSMDL2.4.50.woff HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: https://support.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Mon, 03 Oct 2022 00:12:12 GMT
ETag: "0d6e3c8bcd6d81:0"
X-CorrelationId: ba6ec01a-948e-4564-bf84-9d05b6476fc5
X-UserSessionId: ba6ec01a-948e-4564-bf84-9d05b6476fc5
X-OfficeFE: OdcSupFrontEnd_IN_21
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: weu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Cache-Control: public, max-age=156
Date: Mon, 03 Oct 2022 22:45:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Strict-Transport-Security: max-age=86400 ; includeSubDomains
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
23.38.201.156200 OK 34 kB URL HTTP/2 c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
IP 23.38.201.156:0
File type Web Open Font Format (Version 2), TrueType, length 34052, version 0.0\012- data
Hash 36397a3bc139c6e9f81d383f060f080a
3f4f86c10920d4ed345f4858b6cde9f93e1aeb81
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
GET /static/fonts/segoe-ui/west-european/normal/latest.woff2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 34052
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "588d483e9c7d51:0"
cache-control: public, max-age=480008
expires: Sun, 09 Oct 2022 12:06:04 GMT
date: Mon, 03 Oct 2022 22:45:56 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
23.38.201.156200 OK 29 kB URL HTTP/2 c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
IP 23.38.201.156:0
File type Web Open Font Format (Version 2), TrueType, length 29388, version 0.0\012- data
Hash 6e75a94d5f7170a1ab532d32c2a35755
9c1b6fff544089941bbeddbcf529c3f0b46d853a
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
GET /static/fonts/segoe-ui/west-european/Semibold/latest.woff2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: https://www.microsoft.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 29388
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "5b68d583e9c7d51:0"
cache-control: public, max-age=469103
expires: Sun, 09 Oct 2022 09:04:19 GMT
date: Mon, 03 Oct 2022 22:45:56 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
fe3.microsoft-outlook-update.workers.dev/lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM
188.114.96.1200 OK 28 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash e379db8b92fa169cf74de00eede978c2
8c20c17d95bd3f5b8e45f84490b13d2a5bd137de
69d38e0b28ad6859fee84c189e47475b269f4502417c693321564ffdcd08b0a2
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493600dadcfac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:0000002A
x-operationid: e76474bbadd086ae1cba28d61bafae79
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VekCBNGeBXFv5upogpOk3FhbPA6LAQGxXEi9RhGS%2Beo7trAwMHmC0XBqhKMpRWmdHVT5PZ5HEE8QiDJXsBKDnO931xQ57vhW3%2FXvRfu2qDAefswMCZ9wn26bE%2BkzDK7LXdw3W8tcBC9m7l4tpzKtfjAbPKyFuPBmFFn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6817
Expires: Tue, 04 Oct 2022 00:39:33 GMT
Date: Mon, 03 Oct 2022 22:45:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6817
Expires: Tue, 04 Oct 2022 00:39:33 GMT
Date: Mon, 03 Oct 2022 22:45:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6817
Expires: Tue, 04 Oct 2022 00:39:33 GMT
Date: Mon, 03 Oct 2022 22:45:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 2935
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 64985
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 2950
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78caa2bb8e856110416bc85ed2420d20
1d90e98d3666fc8618130eac15972d3a08addf16
5175905bdbcd0a325ff666148a77503f14d1922d826ad14a9c3d09846d77dff5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5857
x-amzn-requestid: 51f3a938-30f6-418e-970b-439bdfbb7c2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHIAIAMF6PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-6d97d5ff3c3589ee1e900a3b;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OModa8qHXEimXsJhr1DiYifYbFLgI-yMvAaKZA2SsRyU1N5CWwoVOg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:16:19 GMT
age: 1777
etag: "1d90e98d3666fc8618130eac15972d3a08addf16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6258b8768ba4c3edcc049c494dac733a
40e4337611c74e26efbc53633ba1a9ac04d9ae81
b170aaabbd17b712ed861f5e1d13ad2ff3604b47e9ec833077caeb1199f44d08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10595
x-amzn-requestid: 7cc6c91c-4dfc-4c17-b27c-5c0eec4a390a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqdOHTzoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5787-11525116257b72eb382ecefa;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qglxUK18M0WVvuSzN-pkwoIagT-hMmp_77qKAVaGq-3vJ4gwwsRzdA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:08:41 GMT
age: 2235
etag: "40e4337611c74e26efbc53633ba1a9ac04d9ae81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb7d0bdcd7cf60e39ee64d92f5694384
0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f
a6dd1fade6b47e539dd42ed07d2cf58179db10fe946809f201889a1f9c4ef282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2761
x-amzn-requestid: 00090151-da40-48e8-98f0-a0c579fe6d1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI_EgdIAMFc0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556c-06ceb1750213c44130848bf2;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -VI34uA9q6D2_lYs0LtkmZOKZrBKQsYX9plMuw8zwnCt_3b2ZZ1Uxg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 3010
etag: "0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fe3.microsoft-outlook-update.workers.dev/js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash a1bb344f75163cc54d8241ba5f0a52f2
88216459573a0a80dee05b99c3b801fa290bd74b
90960c74d474dc803a01963d320bbbdfdd41725116bb3fde7c52b32776eb53ea
GET /js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493601a90bb4f4-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML45CJ51KRV:00000003
x-operationid: 48ca37c11a2e8c7e5f9be0a18709ada3
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83lSpnDVI7%2FdUECmP6oXT79O1vEPQP%2Fm6FStUx%2Fe1kMtLJz7r1RDPUd8so%2BuDMtTwYIOLaIOxC9yFcP%2B6qujgGqVT6TUUkPXIxklhbamo3njSkYiUeQbWyfeKBq7lbJVp156Q71e7qodMwF3cGzM0dqZ9Qg%2FjO9I8mCJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 5d89a3f9d32bb426859337e8c2664acd
f0dc9b9bd2332c57f288400ed231bba6879b292d
c1c99cff0cc72f547429da012c3ab9d5030992257a3ebccb0520d32455263881
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936013d4fb4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DPUDQ01K:00000007
x-operationid: cb9c0666fa27dcbbb449d7045ebb00f5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkzvOfnC3oYZpuZ2uf0WD9tUAf5BSUUIHg8l0NNyr6IQUEW5KtQsf%2Fc3%2FllcPYAPxf6Ofd%2BMdl%2BFmAdDZOZ%2FqR9XUtXp3KI7wk3m%2FuEF9QXPBy3NWme%2Fz8L%2BpP8pF%2B7OhVNE9Qqvgi4N%2Bg%2BFsN8o63LB0rIiVuBa601%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/feedback.js
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/feedback.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 828a410450b594a7a254bccc73ff1eae
20434794bf81b1bb772dffce8f0cedb1a4dca546
a8c478a9d1cc9afb58df1ced6f38af3d3b07517c59de7ef15b25c49602d2c9f6
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /js/feedback.js HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936026ce31c16-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:0000002B
x-operationid: c31c8cdfa1ae67aa6cef9a27f96f679c
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJpDnvWwriqQNzYGzP8ydng3BeakoQpNAnXk9BSTbpCF%2BZlHJ0sRqT2qfSRd1THsdaPWLETlmq5L9idt1HD9%2BhQYmpBA%2BlnjtchqVz%2F6Zem2c%2FVUrRgIWJnFxBt0ZQJUfVpfPZAfkXP2L9RwLiFzFDr%2F6bcZXGCbr71M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/Support.Main.min.js?v=kw-GYTFo_eMrbjFvSByt3nYAKxpKhlUVcUrZERjTX6I
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/Support.Main.min.js?v=kw-GYTFo_eMrbjFvSByt3nYAKxpKhlUVcUrZERjTX6I
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash aa9a6f995a65d923ed4074ccd9783759
6d8462ec59c1f26c28c63a2ab44f260e48f6c2e5
8e375329c988e698f63fe7739c7f03cf03129d867c5289fdd0032f1b3620931a
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /js/Support.Main.min.js?v=kw-GYTFo_eMrbjFvSByt3nYAKxpKhlUVcUrZERjTX6I HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936026fffb4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:56 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000006
x-operationid: 00c09e7981964e89c6ab0148e4c8f76e
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVRvKNQFhs4iam9w9QhBZBX1Np2Y%2FviujGlQC4%2FvwAdmQayoPLyhFekbSi8DAXF45eBvQ4YD6fNOIoan7KK7Qx8vH3I0cbtniG%2Bu7kq%2F5hTqtdSQfCPg8ysMm0%2F3mehenLfn4aPx1NhvCHonJ13jsmKmiN1mI2RDcRMU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 0a6d5bf211fbf5b5653ff7ce83beb602
acdd1d74d097a10289c3a7a9d6916522b9f945a3
30cacd08bb11d1ec33344b9c793ca9c81ff5cb8c6d20d5530473652df2797dd8
GET /en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493604ececfac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000008
x-operationid: 65c17e5edb1c52bdf6269fe8d553243f
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT5OwlKcb8XJ4YpZmwPxtrjYmxQTQushVSeaqjoDk3cfHjHQZh%2FMyQUNGbFLYjZS6Qt7Bok7SArD6DtKa4JXxR9v3V9udtX2X2%2Bnqp0OPRrnCCKItvGR9O4dNbiweAjgnrBDb3FGglKf75u%2BGcjMSA2uN7h7V%2FboYlWE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
support.microsoft.com/SocContent/officeShared
23.38.200.116200 OK 636 B URL HTTP/1.1 support.microsoft.com/SocContent/officeShared
IP 23.38.200.116:0
File type ASCII text, with very long lines (1576), with no line terminators
Hash c552445dfdd7ea4de00874233e3d88cc
2ba812615470808e26780d736122c7d46c2bec0e
ba5215c29d63a42b9cef03ab2506f7a28f3446880a5e7c5b38f47cb809da637c
GET /SocContent/officeShared HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:57 GMT
X-CorrelationId: 0c04397d-cffe-4926-a428-41898fcd80bf
X-UserSessionId: 0c04397d-cffe-4926-a428-41898fcd80bf
X-OfficeFE: OdcSupFrontEnd_IN_2
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Length: 636
Connection: keep-alive
Set-Cookie: EXPID=e4851957-74ce-45d3-b05a-92181ba3c8f0; expires=Tue, 03-Oct-2023 22:45:57 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
www.microsoft.com/videoplayer/js/vxpiframe.js
23.38.201.156200 OK 6.2 kB URL HTTP/2 www.microsoft.com/videoplayer/js/vxpiframe.js
IP 23.38.201.156:0
File type ASCII text, with very long lines (13406)
Hash 479fe89d3dd3be2f235c6e3f9389123e
1d48ef3f081e7e168bf262780dab3496e144bc49
c15b082f7905c2c81914d079b566f39e2f2d2b995435aecfd4307b45fd6c77c5
GET /videoplayer/js/vxpiframe.js HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-transform
content-type: application/x-javascript; charset=utf-8
x-activity-id: 756b80dd-1bda-44cc-bfa1-4a78ebc50797
ms-cv: LHgAlC+xTEaox1cA.0
x-appversion: 1.0.8276.37632
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-30T04:54:24.0000000Z}
ms-operation-id: 31aa3be362f37642a0843a0fdcda445f
p3p: CP="CAO CONi OTR OUR DEM ONL"
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 22:45:57 GMT
content-length: 6222
tls_version: tls1.3
strict-transport-security: max-age=31536000
set-cookie: akacd_OneRF=1672613157~rv=90~id=93bf09fce772948d481e019717c96fe2; path=/; Expires=Sun, 01 Jan 2023 22:45:57 GMT; Secure; SameSite=None
x-rtag: RT
X-Firefox-Spdy: h2
support.microsoft.com/SocContent/stickyFeedbackCss
23.38.200.116200 OK 1.3 kB URL HTTP/1.1 support.microsoft.com/SocContent/stickyFeedbackCss
IP 23.38.200.116:0
File type ASCII text, with very long lines (4321), with no line terminators
Hash 24d38d135c7ae00605b485273c6bf6ea
5732940adf9ac4da968673e7fb86b000c2423ab6
c6f9523dcbb1fb71fa62d280542f310bf0bb54fb53af47e37eaf1811d5a7f885
GET /SocContent/stickyFeedbackCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:57 GMT
X-CorrelationId: 519e9e49-3eb4-4f81-a931-9ac6a435a3f8
X-UserSessionId: 519e9e49-3eb4-4f81-a931-9ac6a435a3f8
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Length: 1266
Connection: keep-alive
Set-Cookie: EXPID=18538a9c-396f-4907-bc06-b3aecfab7b0e; expires=Tue, 03-Oct-2023 22:45:57 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/topNavCss
23.38.200.116200 OK 1.2 kB URL HTTP/1.1 support.microsoft.com/SocContent/topNavCss
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (4186), with no line terminators
Hash 478d21e3b23593406d83049036421157
0c690ca47e7d9ebe54d85dd76c4b0c949b0ec27b
647a08572d1b764fe0e28f24a4eac4bfaa183b55f5bfb5b1ac2223004abb3fc7
GET /SocContent/topNavCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:57 GMT
X-CorrelationId: 1a409e26-516a-415b-befb-68bbe0aadbd8
X-UserSessionId: 1a409e26-516a-415b-befb-68bbe0aadbd8
X-OfficeFE: OdcSupFrontEnd_IN_5
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Length: 1178
Connection: keep-alive
Set-Cookie: EXPID=162a89a2-d253-435c-8830-fa5aa81060ce; expires=Tue, 03-Oct-2023 22:45:57 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/articleCss
23.38.200.116200 OK 18 kB URL HTTP/1.1 support.microsoft.com/SocContent/articleCss
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash c7ba37b48928b384b22f4f7d6545527d
e9485e22cad166b3f8f034b9660742c11c6d21fb
6bafa73ffd39a8b9cd9d34c13c8b4438a9781e7b33cec891a293560004fc1a80
GET /SocContent/articleCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:57 GMT
X-CorrelationId: 9f1ff069-8384-42d4-8f0b-4f9a16844068
X-UserSessionId: 9f1ff069-8384-42d4-8f0b-4f9a16844068
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Length: 17809
Connection: keep-alive
Set-Cookie: EXPID=6e9ba52c-a381-43f3-af46-0b8cae21b046; expires=Tue, 03-Oct-2023 22:45:57 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/socbundles/article
23.38.200.116200 OK 15 kB URL HTTP/1.1 support.microsoft.com/socbundles/article
IP 23.38.200.116:0
File type ASCII text, with very long lines (62046), with no line terminators
Hash a7a35095b42d66f97324a02e61aeabbd
fc5b2ce888868bb62b40f2b580c16d0e23b53f4a
138863d8ea2818321a86df2e3f72b28feb8348def4d72d5d29b09d57fe235a83
GET /socbundles/article HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:57 GMT
X-CorrelationId: 5848427b-5362-404f-83e3-c43cdf08fad4
X-UserSessionId: 5848427b-5362-404f-83e3-c43cdf08fad4
X-OfficeFE: OdcSupFrontEnd_IN_8
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Length: 15150
Connection: keep-alive
Set-Cookie: EXPID=4d41e934-78f5-45d9-8e96-acf45791ccdc; expires=Tue, 03-Oct-2023 22:45:57 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/socbundles/TopNav
23.38.200.116200 OK 421 B URL HTTP/1.1 support.microsoft.com/socbundles/TopNav
IP 23.38.200.116:0
File type ASCII text, with very long lines (1382), with no line terminators
Hash 6f2a848c68e283a9c86749c6e8f0b3b6
7bfbfa421b975823294338a8845085c9b0ca24f2
08d07814c5ad2fc0ab764fa8a7c8da27bdf9f0e20a9db44099c8f03d54c6a604
GET /socbundles/TopNav HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:57 GMT
X-CorrelationId: 8c72f5bd-779b-4791-90c2-fd35e3bd37a0
X-UserSessionId: 8c72f5bd-779b-4791-90c2-fd35e3bd37a0
X-OfficeFE: OdcSupFrontEnd_IN_3
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Length: 421
Connection: keep-alive
Set-Cookie: EXPID=974d3539-5c8e-485c-83df-12ddb1f789f6; expires=Tue, 03-Oct-2023 22:45:57 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
fe3.microsoft-outlook-update.workers.dev/css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash a661449dbef4ba83891f6289c18adfa4
991ce10d40e3ea25d8d0b1fe24a20cd497da40f2
70a44d9a695f150d1ea86fd4371c2ed1a69e5f5257557fa6f8d8841529cedc79
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493608eed01c12-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML45CJ51KRV:00000009
x-operationid: 4edae5f938148ff0d95e1928d67719d3
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYcTyKU0ZphCQYGC%2ByNUcri81u6AuGHgzo%2BQiCHFciMgWJbe4Xg77l1CF4HOEtOGhL34HSAh0UJJ8P2DeUlRb6UxJ62St5ZMoMmAsbAaWyX0Jk2eqtiJxOUaXVPo4VVHvY0Tsw2As1AYF2sdDTlP8PKd6TsnlevCiwNK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash be676ff98328cb0df7b9d66b7f17d636
b73e41e42e7844a8512ee4bd604c3075d5783c22
2de730111600dc56d4628e7cf75c023c4b1b1e0911fbca9bdb48ecbbd14561ef
GET /css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493608ff8bfac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:0000000C
x-operationid: e327a876c3bcd86cf05b52b08e12dc90
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dg2p94A1WZNlT6npdsXZgEm%2FE7MHO%2FUYvIKsNk8lV4CxO0mtQRkGUG8%2F6ZKAgkH8sZ5caRyHlHaf5m%2F9MKlkuIRBiQXEu5lWoha8jzvHU3ytDQhHTXiymb7M2JSgBBSNf3MA3Wqbc58Dxxeg9UpoYY%2FP6yiL5iTXssp2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/PremiumBadge/premium-badge.css?v=cEt7WOR8PuG1vdwdSzC2TfEgZsvs0S6NLvhUo6ggByQ
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/PremiumBadge/premium-badge.css?v=cEt7WOR8PuG1vdwdSzC2TfEgZsvs0S6NLvhUo6ggByQ
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 0bc6b134cd1f9076a8bf9fa427a3e32c
d00c6f543dd8845d1562ba80008bb1ff1fa34b34
c326732bb2b7b5b5fdeb759afd10dd693c5ea4802ebb7b688ca3a6bad8f80185
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/PremiumBadge/premium-badge.css?v=cEt7WOR8PuG1vdwdSzC2TfEgZsvs0S6NLvhUo6ggByQ HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493608fd22b4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOLFSBKE:00000002
x-operationid: afd66b1ff033d50a76c8323722875f2c
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BMowbgpBrShUQamSjHKf1%2BGiLsTZet2K2A7DE4JSnzKV964rboFyPaEXATwqqHJKN3dkFHoJTLcnvp2vd4awObngV3WTLI9My%2F4QGofRNXUpMsCUPoxVBWwP6l3eGRp9npZytsoVMvSkNiF%2FJk1vjdhnin6FLBRkilC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 3b4d252199469fdcc59db9b1e697c75b
d0ec49aca691b8e827028eceb68e33bcb173983b
1e362ccd6bf8b84e6ff63aeaf05192a9d6502f13e3a6855bfe895beb7a930bbb
GET /css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493609fcd9b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:0000002F
x-operationid: 5673cb4cb1dddde9831a89447960a599
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6oNa8tIsV7BlfxMMMdiVxdfVtSUTea1z0Qn%2BPlgQu1C%2Fu9zynJCgJGMEc5oaGVIJTlrTjo4QuWRqyU4cThzu1YpALJYgt3DG9mPLb6eTZ5KzsinAcDcSKbWSBL7SOjkoctO3f1h%2BpQHP5PIC5NRpc8Y6LikRuVn10on"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 140ffdfd5bbd4ee1da388e3ca98c82a1
4c32af7b3281e934162fa4dc39635f740e897483
8fe6890a703f5fef2a6bce32eaee59f18853c850c898943d178ac76212a0f22a
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360abfb91c12-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:0000000E
x-operationid: 427d586ef425868cd41cdcd375863013
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2O69IAKJVtP%2FHHYVzCGBkOQkzIQ%2F1pJz84N%2B5%2B3UnPsnbmqjIqpPaqXedj2gnPdJhlqt4QpVVbRVnsRhqUOHB96jD%2BoZIYHMqAYAh3zVUkTZQeNuzFkJy%2FGAWCk9QBdS8GrcMUqFg7qUQc24mazsHWvmNHLUypXyCZ1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 3dfe6b6a35b79c37f2dee64ca526df3c
ee389bbc13e826f70e59c714843da4208c29f776
113072bc5ec9e437f5719a180409272b04f98780ac04a6b8daf48b4b06ee296b
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4 HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360a9e150b51-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:00000031
x-operationid: b31e20c1c7204d84839eb1233b62db10
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhMJ7cDPJuKK8QqubITbIMfYapD%2Fuwm06d9Ar93VohsKgcvurae3KRVRn4hAmS%2BapVqjrDZN%2Fta7%2B41FFg7aWU%2BCsedcbRI0utwtEoYT2Z0u5dyvS%2Bbebynru18FeHqfLC3gSu0Dlf2lo6AK3aREKazhZNXYdnUaE5hq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 7a25c382fdf1b33838183f356b3bd37d
205a288eb7d3122ac329a3cc3ee10bed96c8022b
880f0ac82321358f152f76c4866c39ac3f21891195c8108032a848ba212d7df3
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360acab60b55-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:00000032
x-operationid: 5e3916003ca8d2cd023bc5ef57f25262
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng6YpbyWuT6%2FEI7QMjsKh7PqeOHfMoLY3Ftr5Xn0c6PZHDczkHNqwg%2BKeS82pb8Y62MqAVTOIRzdtUJm8CH%2FQUVxTAwNs2IMJe5PKT8KYeQo8Wk40b8ldNwFGR6a887A%2BxRc71DlmWrHMmbujQvMNEbW3wJa0iNB18Sf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 15a6be85d7d134d4f6ab13bc2000abf0
71033e54480669085dac4de86129ef39b5247c63
baf4cde630cafb6bd543e2f25e595e80c9a24bfd8719b3b41586849c698e66d5
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /js/TelemetryLogging.js?v=PI8krdyAXTV0whxSz7oGWOLjo8PeIdfp8gD_jTA31VM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360ad8aefac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000010
x-operationid: 7d87f6e0e4673558326da02107448abd
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnLJXvf5%2FjMaNY8q4Vi%2FPyw2qRghPK1%2BbllLNW%2FUdUk4uLKgAg1OcyZC1%2FCouLYjuUyrBArq5ZDVMvwuUy78ddFlEHtQdC9C8rI6IO4YJ4bpZOApOhjdeK%2Fn2%2BGCmzmHvKLhNkAbSZgfo3h%2B4kkhJNeyzhkefLDCN2zv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY
188.114.96.1200 OK 28 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 2b1f16bb979b4f597c2990a946778590
821764acd67975197f0f20d4187c61fa7b6367df
bd8f2fb691323619a0216d7bfe0b94027af408263d6956275b5d7dfeea0b637c
GET /js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360b5ecbb4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:0000000B
x-operationid: 82e52dc4b9ef638de8d53e70935e4e7d
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw5xVWdO5DgUmGwGLYQzz%2B2HoSiDLpJoha9hMavrUj7xBwmJgP5EzXx1LJocRhgjMnGXcNoh%2FRzDjWDllFbC1uAyn%2F9WlJfqE73F6vk2QKovpf1%2BhF8dkoPkubUpErvrvhQAncKP9Ymg1lIgY0L5MwLoCMRKWaN3BNsO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/feedback.js
188.114.96.1200 OK 28 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/feedback.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 4610b977f4988775034df4a5d6b774f9
62b91741bd7596f0e74284b7c1a5fef858064ff5
8d705e8213ca065ca651cdc810c262cd7b137806559d9ef507bcf747b91f8bd7
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /js/feedback.js HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360bae29b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:0000002C
x-operationid: 42ab6a60502d14a3f387811ae7794010
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TtGe2Caq%2FSvkCIt1QMA7c%2FmFSQnkXqiBfR0ZWfBMArycPPSnxPuyhmIvg3qaPvYbvB8WcdhPgW%2F%2BaFqoiU8%2BGXCi3y9i9rLq4JqHGB9mhH1D%2FXgGXVmODtIc5YiBvb%2BktfFoYipJKufiFhd8R9E6yD3tJkIT1RHOyzQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/PromotionBanner.Main.min.js?v=lPxxwt8ZKzDFNYuSNvRbC24S24EImVPnl-WkYX8w3n4
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/PromotionBanner.Main.min.js?v=lPxxwt8ZKzDFNYuSNvRbC24S24EImVPnl-WkYX8w3n4
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 5a1b52405bc165dc8e94c1f773599b5b
24119c78860d08de1e3c903399b3a895a6effe90
fd8c709332b733762a5e0b76da0fefbdb811e42f8ebb42d0dff81e7235a6f55c
GET /js/PromotionBanner.Main.min.js?v=lPxxwt8ZKzDFNYuSNvRbC24S24EImVPnl-WkYX8w3n4 HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360c1f380b51-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:0000002D
x-operationid: 876f67fc851f5d0f9297ab8ae5aef9f4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DN%2BZ7mB8d1WcuSBWXQVWnLAddHdFJ73NCdvYvnECTEdqqJcsls7fTPSFl5QYay05u%2Ft1tIJFWRukiGES9dLYZdSnyamLOSAcKyQZbQZZcHbF6%2BgsjKSQIgQR9cF7SP2gVaSvgFRHsWwFV2sKP35zciDxEDAxGEhbRntJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837157095&time-delta-to-apply-millis=use-collector-delta&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837157095&time-delta-to-apply-millis=use-collector-delta&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837157095&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:45:57 GMT
fe3.microsoft-outlook-update.workers.dev/images/Facebook-GrayScale.png
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Facebook-GrayScale.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 65f9619c900aeb43b30ffc41b5533d44
df77dcfd9ab252859f645834521bf4079fa2e095
9521bee1ca2c1d82c17dd72ed56c712c9ccb8ec4a33bbc64c067006da0e7aa3b
Analyzer Verdict Alert openphish Office365
GET /images/Facebook-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360d4f72b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:0000000D
x-operationid: ccee0825ea61876cadab22dea256db54
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oveu9QjyBQbotYNEz%2B4NHfJtAIdoNLYCW5u7MwRX%2BxWwKCw7SgbIp3C2PYpldzHPJ91rrOAysl4sOAbknb%2FoHafCEhKNiZrEnh%2B4Ta4hSqmdU04nT6bwcooRIljEja34EQCPgTh%2B9UZqPSjrfgarC6wlEeErgGL%2F31zC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A56.910Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=60&*details=%27load%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A56.910Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=60&*details=%27load%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A56.910Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=60&*details=%27load%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: DETIy+HKXE61MJFGuX+9oQ.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=d956cc7436224712a96006b778c6c4c1&HASH=d956&LV=202210&V=4&LU=1664837158110;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:58 GMT;Path=/;Secure;SameSite=None
MS0=07b6c3d03d63492cad1a5e4a003993a8;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:58 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:57 GMT
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A56.901Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.4%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=26&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A49%2C%22perfDuration%22%3A26%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A56.901Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.4%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=26&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A49%2C%22perfDuration%22%3A26%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A56.901Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.4%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=26&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A49%2C%22perfDuration%22%3A26%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: jcuUS6HIfECMCEZuJWIj7w.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=2767c5544e634c859fed85d202cfb309&HASH=2767&LV=202210&V=4&LU=1664837158122;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:58 GMT;Path=/;Secure;SameSite=None
MS0=2f19dc6e8c2946f89af80d1c588ab4e2;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:58 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:57 GMT
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A57.023Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=172&*details=%27Web%20header%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A57.023Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=172&*details=%27Web%20header%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A57.023Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=172&*details=%27Web%20header%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: kklB5kFU9E2AF0FLNV4Jsw.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=1f13fda7c5a8443db70e1dcad4c4cbec&HASH=1f13&LV=202210&V=4&LU=1664837158117;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:58 GMT;Path=/;Secure;SameSite=None
MS0=ba23f7d4be104f91be36ee3ff84ba5a7;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:58 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:57 GMT
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A56.849Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=398&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A1881%2C%22perfDuration%22%3A398%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A56.849Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=398&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A1881%2C%22perfDuration%22%3A398%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A56.849Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=398&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A1881%2C%22perfDuration%22%3A398%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: MYF4TMPVXEaUJWv0yrw/KA.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=d5544cd72f934d25a07723d6ffdd320d&HASH=d554&LV=202210&V=4&LU=1664837158124;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:58 GMT;Path=/;Secure;SameSite=None
MS0=49a65ccb2faf4e4e802992918698a1b0;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:58 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:57 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837157095&time-delta-to-apply-millis=use-collector-delta&w=0
20.189.173.4403 No events are from an allowed domain. 57 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837157095&time-delta-to-apply-millis=use-collector-delta&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 579ca008efd6b47440e2e963c054f869
b6158b981b9db9e94e299050b512f8509a33c552
007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837157095&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 2085
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 57
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:45:57 GMT
fe3.microsoft-outlook-update.workers.dev/apple-touch-icon.png
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/apple-touch-icon.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 5cfce52dec6e7bdc16478ae121fa0d44
9f6a8a5c7a21d8bf3da3321f61954939753f2b84
1ac830ebfc308c66ddcb5dfc49e99e04ace40b97f8c3a3a67e6e1e8f5af00cf6
Analyzer Verdict Alert openphish Office365
GET /apple-touch-icon.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360c5c1c0b55-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000019
x-operationid: 7a72e04299fec7547399923df057905f
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WalJM4SltnUCRpq2H1Hv9zSIlSlbM4XpfiXQS5pPW548vS%2F98kPQK2XIkIFzVkLuimtDxz1AK2SUAIZbAk51YFKHaCEgeDuG3YtzgBjDAPfIzmQfM0I%2BfCir9%2FveBM216BpggNJX2Qr5B5gr1%2FyUlI39AB79hniitN%2Fj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash c1f9750df85f1daa7fae7b1ed6dc1ba9
249715de03c7485ca90e9491f50a0ab4d631b002
ef56312177cfb26499147df0ca28741f7049fff1979aeda7b59ce14c831eb8c1
GET /en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360ccfe0b4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:0000000F
x-operationid: 63c39dc30798d3eb531f1ade7635edf5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApzjEjuP8vv%2BailmTi5yI0tPjFAfz33HVOnCia9RzT8DaZqirJLdjcu6nVJTyqzfhrBTy5n44%2FPWtQVptL1pfhsv%2FWIcg7cGDBzm95SYQqfVqFhNYo3BSdkrFa%2FVmJQhqF0FPQIhWITyxCOO1jia3CrA4S5674enh%2Ftj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158100&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158100&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158100&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:45:58 GMT
fe3.microsoft-outlook-update.workers.dev/images/Mail-GrayScale.png
188.114.96.1200 OK 27 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Mail-GrayScale.png
IP 188.114.96.1:0
Hash 770b5c3189c2eb6302f01fd8d22e85ae
9b56b64edd3535e0b17f39ff742ba8315bd1f91d
0275279101f025ffa0ac606d622bc8420793b94c57a6212706dda5e26188c320
Analyzer Verdict Alert openphish Office365
GET /images/Mail-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360d88350b51-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000017
x-operationid: ef6555e92ed83772b42bdd935fd1aa84
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpgPwR801geiywDkiPr7sPTBudTEcYywwHgbqTbbFVVKYQupUbpPE261G1qlj3qfvOidw578PoAQ5%2F3cmZmXkVGPLviR8cjGtXNMHK5pkjh8wf97zcEIei8XhOOOjbsMxGa3trdyHYIp1btIMwrp4SOHNkGAg0R9osHq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
support.microsoft.com/SocContent/stickyFeedbackCss
23.38.200.116200 OK 1.3 kB URL HTTP/1.1 support.microsoft.com/SocContent/stickyFeedbackCss
IP 23.38.200.116:0
File type ASCII text, with very long lines (4321), with no line terminators
Hash 24d38d135c7ae00605b485273c6bf6ea
5732940adf9ac4da968673e7fb86b000c2423ab6
c6f9523dcbb1fb71fa62d280542f310bf0bb54fb53af47e37eaf1811d5a7f885
GET /SocContent/stickyFeedbackCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:58 GMT
X-CorrelationId: b9497725-3683-45b3-a18d-cf27297f0023
X-UserSessionId: b9497725-3683-45b3-a18d-cf27297f0023
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Length: 1266
Connection: keep-alive
Set-Cookie: EXPID=42549307-15f0-41db-8767-ee11623083af; expires=Tue, 03-Oct-2023 22:45:58 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/SocContent/topNavCss
23.38.200.116200 OK 1.2 kB URL HTTP/1.1 support.microsoft.com/SocContent/topNavCss
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (4186), with no line terminators
Hash 478d21e3b23593406d83049036421157
0c690ca47e7d9ebe54d85dd76c4b0c949b0ec27b
647a08572d1b764fe0e28f24a4eac4bfaa183b55f5bfb5b1ac2223004abb3fc7
GET /SocContent/topNavCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:58 GMT
X-CorrelationId: 80013d46-dda3-49d7-8d74-b4e26720a316
X-UserSessionId: 80013d46-dda3-49d7-8d74-b4e26720a316
X-OfficeFE: OdcSupFrontEnd_IN_5
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Length: 1178
Connection: keep-alive
Set-Cookie: EXPID=890723ce-1b8d-4d50-85c2-83050f9e6904; expires=Tue, 03-Oct-2023 22:45:58 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
fe3.microsoft-outlook-update.workers.dev/favicon-16x16.png
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/favicon-16x16.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 2e09cc21ca45918e57f968a72778a5be
f22d9ace17dbc9230f331e78c405787fa5b428fa
ab4d45935732fd95b11df9c69d19a5c322261d2a3d0ef2638e89c4f9403889ab
Analyzer Verdict Alert openphish Office365
GET /favicon-16x16.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360ca9cbfac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:00000011
x-operationid: 7232da0d77e875ec86abb491a7b6b2ff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZyy%2FraNSkrc2GG2jZizdHZ3NJxSKS6hxoXwRq7WGrEormnsJv5ZzAJwdVxbKnm4MjU7hjbSeLn%2FDVb59brMXgB9eHptkPbQsBsPNkS0iiizH%2Fy6R%2FqeOVs9sQmQc160AtYKbK1YNeslfR2E3AIp0w%2F5D15DzfuQ1%2Fjg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
support.microsoft.com/socbundles/TopNav
23.38.200.116200 OK 421 B URL HTTP/1.1 support.microsoft.com/socbundles/TopNav
IP 23.38.200.116:0
File type ASCII text, with very long lines (1382), with no line terminators
Hash 6f2a848c68e283a9c86749c6e8f0b3b6
7bfbfa421b975823294338a8845085c9b0ca24f2
08d07814c5ad2fc0ab764fa8a7c8da27bdf9f0e20a9db44099c8f03d54c6a604
GET /socbundles/TopNav HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:58 GMT
X-CorrelationId: a09a6352-c61a-4c31-ad60-e97b0cf460ca
X-UserSessionId: a09a6352-c61a-4c31-ad60-e97b0cf460ca
X-OfficeFE: OdcSupFrontEnd_IN_12
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Length: 421
Connection: keep-alive
Set-Cookie: EXPID=472c270f-bda3-4ec4-b707-309bc782f4c1; expires=Tue, 03-Oct-2023 22:45:58 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
support.microsoft.com/socbundles/article
23.38.200.116200 OK 15 kB URL HTTP/1.1 support.microsoft.com/socbundles/article
IP 23.38.200.116:0
File type ASCII text, with very long lines (62046), with no line terminators
Hash a7a35095b42d66f97324a02e61aeabbd
fc5b2ce888868bb62b40f2b580c16d0e23b53f4a
138863d8ea2818321a86df2e3f72b28feb8348def4d72d5d29b09d57fe235a83
GET /socbundles/article HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:58 GMT
X-CorrelationId: 12a9f003-2cb2-4c0a-9b1a-1c19646c74f8
X-UserSessionId: 12a9f003-2cb2-4c0a-9b1a-1c19646c74f8
X-OfficeFE: OdcSupFrontEnd_IN_2
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Length: 15150
Connection: keep-alive
Set-Cookie: EXPID=6eb7da5f-107f-4ead-ae66-26d52324e9b3; expires=Tue, 03-Oct-2023 22:45:58 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
www.microsoft.com/videoplayer/js/vxpiframe.js
23.38.201.156200 OK 6.2 kB URL HTTP/2 www.microsoft.com/videoplayer/js/vxpiframe.js
IP 23.38.201.156:0
File type ASCII text, with very long lines (13406)
Hash 479fe89d3dd3be2f235c6e3f9389123e
1d48ef3f081e7e168bf262780dab3496e144bc49
c15b082f7905c2c81914d079b566f39e2f2d2b995435aecfd4307b45fd6c77c5
GET /videoplayer/js/vxpiframe.js HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-transform
content-type: application/x-javascript; charset=utf-8
x-activity-id: 756b80dd-1bda-44cc-bfa1-4a78ebc50797
ms-cv: LHgAlC+xTEaox1cA.0
x-appversion: 1.0.8276.37632
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-30T04:54:24.0000000Z}
ms-operation-id: 31aa3be362f37642a0843a0fdcda445f
p3p: CP="CAO CONi OTR OUR DEM ONL"
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 22:45:58 GMT
content-length: 6222
tls_version: tls1.3
strict-transport-security: max-age=31536000
set-cookie: akacd_OneRF=1672613158~rv=33~id=fbed76150cbe57bff11ca3844ca16627; path=/; Expires=Sun, 01 Jan 2023 22:45:58 GMT; Secure; SameSite=None
x-rtag: RT
X-Firefox-Spdy: h2
support.microsoft.com/SocContent/articleCss
23.38.200.116200 OK 18 kB URL HTTP/1.1 support.microsoft.com/SocContent/articleCss
IP 23.38.200.116:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash c7ba37b48928b384b22f4f7d6545527d
e9485e22cad166b3f8f034b9660742c11c6d21fb
6bafa73ffd39a8b9cd9d34c13c8b4438a9781e7b33cec891a293560004fc1a80
GET /SocContent/articleCss HTTP/1.1
Host: support.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 03 Oct 2022 22:45:58 GMT
X-CorrelationId: 55c3d581-6ffd-46a9-ba1b-d59b668b8401
X-UserSessionId: 55c3d581-6ffd-46a9-ba1b-d59b668b8401
X-OfficeFE: OdcSupFrontEnd_IN_3
X-OfficeVersion: 16.0.15803.37650
X-OfficeCluster: neu-100.odcsup.osi.office.net
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Vary: User-Agent, Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Length: 17809
Connection: keep-alive
Set-Cookie: EXPID=c2f93144-5c65-42c4-b350-4e516a2d1330; expires=Tue, 03-Oct-2023 22:45:58 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=86400 ; includeSubDomains
fe3.microsoft-outlook-update.workers.dev/images/Linkedin-GrayScale.png
188.114.96.1200 OK 44 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Linkedin-GrayScale.png
IP 188.114.96.1:0
Hash 4be64a638eb3808a0ade8fd065fb9450
b733ee15b0de2ea74efefa9d319d0e1e7ba7ff6a
d0f3c3ec959d7a13bba5d276058f63f3ba4d722cd90f33264377e2729c28c379
Analyzer Verdict Alert openphish Office365
GET /images/Linkedin-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360d694d1c12-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK1S:00000034
x-operationid: 46bd55bf6739af4f3ec5d8ea6e1a827a
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDqmXZtuy3%2BAN0xdJNuHFGNenrOIzJJqNzHPhAz8Ze12SRl0OcOgC6iow9F8IQMI7ga23iS3V62cm3mZWtnhbYyocVKrGJnvsz%2Bzy7HkDVzD%2BRt763QZF9pBqFCVTkokfmivO0W5cEdHfHZnOBI0ZbAkhpGZN0gQ4zr8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 65d32f63a1fcbfa1d4b9e5eb8e5edba1
2ab04f7116b1dd028d82cbb11870befe94d3cabd
3c9c1901ad70bcb3da5819162c044f8ce63d44cb3668fc30b8c6ddbf71884f17
GET /css/ArticleSupportBridge/article-support-bridge.css?v=R_P0TJvD9HoRHQBEdvBR1WhNn7dSbvOYWmVA9taxbpM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493610aec1b500-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:00000015
x-operationid: c087a373b8f835d351b4ad018b0792d6
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7aXy6QKz3QIIB%2BIMTkBrlg6W47IN1oaSA%2FuFZ%2BNHUMPXqEvLxAsVzV2Gi6KAgnD44l4SMHewfmyB3Vd9PQjaQo8zBnkNH%2FUp4ZNXnYFMK50uqTZL5NhZSRq%2Bpcn1zBaFe%2FQur%2FLF6cEWKvTQLy1Uzq8Isu7sv1Ul4oB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 25c0c3673e3fa69a603e58b95dcb434d
889bf00a2d4220d6c564fe338a66753c9a11e651
2a4d2c1e47f5e88a5c5fd66b13f4dbc66424c458a0ffda3047508f488d952a11
GET /css/glyphs/glyphs.css?v=Wxxi5tnlZg_DM1FaohPmT5bwwGhOAeajOW2fL4qRGMY HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493610ab70b4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML45CJ51KRV:00000010
x-operationid: 6319115b2cb56653eff62c2d7ea6f28c
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE0i1w%2FbOjzgRFBO6vPVI2qkp4qWrjYxIKFiPBSyOB3%2B414QvFBOeh%2BXgIeHfeWauLqPYO56ZGq0HsMnCqmqNHU508%2FJXq%2Fu5iysSlPv0Iq2NTX0fzuZCTHYLS6uVqURjSHPT9KWGBB4qR7N9ZV%2BP1TYpHLVqAFWdcDx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 6b85738312512207129070dc20ab6ac5
45b03169c485eef8d45964f156ab639aeffbc072
83335e69bc603e925d2c771e1a4373be3b3952768553540598e2e529c50e57d4
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/promotionbanner/promotion-banner.css?v=DBqJarHDlOSMJfge26OcKG6xA6DWvtYgMA-xQGaxE5o HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493610afe50b55-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOLFSBCA:00000088
x-operationid: 8cb821a4b263322fd82760e066e96be4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gViloxFcf0yU6wHM5wqqMeijQ%2BblldG6o%2FLa7MgPSyT78W%2Fo3H%2BF5Tx8tyLmXA3Y27IviEa3qsU36gU0W%2FEKjJ7S3SEhg3GPyEWaE%2Flu%2BBX%2B4Va9uUkbbCnYrcn8OJkYd0ntGv08h1cGLKJI8Wf0xMyuHJMw%2F2oxJ7Y"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 253e23f24d73b00d0b1f7299a743a578
37492e840978ed6779acc024cdf09ff8f7c49959
1108f04c7bcc130eb15f17228a41f03c5bac2df27973253848486f330e40bd0b
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/SearchBox/search-box.css?v=bybwzGBajHicVXspVs540UfV0swW0vCbOmBjBryj9N4 HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493610bc91b4ee-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:00000032
x-operationid: 49488de402c824d603e3f412cd7a6d65
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BXm4WuPgMvW%2BNhzRarf7I4xOQhMyQUUG%2B1IeL9pAJOvea%2FAbRD1xFWGrdkDbInMS0byA8WDVXa322AkaO4mTFlm6RN5j6%2BRKCJRO46460MtIyoIclfZSPJlGyORRSEUXq50LVbhRFLeREq0qmYqKGb0K8X32Q4JILvf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash d90330dc02f3aa97e4edb430c551af08
23ddca5c2011071180a7836f6b80588b81dac55b
1218f93d0e45140294540ce85063fef62255e7596960e3eac0984e3cdc4056d2
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /css/feedback/feedback.css?v=O5RN1PkkM70yJ1hMirz0oLl4x6erVdeAAVT709pcVKM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936112b88fac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:58 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOLFSBCA:0000008A
x-operationid: 9acaac7f2fcf86faa95ba242eaec01e3
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbAKoSNWgHbUW%2FTBZ8avq%2F%2Bi5Xoy1JvpTYB3JvzuP6CSeIUOJOh6Z7A75iAzEzeA20uEaebW8ioXXKrvGHFwB4iCOIkh8NxUAwc0n6eFAD6jOZNMuks4x7ifIcQgnxVozwp4VChSbWTQw7VoWpZadM1QX4JlAyGXJUgR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158100&w=0
20.189.173.4403 No events are from an allowed domain. 76 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158100&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash f1d18051ddb4072a8a420ef1f97581f6
8aeda22f00c1db9f1b1afb40cef54c80764c457b
99eadf44b55b17ffd4aa953e9d2f504c55c6fb3b0b234979cb04c58fc280127c
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158100&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 16700
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 76
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:45:58 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158577&time-delta-to-apply-millis=use-collector-delta&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158577&time-delta-to-apply-millis=use-collector-delta&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158577&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:45:58 GMT
fe3.microsoft-outlook-update.workers.dev/images/Mail-GrayScale.png
188.114.96.1200 OK 44 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Mail-GrayScale.png
IP 188.114.96.1:0
Hash 8e6e4a1c1a7e51ff409e26bb8de0cd8a
898fbc12d9afb1cef9e8a30b4a06efdc99e5a02b
15decee4fadf428f6d4211ef34897707274166dd9240c9ed34f5992cf550bc19
Analyzer Verdict Alert openphish Office365
GET /images/Mail-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936067f5a1c16-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:00000026
x-operationid: 40889243df6f5c4a3011841115dd4a97
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LedZ%2BNuCJ3oluFqEpbvAyj4Vpcw0jrBlEffkISYdlbYNbMPBjViF8YbRN5CkugvCtIEdTf49E9e2mQht74NlbDCM%2F%2BDiknQnL8YThkXa3dq7LpQOfSc3CAWEJHDcepbEgInc4lNNCK3XI5HFhfXBzZTIdO0SzGb%2Ba%2BqZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash f91bc38b1353c95357b65eb63e46d319
76a4a8be69d2eaaa7738bc0428312544680caf16
b0db7ff27f307f4e026a6890c17d805babaf9c6a0770ed640765515094bae0e6
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /lib/ucs/dist/ucsCreativeService.js?v=sb92LgKigd-qUDqSv-2J4E8fbm2o96b0-agJi310ilM HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493611fab5b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:59 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOLFSBCA:0000008B
x-operationid: 0da8c072dcc6524557df875e0fba83a9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wC0LtLrlkbGJZnqSC8c7MPSEJAA%2Ft8Ag%2FFkUu9kMI76Pt0nUSyDHoEX0zZZ9LitEby8I17pff6Xpk5EVFXjUCna7wZnWDMuMLtmf3thbwSgPJIBaluphhsukSGtaXW2XajrX7qaGVLAKkImKbS%2BnuZfaoTGUz4vy8uDq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash f4f3733ed96c56b8b7e592b05f462b17
d42a165f075b8bffc825d4c940978f35fe20a177
600bf651b4085f6ae2ec8428eb90cf6c95de5ae7f71e950aae6946d78c38a5fd
GET /js/SearchBox.Main.min.js?v=QBTsF0Ea-jZkRR207QsokZ8zKxNSIdqFoDB78h0lRLY HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936124c88b4eb-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:59 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7G7:00000017
x-operationid: 14ecd39bb3338ee56800bfbe98861e18
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gjWTIEjEnPcwx829Cc0C8JJjii95KwtkE8GAaJhAUeicmJVOB7oljKwTj8xYx50Y3ToG1tJCXaYTx%2BEOhCOADDifwBR09Y1yJBLRFySEXC9Jpk76WaxJRrqUGYXPcLaLKyO4usX9pAuHhnFcWK%2Fqv%2B6eUS6qr7v%2BMTl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/images/Facebook-GrayScale.png
188.114.96.1200 OK 45 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Facebook-GrayScale.png
IP 188.114.96.1:0
Hash 4ea1cbc1b75a19d3c3c490d9338eda6b
37e5d4317e4e36260d1a93a70936d63a6ae6ad1c
8bfdc917601ce28f3aba208aa1fa077b14a03beba305cc696103889320c18563
Analyzer Verdict Alert openphish Office365
GET /images/Facebook-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 754936063d3bb4f4-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000009
x-operationid: b965c09052412292547f9830b758a357
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os%2BGQKY2JiZ11mg3dAqI2JWEWHNX0NigRNwn%2FXrDmdZS0p5MALPjBzjRDVtsRut54B85yMnPUcim%2B35kuwE5fJqvh3m2KgroMLhO3ZtRD3Afrgi7%2F2Q5qsQ8gBPaMCD0RVSab5dMb5zaxwArTOLQ3uxMPaw0wkDTTy5v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/PromotionBanner.Main.min.js?v=lPxxwt8ZKzDFNYuSNvRbC24S24EImVPnl-WkYX8w3n4
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/PromotionBanner.Main.min.js?v=lPxxwt8ZKzDFNYuSNvRbC24S24EImVPnl-WkYX8w3n4
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash cd886f4c3f4d68f5bf27ccde9d54899d
9a4ada4adf95f794b2bf87216b113d5d2c023cb0
9219fa17b01cadb7d84b3ce7762a9906e14f030402b1e7fb3ed3f363cc2671c1
GET /js/PromotionBanner.Main.min.js?v=lPxxwt8ZKzDFNYuSNvRbC24S24EImVPnl-WkYX8w3n4 HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493612bc11fac0-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:59 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML45CJ51KRV:00000015
x-operationid: 3806291651cf4f707257046efa46c447
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1d8T%2BLDRzYnbfnxsfgX3dtzuP0dIWHgKg%2Bkzrs4eAA1VpCU6aRA52aMylJbWRL9ajYlddIyQgC6xPRTDFiDDWq4CDcEwai9luEfMzxp50w%2FJ5M%2BVPrsLOO805XGtkr6E%2BK%2Bc8WWl9SSsTwWrl461zlfevwOdSVqoLMp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158577&time-delta-to-apply-millis=use-collector-delta&w=0
20.189.173.4403 No events are from an allowed domain. 57 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158577&time-delta-to-apply-millis=use-collector-delta&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 579ca008efd6b47440e2e963c054f869
b6158b981b9db9e94e299050b512f8509a33c552
007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837158577&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 2199
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 57
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:45:58 GMT
fe3.microsoft-outlook-update.workers.dev/images/Mail-GrayScale.png
188.114.96.1200 OK 29 kB URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Mail-GrayScale.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1910), with CRLF, LF line terminators
Hash 9a054b2f8496acd89f6461e9a07ee54d
1af3444776bf8294230d269a65d69749fbfad24d
c2a762276140a2a93ad83e45e3e6245b4b383fc9c8dbe47389b59f4fe90c662e
Analyzer Verdict Alert openphish Office365
GET /images/Mail-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493613fef8b4ee-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:59 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:0000001F
x-operationid: 9eb183dfba7fe6e4becb2b8691f2039b
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5DFnORnyIh70eCoVO8SlR04sREgoMJcAl%2FXcOy55YRrXXliNfMhILOWFNVBa7wD%2FCbP1CXSUe6LpjcpMOYQkrqODWzoVov3tG3n%2BgdMeGwuZUxurII%2FlN313lxDW6qX9Diom7QGtPtc3nYH3rtQhS3mVr7LUPDBHFyf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meCore.min.js
13.107.219.53200 OK 16 kB URL HTTP/2 mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meCore.min.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (35361), with CRLF, LF line terminators
Hash 7542b691dae180b943c4335a6392b3ac
0671469adb27aa95f2fe3f6d691a9718c375e993
ecac6ceb81609d619a3db9021b0228ccad6abe453db7e205887e3a1ee53d3c1d
GET /scripts/me/MeControl/10.22228.4/en-US/meCore.min.js HTTP/1.1
Host: mem.gfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Thu, 22 Sep 2022 21:09:36 GMT
etag: "1d8cf024ad9ce07"
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0GCQ7YwAAAACaMW9Z/S3kTp+53hA2HxctRlJBMjMxMDUwNDE3MDQ5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref: 0J2Y7YwAAAADyVbcSL+P1TpwH3c8cRUMdT1NMMjMxMDUwMjA0MDI3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date: Mon, 03 Oct 2022 22:45:59 GMT
X-Firefox-Spdy: h2
login.microsoftonline.com/savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7e36e733-0167-4d03-86c2-b1cc9467115e&partnerId=smcconvergence&idpflag=proxy
20.190.159.74200 OK 1.3 kB URL HTTP/1.1 login.microsoftonline.com/savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7e36e733-0167-4d03-86c2-b1cc9467115e&partnerId=smcconvergence&idpflag=proxy
IP 20.190.159.74:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7d366bfa7c9b7951156ee8aba87da979
37591dff2710f5dc1fa49930c6243a64959d85c3
3211675897496be86ecb797bb8a5423f756caec84aef713cd4e794f808b8e2d8
GET /savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7e36e733-0167-4d03-86c2-b1cc9467115e&partnerId=smcconvergence&idpflag=proxy HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: bc173363-8ff3-4633-bc5d-356bd1430000
x-ms-ests-server: 2.1.13777.6 - NEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: fpc=AniZyUGVp-1MvOnwLxNkONQ; expires=Wed, 02-Nov-2022 22:45:59 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrTWgpiFDAnX5KO4syz5N-J7Lky2SQFCWpq78JGOPnGmNQFlYceJuFxmRA_Sj6lvl9vEi7_wwsoNtqc8ItktjYcJIvrvi0ODwu6Lkacwd8wy-3lIKeVg5TFFDYfWhosvVjgZOidy1u7q9C4CZpLu_FQDDibDnwe5PtQx9qEQeRRLG9j0SIVthnThrZo6Ue8KEeVd-RfPtRrn07ZHafcPGdE2NTzZA8K5z5icEmhYxYcVUgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Mon, 03 Oct 2022 22:45:58 GMT
Content-Length: 1305
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.ClientError%27&time=%272022-10-03T22%3A45%3A59.101Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.10%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*errorName=%27MeControlError%3A%3AIframes%20can%20only%20be%20opened%20on%20pages%20that%20are%20HTTPS%20secured%27&*errorMessage=%27A%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A4105%5CnPt%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A25129%5CnLe%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A11739%5CnMe%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A10645%5CnPt%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A24970%5CnFt%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A24544%5CnWe%2F%3C%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A38005%5CnNe%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A34865%5Cn%27&*errorType=%27UnhandledPromiseRejection%27&*errorInfo=%27%7B%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27&*severity=2&*wasDisplayed=false&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.ClientError%27&time=%272022-10-03T22%3A45%3A59.101Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.10%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*errorName=%27MeControlError%3A%3AIframes%20can%20only%20be%20opened%20on%20pages%20that%20are%20HTTPS%20secured%27&*errorMessage=%27A%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A4105%5CnPt%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A25129%5CnLe%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A11739%5CnMe%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A10645%5CnPt%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A24970%5CnFt%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A24544%5CnWe%2F%3C%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A38005%5CnNe%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A34865%5Cn%27&*errorType=%27UnhandledPromiseRejection%27&*errorInfo=%27%7B%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27&*severity=2&*wasDisplayed=false&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.ClientError%27&time=%272022-10-03T22%3A45%3A59.101Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.10%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*errorName=%27MeControlError%3A%3AIframes%20can%20only%20be%20opened%20on%20pages%20that%20are%20HTTPS%20secured%27&*errorMessage=%27A%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A4105%5CnPt%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A25129%5CnLe%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A11739%5CnMe%40https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3DSMCConvergence%26market%3Den-us%26uhf%3D1%3A1%3A10645%5CnPt%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A24970%5CnFt%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A24544%5CnWe%2F%3C%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A38005%5CnNe%2F%3C%40https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%3A1%3A34865%5Cn%27&*errorType=%27UnhandledPromiseRejection%27&*errorInfo=%27%7B%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27&*severity=2&*wasDisplayed=false&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: g0+3VeNZe0mvvmPlaWqNRg.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=eeddd69eaba744ca937fd8e5d5552e3e&HASH=eedd&LV=202210&V=4&LU=1664837159403;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:59 GMT;Path=/;Secure;SameSite=None
MS0=aff4d3a9b5e64eee99e97931578b4a38;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:59 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:58 GMT
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A59.099Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.9%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Get%20Cached%20Info%27&*action=%27%27&*previousAction=%27START%27&*success=true&*durationMs=0&*details=%27%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A59.099Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.9%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Get%20Cached%20Info%27&*action=%27%27&*previousAction=%27START%27&*success=true&*durationMs=0&*details=%27%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-10-03T22%3A45%3A59.099Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.9%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27smcconvergence%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Get%20Cached%20Info%27&*action=%27%27&*previousAction=%27START%27&*success=true&*durationMs=0&*details=%27%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: 9m0ECWxAR0a9ZIXwtEZ8aQ.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=261e25a620dc4d8abe6f5ca03e756b15&HASH=261e&LV=202210&V=4&LU=1664837159414;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:59 GMT;Path=/;Secure;SameSite=None
MS0=8f1018d9961342be8a7e426eee860379;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:59 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:59 GMT
web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A59.157Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.11%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=12&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A111%2C%22perfDuration%22%3A12%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27
104.43.200.36200 OK 43 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A59.157Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.11%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=12&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A111%2C%22perfDuration%22%3A12%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-10-03T22%3A45%3A59.157Z%27&appId=%27JS%3AMeControl%27&cV=%27%2FWYU6FSICrN%2FDSAx.11%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27fe3.microsoft-outlook-update.workers.dev%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=12&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%2710ff8cde-7888-4a21-51bf-1b65e5c6d942%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A111%2C%22perfDuration%22%3A12%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22smcconvergence%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22smcconvergence%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics.mectrl-3.2.6.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F%22%2C%22accts%22%3A%220-0%22%7D%27 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: 0
MS-CV: YsHiSTQkr0mBCbUvq96ZlA.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=2934b11fc8fd4fe18f4e227542c7cf31&HASH=2934&LV=202210&V=4&LU=1664837159468;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:45:59 GMT;Path=/;Secure;SameSite=None
MS0=f1ef1dd13e034cc7bfa1b9d1c1d6f18d;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:15:59 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Mon, 03 Oct 2022 22:45:59 GMT
mem.gfx.ms/me/mecache?partner=smcconvergence&wreply=http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F
13.107.219.53200 OK 3.5 kB URL HTTP/2 mem.gfx.ms/me/mecache?partner=smcconvergence&wreply=http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d5196355e5ffdc0234b138d6f5b3bc95
b118628446ae0863a049896b9739f4db3ed4a2ae
960f032a4ae7e93ec87eb6fa0d89d34d8b9b2880b352e224ab4911b09cf6979c
GET /me/mecache?partner=smcconvergence&wreply=http%3A%2F%2Ffe3.microsoft-outlook-update.workers.dev%2F HTTP/1.1
Host: mem.gfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 3486
content-type: text/html; charset=utf-8
set-cookie: MS-CV=OF5GvY/tG029+DxJ.0; expires=Mon, 03-Oct-2022 23:15:59 GMT; path=/; secure
x-cache: PRIVATE_NOSTORE
x-content-type-options: nosniff
x-frame-options: allow-from http://fe3.microsoft-outlook-update.workers.dev
content-security-policy: frame-ancestors http://fe3.microsoft-outlook-update.workers.dev;
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0J2Y7YwAAAAA6KLLOUKRDTKGnKKpDsIc4RlJBMjMxMDUwNDE4MDUxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref: 0J2Y7YwAAAABGPHIghgK7RZhA7dgHkOvjT1NMMjMxMDUwMjA0MDQ1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date: Mon, 03 Oct 2022 22:45:58 GMT
X-Firefox-Spdy: h2
login.live.com/Me.srf?wa=wsignin1.0&idpflag=indirect&id=12&wreply=https%3a%2f%2flogin.microsoftonline.com&owreply=https%3a%2f%2fsupport.microsoft.com%2fsignin-oidc
40.126.32.69200 OK 4.8 kB URL HTTP/1.1 login.live.com/Me.srf?wa=wsignin1.0&idpflag=indirect&id=12&wreply=https%3a%2f%2flogin.microsoftonline.com&owreply=https%3a%2f%2fsupport.microsoft.com%2fsignin-oidc
IP 40.126.32.69:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10683)
Hash 41bb6d336951a98a948e08a91a96826b
945e7dc974854b5f65eb5dd4cae281a711d36f2d
c5f48454ab16c2af5a72843c50d76df281a5afe5395fb0ccc1cf0450f21ce673
GET /Me.srf?wa=wsignin1.0&idpflag=indirect&id=12&wreply=https%3a%2f%2flogin.microsoftonline.com&owreply=https%3a%2f%2fsupport.microsoft.com%2fsignin-oidc HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 22:44:59 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-DNS-Prefetch-Control: on
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 3ded07b3-8ed1-49b2-88a4-9df39dd7b51d
PPServer: PPV: 30 H: BL02PF93C3BE18A V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=ad9db9fec82f4421ad0a5c8c5b1983e2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=12<=1664837159&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Length: 4822
logincdn.msauth.net/16.000/content/js/MeControl_Y-iUdrBOJz49KZVkG49w1Q2.js
192.229.221.185200 OK 6.0 kB URL HTTP/2 logincdn.msauth.net/16.000/content/js/MeControl_Y-iUdrBOJz49KZVkG49w1Q2.js
IP 192.229.221.185:0
File type ASCII text, with very long lines (17261), with no line terminators
Hash 5cebe381a9945cd4d1e8cd86c7c85aee
f4772f3cc1887b130dbab7f0f4aa67d9f27083c1
4755a16fcadab4126e56cc0b02a4cecd7bbf455ca123de4396d63bf09c4f83a4
GET /16.000/content/js/MeControl_Y-iUdrBOJz49KZVkG49w1Q2.js HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.live.com/
Origin: https://login.live.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3297705
cache-control: public, max-age=31536000
content-md5: XOvjgamUXNTR6M2Gx8ha7g==
content-type: application/x-javascript
date: Mon, 03 Oct 2022 22:45:59 GMT
etag: 0x8DA85E85B8714BC
last-modified: Wed, 24 Aug 2022 15:50:24 GMT
server: ECAcc (ska/F745)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: bb688519-a01e-005f-137b-b9a2ec000000
x-ms-version: 2009-09-19
content-length: 6043
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159583&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159583&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159583&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:45:59 GMT
web.vortex.data.microsoft.com/collect/v1
104.43.200.36200 OK 57 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash a97e1042c453127c32fbe0e51e49acc1
3ff2f2b7764174758c4efafd5d7644c84e671516
3a27830f17ab042ffde9701f02c4f7a059d4058a68369d5395ccba692a2a56b5
POST /collect/v1 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4299
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 57
Content-Type: application/json
Expires: 0
MS-CV: UKNhWB5BTES5jrdb1sMCmA.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=997b5cf2ede445e28db12317214c363e&HASH=997b&LV=202210&V=4&LU=1664837160063;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:46:00 GMT;Path=/;Secure;SameSite=None
MS0=558a1a02c08b4489af03de50d4ece3e4;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:16:00 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Allow-Credentials: true
Date: Mon, 03 Oct 2022 22:45:59 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159639&time-delta-to-apply-millis=use-collector-delta&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159639&time-delta-to-apply-millis=use-collector-delta&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159639&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:45:59 GMT
web.vortex.data.microsoft.com/collect/v1
104.43.200.36200 OK 57 B URL HTTP/1.1 web.vortex.data.microsoft.com/collect/v1
IP 104.43.200.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash bb1bb0d9910eea16029c353a9428053f
f49e1213ea3f9ce8959609fac0f14ccd724f7135
8d316e9191d40a4b9cc775c0adce0a999873c1935781d1312a5b12ee717c53d4
POST /collect/v1 HTTP/1.1
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1991
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 57
Content-Type: application/json
Expires: 0
MS-CV: OkRhrHoQ6EmkZ2ZJE2L50g.0
X-Content-Type-Options: nosniff
Set-Cookie: MC1=GUID=2348e333de5f4c35892fa5b6bd087f62&HASH=2348&LV=202210&V=4&LU=1664837160220;Domain=.microsoft.com;Expires=Tue, 03 Oct 2023 22:46:00 GMT;Path=/;Secure;SameSite=None
MS0=2337723604ae4dab99f87847cb5e706c;Domain=.microsoft.com;Expires=Mon, 03 Oct 2022 23:16:00 GMT;Path=/;Secure;SameSite=None
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Allow-Credentials: true
Date: Mon, 03 Oct 2022 22:45:59 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159583&w=0
20.189.173.4403 No events are from an allowed domain. 82 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159583&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash f37a94298c9a7afa7282236074f6782e
a1b3f8a41ecd4df8972cf9695b4eaa717de87957
6c0d822d93813d2a3c107c875549aa610a05ba2dcc875541631685497fbc6a2e
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159583&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 21706
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 82
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:45:59 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159639&time-delta-to-apply-millis=use-collector-delta&w=0
20.189.173.4403 No events are from an allowed domain. 59 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159639&time-delta-to-apply-millis=use-collector-delta&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 9f82c897345de7334d3eba60b44f0560
97d928d20a618dd0b726e1bf9e7a5b2a51f4b056
443a90baf04def70862b0823078ec78d01cbb47f65b3982e95022c87e12025c3
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837159639&time-delta-to-apply-millis=use-collector-delta&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 4669
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 59
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:45:59 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160106&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160106&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160106&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:46:00 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160106&w=0
20.189.173.4403 No events are from an allowed domain. 57 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160106&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 579ca008efd6b47440e2e963c054f869
b6158b981b9db9e94e299050b512f8509a33c552
007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160106&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 5661
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 57
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:46:00 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160642&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160642&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160642&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:46:00 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160642&w=0
20.189.173.4403 No events are from an allowed domain. 79 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160642&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 9b8c10502dfc16082c91d57b023e2669
09a8e679905fb1d891d1db2c06ddb3d51a9ca7f9
3eda84b1c3c0bbc73e28d83f15772f8363935946238ddc8e73c80e807c0c4511
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837160642&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 19287
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 79
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:46:00 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837161109&w=0
20.189.173.4200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837161109&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837161109&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Date: Mon, 03 Oct 2022 22:46:01 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837161109&w=0
20.189.173.4403 No events are from an allowed domain. 57 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837161109&w=0
IP 20.189.173.4:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 579ca008efd6b47440e2e963c054f869
b6158b981b9db9e94e299050b512f8509a33c552
007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.6&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1664837161109&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 2030
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 No events are from an allowed domain.
Content-Length: 57
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://fe3.microsoft-outlook-update.workers.dev
Access-Control-Expose-Headers: Collector-Error
Date: Mon, 03 Oct 2022 22:46:01 GMT
fe3.microsoft-outlook-update.workers.dev/images/Linkedin-GrayScale.png
188.114.96.1200 OK 0 B URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Linkedin-GrayScale.png
IP 188.114.96.1:0
Analyzer Verdict Alert openphish Office365
GET /images/Linkedin-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493613ec51b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:59 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:00000039
x-operationid: 2f7b7f500cab266374c717cd4739f952
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmy2uQRU9%2BlFD%2Bh22fS%2BcXITr1AQd99hzVkrqzteWK0ENcpwAX%2B%2BQvazN1d5LMpwwaCkVln%2Bxei8ItMuTlDUpq8PQNgMCEx1PTxjgcthubeb0DnCQE1RgKqg7n%2FIoWkUjwiwLXqI920sVKwrCqLLJ1VGiUa9M44rdZbJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mem.gfx.ms/meversion?partner=SMCConvergence&market=en-us&uhf=1
13.107.219.53200 OK 0 B URL HTTP/2 mem.gfx.ms/meversion?partner=SMCConvergence&market=en-us&uhf=1
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /meversion?partner=SMCConvergence&market=en-us&uhf=1 HTTP/1.1
Host: mem.gfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, no-transform, max-age=43200
content-type: application/javascript
content-encoding: br
expires: Mon, 03 Oct 2022 23:02:02 GMT
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0cEo7YwAAAAAnY1gV5Cm6S4wVhJ8TBCNQRlJBMjMxMDUwNDE4MDIxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref: 0I2Y7YwAAAABnC1/AporKQZTZfx31jsMfT1NMMjMxMDUwMjA0MDQ1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date: Mon, 03 Oct 2022 22:45:54 GMT
X-Firefox-Spdy: h2
fe3.microsoft-outlook-update.workers.dev/images/Facebook-GrayScale.png
188.114.96.1200 OK 0 B URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Facebook-GrayScale.png
IP 188.114.96.1:0
Analyzer Verdict Alert openphish Office365
GET /images/Facebook-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837157575
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75493613e916b500-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:59 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:0000001E
x-operationid: c5cf811a0ff4af3abb0990d8aa22b223
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg7LRIjfhRJiHoynVIYomJVNdZe0%2Fvq2n6PNU8IJKDYLycFvKPVCXrdjGjuze7eD8u5HHZl09%2BYbweygY80aFyof6PDmvHVbK3wQbKfjb4by24Qe0cAjyLRcCM7zULb81%2BaZIVvE%2B9K3qEES4nG5qNTzO%2BBZC063%2BWJy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/images/Linkedin-GrayScale.png
188.114.96.1200 OK 0 B URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/images/Linkedin-GrayScale.png
IP 188.114.96.1:0
Analyzer Verdict Alert openphish Office365
GET /images/Linkedin-GrayScale.png HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360669b3b4f9-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DOHSL7BA:00000025
x-operationid: 93fe28c2f4b4a78666111279f70129f7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXZVcPNTB8dYz07jb4S6rmGWx%2BTL%2BQmXhg5PjbQ2TAfDd8dNyqfyEMqxeDbtkDXdQAeTioW5Se7B0IrAoUqX63GRyi8wASahur39JR4yoZNtQ0wqOEnh3vzxN0zJ2iYz%2FNerJIOtkHAv6f%2F6RXDWKHVFcqCco8f1AIn%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fe3.microsoft-outlook-update.workers.dev/js/Support.Main.min.js?v=kw-GYTFo_eMrbjFvSByt3nYAKxpKhlUVcUrZERjTX6I
188.114.96.1200 OK 0 B URL HTTP/1.1 fe3.microsoft-outlook-update.workers.dev/js/Support.Main.min.js?v=kw-GYTFo_eMrbjFvSByt3nYAKxpKhlUVcUrZERjTX6I
IP 188.114.96.1:0
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /js/Support.Main.min.js?v=kw-GYTFo_eMrbjFvSByt3nYAKxpKhlUVcUrZERjTX6I HTTP/1.1
Host: fe3.microsoft-outlook-update.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/en-us/authentication/silentsignin?ru=%2Fen-us%2Fsilentsigninhandler
Cookie: MicrosoftApplicationsTelemetryDeviceId=4c59cb3e-355c-4b53-a657-f03314bd95ff; ai_session=YxJQJtrRbrtiRO2cBjl0ZQ|1664837156055|1664837156055
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 22:45:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7549360c086d1c12-OSL
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 03 Oct 2022 22:45:57 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Critical-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Pragma: no-cache
Request-Context: appId=
x-correlationid: 0HML2DS04KK8J:00000013
x-operationid: 4e21cae2e66b07d0d653de0377ebaf51
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1L%2FXUvbrvsfxsutPTUG2ZwKzeH75aHhlyQlLOmn3XkidmMpobRKUrKMcMabZ38DKSDQILhotrmcVOJ5XqAq97KkMu8DFkICC9Iyw%2FtujJoDKEwkHlCBcinAgHKcXsgnvyoz4oI8PwGZhsaqXVIYgfa%2FQ07pKSrHO%2Bcg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.monitor.azure.com/scripts/c/ms.analytics-web-3.1.6.min.js
13.107.219.53200 OK 0 B URL HTTP/2 js.monitor.azure.com/scripts/c/ms.analytics-web-3.1.6.min.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /scripts/c/ms.analytics-web-3.1.6.min.js HTTP/1.1
Host: js.monitor.azure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000, immutable, no-transform
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: WOBitpMEjvBvuzqs786d1A==
last-modified: Thu, 09 Sep 2021 18:43:36 GMT
etag: 0x8D973C1BBBD2C81
x-cache: TCP_HIT
x-ms-request-id: 2cc5a670-f01e-0033-76f3-d1b7de000000
x-ms-version: 2009-09-19
x-ms-meta-jssdkver: 3.1.6
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0McIzYwAAAABNbjN7CpsMQLwi+RsMz8o3RlJBMjMxMDUwNDE3MDM1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-azure-ref: 0I2Y7YwAAAACBKBuNfvYGQYKfmhI9GjA3T1NMMjMxMDUwMjA0MDQ5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
date: Mon, 03 Oct 2022 22:45:54 GMT
X-Firefox-Spdy: h2
mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meBoot.min.js
13.107.219.53200 OK 0 B URL HTTP/2 mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meBoot.min.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /scripts/me/MeControl/10.22228.4/en-US/meBoot.min.js HTTP/1.1
Host: mem.gfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fe3.microsoft-outlook-update.workers.dev
Connection: keep-alive
Referer: http://fe3.microsoft-outlook-update.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Thu, 22 Sep 2022 21:09:28 GMT
etag: "1d8cf0246114e75"
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0mAY7YwAAAAA3EBQyFVvKTaOHRLzxyxT4RlJBMjMxMDUwNDE4MDI5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref: 0JWY7YwAAAABqHCpaijOuTL3oXoLjNpxDT1NMMjMxMDUwMjA0MDI3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date: Mon, 03 Oct 2022 22:45:56 GMT
X-Firefox-Spdy: h2