firebasestorage.googleapis.com Open in urlscan Pro
2a00:1450:4001:815::200a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.taxsaleresources.com/images.aspx?wqw=yid&wmg=pcbs&txyx=iffv_hadj_&ukui=dzh&TrackerID=4&page=tnuys&redirecturl=https:/...
Effective URL:
https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2F...
Submission: On March 11 via manual (March 11th 2020, 7:31:12 am UTC) from SG

Summary HTTP 77 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 23 domains to perform 77 HTTP transactions. The main IP is 2a00:1450:4001:815::200a, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is firebasestorage.googleapis.com.
TLS certificate: Issued by GTS CA 1O1 on February 12th 2020. Valid for: 3 months.

This is the only time firebasestorage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.227.172.209 67.227.172.209	32244 (LIQUIDWEB) (LIQUIDWEB)
2	52.95.146.112 52.95.146.112	16509 (AMAZON-02) (AMAZON-02)
20	2a02:26f0:6c0... 2a02:26f0:6c00:183::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:6c0... 2a02:26f0:6c00:18d::37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff11	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
2	2a02:26f0:10c... 2a02:26f0:10c:384::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:180::69d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.243.44.116 34.243.44.116	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
2	34.227.153.53 34.227.153.53	14618 (AMAZON-AES) (AMAZON-AES)
1	40.90.22.184 40.90.22.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::2db0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	88.221.61.151 88.221.61.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	23.210.248.45 23.210.248.45	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:10c... 2a02:26f0:10c:38c::35c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	40.126.1.166 40.126.1.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
77	24

1 67.227.172.209 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: web.taxsaleresources.com

www.taxsaleresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.146.112 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:26f0:6c00:183::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:18d::37 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a01:4a0:1338:28::c38a:ff11 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:384::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:180::69d (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

products.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.44.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-44-116.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.153.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-153-53.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.22.184 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::2db0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.61.151 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-61-151.deploy.static.akamaitechnologies.com

query.prod.cms.rt.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.45 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-45.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10c:38c::35c1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.1.166 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	microsoft.com 1 redirects www.microsoft.com web.vortex.data.microsoft.com query.prod.cms.rt.microsoft.com c1.microsoft.com	277 KB
17	akamaized.net img-prod-cms-rt-microsoft-com.akamaized.net	359 KB
4	adobedtm.com assets.adobedtm.com	47 KB
3	microsoftonline-p.com secure.aadcdn.microsoftonline-p.com	2 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com	36 KB
3	gfx.ms mem.gfx.ms	55 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	135 KB
2	cloudflare.com cdnjs.cloudflare.com	14 KB
2	doubleclick.net 2 redirects ad.doubleclick.net	1 KB
2	s-microsoft.com c.s-microsoft.com	63 KB
2	amazonaws.com 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com	215 KB
1	msauth.net aadcdn.msauth.net	278 KB
1	microsoftonline.com login.microsoftonline.com
1	jquery.com code.jquery.com	30 KB
1	bing.com 1 redirects c.bing.com	530 B
1	clicktale.net cdnssl.clicktale.net	14 KB
1	live.com login.live.com
1	googleapis.com firebasestorage.googleapis.com	42 KB
1	google.com adservice.google.com	109 B
1	demdex.net dpm.demdex.net	879 B
1	office.com products.office.com	924 B
1	taxsaleresources.com 1 redirects www.taxsaleresources.com	566 B
0	Failed function sub() { [native code] }. Failed
77	23

	Domain	Requested by
20	www.microsoft.com	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
17	img-prod-cms-rt-microsoft-com.akamaized.net	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
7	web.vortex.data.microsoft.com	www.microsoft.com
4	assets.adobedtm.com	query.prod.cms.rt.microsoft.com assets.adobedtm.com
3	secure.aadcdn.microsoftonline-p.com	firebasestorage.googleapis.com
3	mem.gfx.ms	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com mem.gfx.ms
2	cdnjs.cloudflare.com	firebasestorage.googleapis.com
2	maxcdn.bootstrapcdn.com	firebasestorage.googleapis.com
2	c1.microsoft.com	1 redirects
2	errors.client.optimizely.com	cdn.optimizely.com
2	ad.doubleclick.net	2 redirects
2	c.s-microsoft.com	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
2	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com	www.microsoft.com
1	aadcdn.msauth.net	firebasestorage.googleapis.com
1	login.microsoftonline.com	firebasestorage.googleapis.com
1	code.jquery.com	firebasestorage.googleapis.com
1	stackpath.bootstrapcdn.com	firebasestorage.googleapis.com
1	c.bing.com	1 redirects
1	query.prod.cms.rt.microsoft.com	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
1	cdnssl.clicktale.net	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
1	login.live.com	mem.gfx.ms
1	firebasestorage.googleapis.com	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
1	adservice.google.com	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
1	dpm.demdex.net	www.microsoft.com
1	products.office.com	www.microsoft.com
1	cdn.optimizely.com	4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
1	www.taxsaleresources.com	1 redirects
0	truncated Failed	firebasestorage.googleapis.com
77	28

This site contains links to these domains. Also see Links.

Domain
bit.do
huffingtonpost.com

Subject Issuer	Validity	Valid
*.s3.ca-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-13` - `2020-07-10`	8 months	crt.sh
www.microsoft.com Microsoft IT TLS CA 5	`2019-10-21` - `2021-10-21`	2 years	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
mem.gfx.ms Microsoft IT TLS CA 2	`2020-01-06` - `2022-01-06`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
*.vortex.data.microsoft.com Microsoft IT TLS CA 4	`2020-01-21` - `2022-01-21`	2 years	crt.sh
i.s-microsoft.com Microsoft IT TLS CA 4	`2020-01-02` - `2022-01-02`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
login.live.com Microsoft IT TLS CA 1	`2019-11-05` - `2021-11-05`	2 years	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2019-10-06` - `2020-11-04`	a year	crt.sh
*.prod.cms.rt.microsoft.com Microsoft IT TLS CA 2	`2019-10-09` - `2021-10-09`	2 years	crt.sh
c.msn.com Microsoft IT TLS CA 4	`2020-02-10` - `2022-02-10`	2 years	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
secure.aadcdn.microsoftonline-p.com Microsoft IT TLS CA 4	`2019-07-17` - `2021-07-17`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
stamp2.login.microsoftonline.com Microsoft IT TLS CA 1	`2018-09-24` - `2020-09-24`	2 years	crt.sh
aadcdn.msauth.net Microsoft IT TLS CA 4	`2018-11-07` - `2020-11-07`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Frame ID: FCA2A73AA1E853DFC65F89B8EA8AE03A
Requests: 78 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2F4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com&uaid=7d8751ba-f3ef-445c-733b-827ac88181e9&partnerId=officeproducts
Frame ID: 61343A4BD70BCEB2E0B331710176F3C7
Requests: 1 HTTP requests in this frame

Frame: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: 4886CA4E5EE9A49206FC48B8FC38F06C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.taxsaleresources.com/images.aspx?wqw=yid&wmg=pcbs&txyx=iffv_hadj_&ukui=dzh&TrackerID=4&page=tnuys... HTTP 302
https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjG... Page URL
https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4p... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

77
Requests

100 %
HTTPS

58 %
IPv6

23
Domains

28
Subdomains

24
IPs

6
Countries

1568 kB
Transfer

3541 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://bit.do/eUyR4
Title: No

Search URL Search Domain Scan URL

URL: https://huffingtonpost.com/
Title: FоCBKZJSxAlLEkDMUVPgtRrgCBKZJSxAlLEkDMUVPgtRеt РаCBKZJSxAlLEkDMUVPgtRsswCBKZJSxAlLEkDMUVPgtRоrd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.taxsaleresources.com/images.aspx?wqw=yid&wmg=pcbs&txyx=iffv_hadj_&ukui=dzh&TrackerID=4&page=tnuys&redirecturl=https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm%3Fczwh%3Dnksg%26BoROAP1Uf9Ril4MKJXZ5%3Dafoltz@msts.com%26vests%3Ddys HTTP 302
https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys Page URL
https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.taxsaleresources.com/images.aspx?wqw=yid&wmg=pcbs&txyx=iffv_hadj_&ukui=dzh&TrackerID=4&page=tnuys&redirecturl=https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm%3Fczwh%3Dnksg%26BoROAP1Uf9Ril4MKJXZ5%3Dafoltz@msts.com%26vests%3Ddys HTTP 302
https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys

Request Chain 45

https://ad.doubleclick.net/ddm/activity/src=6952136;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 57

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=32C0EDE338CC42D9BA3AE50228F85C67&RedC=c1.microsoft.com&MXFR=12578A0DECAC65E41F1E8487E8AC633D HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=32C0EDE338CC42D9BA3AE50228F85C67&MUID=3CB17DC826A866831D417342271D67CA

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

rNfu93Cbpb9P0Xpv2VZs.htm Show response
4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/
Redirect Chain

http://www.taxsaleresources.com/images.aspx?wqw=yid&wmg=pcbs&txyx=iffv_hadj_&ukui=dzh&TrackerID=4&page=tnuys&redirecturl=https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.c...
https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&B...

214 KB
214 KB

509ms
145ms

Document
text/html

52.95.146.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.146.112 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ed5722f1f22c340283895d44dbc7b965a41904eedd2c43d17fcaecf29bfdcb3

Request headers

Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-id-2: dfAIL+TzJJ7XHnDjR97x1dbWS+pbYtdAcvyz9ybPXMj59wrRokhllC8QHySRDj00k5YVtTGVWLw=
x-amz-request-id: 890F5C5732AA5DD3
Date: Wed, 11 Mar 2020 07:30:55 GMT
Last-Modified: Tue, 10 Mar 2020 19:00:05 GMT
ETag: "804a4ac24471b69679c506ab625603ea"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 218870
Server: AmazonS3

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=ngu4i3dacqsmdhyaaxtjer45; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 11 Mar 2020 07:30:53 GMT
Content-Length: 367

GET
H2 200 mwfmdl2-v3.54.woff2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 22 KB
23 KB 31ms
15ms Font
application/font-woff2 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2

Requested by

Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id: dcb8d4f2fd0ea24ca4539c6256471133
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: ee3511de-2548-4a38-92d5-29727291c005
tls_version: tls1.2
ms-cv: ltbE0QDv8EWjoxoM.0
content-length: 22904
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 09:23:43 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-10-26T07:31:04.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=20224426
x-appversion: 1.0.7237.42332
expires: Sat, 31 Oct 2020 09:24:40 GMT

GET
H2 200 social
www.microsoft.com/mwf/css/MWF_20200206_21242490/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hype... 373 KB
40 KB 47ms
25ms Stylesheet
text/css 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/css/MWF_20200206_21242490/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

1376a3de93b6c6565a024295b7da06adc5db00552615f4bfec7925c6b3454c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

ms-operation-id: afc1cdad6897f244a0afcba283d2ef63
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-rtag: RT
x-s2: 2020-02-11T22:43:45
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 20ce5d60-76bd-43ad-8d83-e2a41926cdf9
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: bwV0mT2bCkicNRoB.0
content-length: 40341
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Feb 2020 22:43:44 GMT
x-az: {did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 0, sn: mwf-eus-prod, dt: 2020-01-24T23:35:26.8727332Z, bt: 2020-01-17T22:45:44.0000000Z}
x-s1: 2020-02-11T22:43:44
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=29085108
timing-allow-origin: *
x-appversion: 1.0.7321.40972
expires: Wed, 10 Feb 2021 22:42:42 GMT

GET
H2 200 c0-379397
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/POC-OneDrive/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/2a-d9be59/23-b642cf/55-433b8d/18-7c84ff/d5-09a489/46-8... 188 KB
25 KB 80ms
58ms Stylesheet
text/css 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/POC-OneDrive/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/2a-d9be59/23-b642cf/55-433b8d/18-7c84ff/d5-09a489/46-853691/bf-66bfa7/d1-67d3ab/34-0f6cab/ec-47e157/99-45654e/2b-d7fab6/6c-8bb51b/de-90ff10/bf-60f63e/51-40faf7/81-8ca29e/c0-379397?ver=2.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

cde6beb27bd473afab57bd95b916ec881506efca1f5bbb7f544965ec3e3692b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

ms-operation-id: 24e8e7046b241f4691fe340596f1778a
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2020-03-02T21:01:37
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: c8c96d85-ee64-49e6-ad7d-28384ced1469
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: sJRnD6iBAka+tPvU.0
vary: Accept-Encoding
content-length: 24699
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 21:01:37 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2020-02-20T07:54:46.0000000Z}
x-s1: 2020-03-02T21:01:37
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30807192
timing-allow-origin: *
x-appversion: 1.0.7354.43043
expires: Tue, 02 Mar 2021 21:04:06 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/46c44584/coreui.statics/externalscripts/jquery/ 85 KB
30 KB 15ms
14ms Script
application/javascript 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/46c44584/coreui.statics/externalscripts/jquery/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id: 58936198e167c245ab4b4b2cd58272bf
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: d088bec2-7921-4042-98c6-5b99c396a9f9
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: PdZr/09/l0C93nkg.0
content-length: 30358
x-xss-protection: 1
last-modified: Tue, 14 May 2019 18:30:19 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-04-27T07:36:54.0000000Z}
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=5482757
x-appversion: 1.0.7055.42507
expires: Wed, 13 May 2020 18:30:11 GMT

GET
H2 200 6203590383.js Show response
cdn.optimizely.com/js/ 553 KB
134 KB 32ms
19ms Script
text/javascript 2a02:26f0:6c00:181::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/6203590383.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad28b65c3054ef0fecf51f4d4f83a04d8c43f8dcb4eb0a28c09a91eb45cf33b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: TyKEiD_UNP58VqUKfXy1zE01jNg6uhR1
content-encoding: gzip
x-amz-request-id: 07FB9B4D18CA01FF
status: 200
access-control-max-age: 86400
date: Wed, 11 Mar 2020 07:30:54 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 136072
x-amz-id-2: oQdH4r84eC9P5EYC503Awm3a0oxnOclixSQK5ysPvCbM8vCYCN36W/DWtRmefRw3SSCf7kij9CY=
last-modified: Tue, 10 Mar 2020 20:52:19 GMT
server: AmazonS3
etag: "0b1083b21e250ad7f858a4ca99f121ab"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
x-amz-meta-revision: 15050
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 at.js Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e7dff113/office.testdrive/externalscripts/adobetarget/ 111 KB
33 KB 20ms
19ms Script
application/javascript 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e7dff113/office.testdrive/externalscripts/adobetarget/at.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

968788fb3ea1c89cf9e18cbd1850acd106754e16e01ac4e87688b8aded23e145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ms-operation-id: 9177786c9e0c454181e1c0f2ef82ce24
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: c5b579ac-bb9b-40a1-ae32-79782526e1d6
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: gSC4QFg770S8XgDj.0
content-length: 33086
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 20:31:19 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2020-02-20T07:54:46.0000000Z}
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30805179
x-appversion: 1.0.7354.43043
expires: Tue, 02 Mar 2021 20:30:33 GMT

GET
H2 200 e3-082b89 Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/2f-63ce8f/2d-7a9063/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/78-4c7d22/e1-c35781/40-7b7803/cd-23d3b0/6d-1e... 106 KB
29 KB 43ms
43ms Script
text/javascript 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/2f-63ce8f/2d-7a9063/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/78-4c7d22/e1-c35781/40-7b7803/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/f8-73a5f2/79-499886/7e-cda2d3/db-f3b1fd/93-283c2d/91-97a04f/1f-100dea/33-abe4df/19-c0fae7/e3-082b89?ver=2.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

c8ca734d8ed9fdd3b5178445020d5896520034f8796f1232c5148ab80479ac2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id: 389328e55effec43b3b6386975359c00
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2020-02-25T21:32:19
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: b621a76e-f5c5-4309-8bcf-f5da4fa6c505
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: a1aI7KCcyEe+MsQz.0
vary: Accept-Encoding
content-length: 28485
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Feb 2020 21:32:19 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2020-02-08T02:01:06.0000000Z}
x-s1: 2020-02-25T21:32:19
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30290420
timing-allow-origin: *
x-appversion: 1.0.7342.32433
expires: Wed, 24 Feb 2021 21:31:14 GMT

GET
H2 200 b3-5ed3d8 Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/ 143 KB
40 KB 65ms
65ms Script
text/javascript 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/b3-5ed3d8?ver=2.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

9871d1febd81765c7d00d926fc93407272bbf25d2ab1613219f642ab644d4a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id: 6289889ac75fab42afd8f127b0bb3c93
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2020-03-02T20:01:24
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 979c75c6-3b51-41c4-ab21-68842235bc07
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: QbBl6wqsDkqbmvoo.0
vary: Accept-Encoding
content-length: 40561
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 20:01:22 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2020-02-20T07:54:46.0000000Z}
x-s1: 2020-03-02T20:01:22
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30803392
timing-allow-origin: *
x-appversion: 1.0.7354.43043
expires: Tue, 02 Mar 2021 20:00:46 GMT

GET
H2 200 1e-fd610f Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/ 65 KB
21 KB 67ms
67ms Script
text/javascript 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

c20b13598cfc3b29774a3909d1ee5927ff2947a6ebfe7064575d3b1738dd7548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id: 947239cd16ef644c936b451cea17ff69
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2020-03-02T20:31:19
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 1a79eb48-642b-4092-9d1d-d93e9c80b534
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: G6nQOHgWsUaFevJ0.0
vary: Accept-Encoding
content-length: 21128
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 20:31:19 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2020-02-20T07:54:46.0000000Z}
x-s1: 2020-03-02T20:31:19
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30805267
timing-allow-origin: *
x-appversion: 1.0.7354.43043
expires: Tue, 02 Mar 2021 20:32:01 GMT

GET
H2 200 social Show response
www.microsoft.com/mwf/js/MWF_20200206_21242490/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/l... 78 KB
21 KB 69ms
69ms Script
application/javascript 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/js/MWF_20200206_21242490/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/pagebehaviors/rating/skiptomain/social?apiVersion=1.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

65967c69a78c125e3a028078fa4ee80391822663ca9763fd5b30d6b995c44619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id: 803b66b97d69314a87b793f9fb5c0c18
date: Wed, 11 Mar 2020 07:30:54 GMT
content-encoding: gzip
vary: Accept-Encoding
x-rtag: RT
x-s2: 2020-02-11T22:43:45
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 7390909a-be3e-4e5e-ba2a-2909740ad45c
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: skQCEWKxV0qxOiqO.0
content-length: 20524
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Feb 2020 22:43:45 GMT
x-az: {did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 3, sn: mwf-eus-prod, dt: 2020-01-24T23:54:04.5407533Z, bt: 2020-01-17T22:45:44.0000000Z}
x-s1: 2020-02-11T22:43:45
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=29085127
timing-allow-origin: *
x-appversion: 1.0.7321.40972
expires: Wed, 10 Feb 2021 22:43:01 GMT

GET
H/1.1 200
OK meversion Show response
mem.gfx.ms/ 26 KB
10 KB 31ms
7ms Script
application/javascript 2a02:26f0:6c00:18d::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

305b10c97d1573bae097a146f5753b9c6f35e78ae8cb1c6a577ba31b8e622437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 11 Mar 2020 07:30:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 11 Mar 2020 09:30:58 GMT
Cache-Control: public, no-transform, max-age=43200
Connection: keep-alive
Content-Length: 9391
X-UA-Compatible: IE=edge

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 29ms
5ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cms-cdninvalkey: am:RE1Mu3b
date: Wed, 11 Mar 2020 07:30:54 GMT
x-source-length: 4054
status: 200
x-activityid: aed20dc6-95d9-4028-8a47-5a82dd244610
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-length: 4054
timing-allow-origin: *
last-modified: Wed, 11 Mar 2020 05:43:23 GMT
x-datacenter: NorthEU
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=425554
x-instance: Resizer.Web_IN_0
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
expires: Mon, 16 Mar 2020 05:43:28 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 29 KB
30 KB 29ms
9ms Font
font/woff2 2a02:26f0:10c:384::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:384::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer: https://www.microsoft.com/mwf/css/MWF_20200206_21242490/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 10 Jan 2020 19:09:42 GMT
access-control-allow-origin: *
etag: "83cce83e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
status: 200
cache-control: public, max-age=454385
accept-ranges: bytes
content-length: 30132
expires: Mon, 16 Mar 2020 13:43:59 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 34ms
17ms Font
font/woff2 2a02:26f0:10c:384::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:384::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://www.microsoft.com/mwf/css/MWF_20200206_21242490/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
access-control-allow-origin: *
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
status: 200
cache-control: public, max-age=415621
accept-ranges: bytes
content-length: 34052
expires: Mon, 16 Mar 2020 02:57:55 GMT

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 281 B
966 B 117ms
30ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272020-03-11T07%3A30%3A54.499Z%27&os=%27MacOS%27&appId=%27JS%3Aproducts.office.com%27&cV=%27Flo%2BTDzCyU%2Bd1sgv.0%27&-ver=%271.0%27&-impressionGuid=%279b552710-d5e9-45a0-9ddf-fbd73d466aa8%27&-pageName=%27onedrive-for-business%27&-uri=%27https%3A%2F%2F4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com%2Fl9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH%2FexVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj%2FrNfu93Cbpb9P0Xpv2VZs.htm%3Fczwh%3Dnksg%26BoROAP1Uf9Ril4MKJXZ5%3Dafoltz%40msts.com%26vests%3Ddys%27&-market=%27en-us%27&-pageType=%27Office.ProductTemplate%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22browserGroup%22%3A%22uplevel.web.pc.webkit.chrome%22%2C%22isTentedPage%22%3Afalse%2C%22tasId%22%3A%22de39487c-a966-4839-899c-73f5f7c2b5a1%22%2C%22tasMuid%22%3A%2224F6EBA1CE4E616A1F2AE5DDCF1560E1%22%2C%22pageVersion%22%3A%220.1%22%2C%22isCachedPage%22%3Afalse%2C%22enabledFeatures%22%3A%22uhf_retailstore2%3A1%2CUhfPb%3A1%2CUhfUsePh%3A1%2CEnableLocaleDetection%3A1%2CUhfSwp%3A1%2Ccore_cookiecompliance_enabled%3A1%2Ccore_akamai_im_enabled%3A1%2Ccoreui_hero_image_resize_90%3A1%2Cuhf_as_iris%3A1%2Ccoreui_makeimagebackgroundtransparent%3A1%2Ccore_BypassJWTValidation%3A1%2CMSADisableForceSignin%3A1%2CIsRtoRuleDisabled%3A1%2CDisableToSkipMarketdetectionforUknownRoutes%3A1%2Cf_video_uselegacyservice%3A1%2Cuhf_magic_triangle%3A1%2CRelevanceOverride%3A1%2CEnableAzureActiveDirectory20%3A1%2CuseRecentDefaultRnR%3A1%2CIsIrisV4Enabled%3A1%2Cf_video_useadaptive%3A1%2Cuhf_st_enabled%3A1%2Cjquery_latest%3A1%2CDisableOneRFSearchRoute%3A1%2CResolveDataProviderByPartnerNameSpace%3A1%2Ccore_disable_extensibility%3A1%2CInvokeLoginAuthorizeAndRedirect%3A1%2CAllowIncludeExclusivityArguments%3A1%2Cuhf_stick_footer_to_bottom%3A1%2CEnableFetchOfKnownDocument%3A1%2Cboomerang_disabled%3A1%2CretailServerFromTenantConfig%3A1%2Cnode_scnr_blob%3A1%2Crushmore_gzip_html%3A1%2CDisableTATToken%3A1%2Cnode_legacy_getactiveprices%3A1%2CowMarketSelectorRedir%3A1%2Cuhf_enable_domain_check%3A1%2Cnode_disable_cors%3A1%2Cuhf_enable_promo_banner%3A1%2Coffice_dynamicmarketredirect%3A1%2Cowturnonauthredirect%3A1%2CUse1PCommonReplyUrl%3A1%2CEnableNonceCookieMiddleware%3A1%2Ccore_readStaticsFromGeoStorage%3A1%2CEnable1PAuthentication%3A1%2Cuhf_enable_generic_promo_banner%3A1%2Cmodule_office-MarketSelector_disabled%3A1%2Ccore_usePageIdAsConornical%3A1%2CdisableOverrideCorsFromLoginDomain%3A1%2Ccore_enablerushmoresitemanager%3A1%22%2C%22pageSubType%22%3A%22RE238gY%22%2C%22canvasType%22%3A%22Web%22%2C%22deviceFamily%22%3Anull%2C%22isOneRf%22%3Atrue%2C%22isCorpNet%22%3Afalse%2C%22dataVersion%22%3A%222%2F7%2F2020%2010%3A57%3A10%20PM%20%2B00%3A00%22%2C%22optimizelyEndUserId%22%3A%22oeu1583721142134r0.41712280000104407%22%2C%22serviceName%22%3A%22marketingsites-prod-odeastus%22%2C%22metaTags%22%3A%7B%7D%2C%22scripts%22%3A%22JQuery%2COptimizely%2CClickTale%2CTealium%2CAdobeTarget%22%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27OneDrive%20for%20Business%20online%20file%20sharing%20and%20cloud%20backup%27&*isLoggedIn=false&*serverImpressionGuid=%27feddceae-1b93-45ae-a17b-51305933bfce%27&ext-app-env=%27onerf_prod%27&ext-app-expId=%27EX%3Asfwaab%2CEX%3A20349050c%2CEX%3A2424t2%2CEX%3A1674t2row2%2CEX%3Atasmigration010%2CEX%3Acartemberpl%2CEX%3Adisablenorefunds%27&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.8%27&ext-javascript-domain=%274crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com%27&ext-javascript-userConsent=false&$mscomCookies=true

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2247b3713a514d2b8f2eac69cd44ed614e83972bf96a2752feae4b6bcb458c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 07:30:54 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: BeMRG2jei0m2xt8rL22nzw.0
Content-Type: application/javascript
Content-Length: 281
Expires: 0

GET
H2 200 RE4n1fX
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 71 KB
72 KB 31ms
30ms Image
image/webp 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4n1fX?ver=3116&q=90&m=2&h=768&w=1024&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 50ac64c8e9ee637f7002a9f6aa5effce81039795d044ec9922683f4a54a65ffd

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 06 Mar 2020 22:04:11 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=52372
content-length: 73100
expires: Wed, 11 Mar 2020 22:03:46 GMT

GET
H2 200 1x1clear.gif
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/9be151e5/coreui.statics/images/ 43 B
630 B 18ms
18ms Image
image/gif 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/9be151e5/coreui.statics/images/1x1clear.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: c8dbac947f4f094883448860400b2f85
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 36c9569a-ca7e-4dd5-925b-94e47eb4da2f
tls_version: tls1.2
ms-cv: bVqjYeoMFU+srF13.0
content-length: 43
x-xss-protection: 1
x-edgeconnect-origin-mex-latency: 49
last-modified: Tue, 04 Jun 2019 06:55:28 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-05-25T06:03:54.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=7255433
x-appversion: 1.0.7083.39717
expires: Wed, 03 Jun 2020 06:54:47 GMT

GET
H2 200 RE4n75Z
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 617 B
784 B 499ms
499ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4n75Z?ver=46db&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 69e893b1984646a78237a1658bf99b814f1cb21ee97c568cffefbcae1b69c181

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:55 GMT
last-modified: Mon, 09 Mar 2020 16:00:38 GMT
server: Akamai Image Server
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: public, private, max-age=900
content-length: 617
expires: Wed, 11 Mar 2020 07:45:55 GMT

GET
H2 200 RE4mYGP
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 300 B
473 B 33ms
33ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4mYGP?ver=3c6b&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e647c6a09d7794a1fb4c8d3b1832b7dcf45bfd23d61427d676a312a8ec71ebe1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Sun, 08 Mar 2020 18:38:22 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=212979
content-length: 300
expires: Fri, 13 Mar 2020 18:40:33 GMT

GET
H2 200 RE4n762
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 550 B
717 B 102ms
102ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4n762?ver=752a&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: ebc7bbadf566f0d4cdc44c49d4e384b6f0b8db95aab6f47f89e05b429d90088a

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 06 Mar 2020 22:04:48 GMT
server: Akamai Image Server
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: public, private, max-age=900
content-length: 550
expires: Wed, 11 Mar 2020 07:45:54 GMT

GET
H2 200 RE2i9Ut
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 865 B
1 KB 51ms
49ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2i9Ut?ver=0203&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 38aae607a02c27e90a8601bfc898fb848c9148f4a02061d5f6607d5c4bf147ef

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 06 Mar 2020 22:04:17 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=52461
content-length: 865
expires: Wed, 11 Mar 2020 22:05:15 GMT

GET
H2 200 RE2i9UC
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 891 B
1 KB 49ms
48ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2i9UC?ver=6b76&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d5d7e3809c33b2db811d4a116c4b96200b21e07904c895405c00f7e53c1a9f55

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
x-check-cacheable: YES
server: Akamai Image Manager
access-control-allow-origin: *
x-serial: 1482
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=208227
last-modified: Sun, 08 Mar 2020 17:22:23 GMT
content-length: 891
expires: Fri, 13 Mar 2020 17:21:21 GMT

GET
H2 200 RE2i9Uz
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 452 B
654 B 68ms
66ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2i9Uz?ver=5cc5&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c1f73277afa7d4cccba3696680870181a8682932c56b6c5b34e7b74f21cbbbf1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
x-check-cacheable: NO
server: Akamai Image Manager
access-control-allow-origin: *
x-serial: 201
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=380744
last-modified: Tue, 10 Mar 2020 17:16:19 GMT
content-length: 452
expires: Sun, 15 Mar 2020 17:16:38 GMT

GET
H2 200 RE2i4F8
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 689 B
892 B 107ms
106ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2i4F8?ver=5ea4&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c6f0277e271d9660603fa0422a98e2aee5a5d3d04ce230c008b14aec7fcc32b4

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
x-check-cacheable: YES
server: Akamai Image Manager
access-control-allow-origin: *
x-serial: 603
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=52322
last-modified: Fri, 06 Mar 2020 22:03:05 GMT
content-length: 689
expires: Wed, 11 Mar 2020 22:02:56 GMT

GET
H2 200 RE2ixdy
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 342 B
516 B 137ms
136ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2ixdy?ver=3d1e&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3701c3ed8391ab19174d60cd5a0426e1457b64f8fa7560989dc1255405835853

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Tue, 10 Mar 2020 12:28:03 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=363544
content-length: 342
expires: Sun, 15 Mar 2020 12:29:58 GMT

GET
H2 200 RE2i9Uw
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 912 B
1 KB 42ms
40ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2i9Uw?ver=5f08&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 23219ea38ba7fbab87025bb95f318198c131a06244f4aab61042bfac17a662d0

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 06 Mar 2020 22:03:53 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=52341
content-length: 912
expires: Wed, 11 Mar 2020 22:03:15 GMT

GET
H2 200 RE2m6No
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 705 B
879 B 57ms
56ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2m6No?ver=b87b&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: eff4888e144b59ed8287a600345f76dd524a5e7ef8c068020367edefd0b8853f

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Tue, 10 Mar 2020 12:27:19 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=363373
content-length: 705
expires: Sun, 15 Mar 2020 12:27:07 GMT

GET
H2 200 RE2mhjg
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 426 B
600 B 56ms
55ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2mhjg?ver=ad8a&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 89e47c18091724d6ba7c22641e633cf74553632e90156b7b1126bfdfc76477fb

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Sat, 07 Mar 2020 19:38:30 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=130098
content-length: 426
expires: Thu, 12 Mar 2020 19:39:12 GMT

GET
H2 200 RE2AfqJ
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 1 KB
1 KB 40ms
38ms Image
image/webp 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2AfqJ?ver=2760&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 2266338eba270a2d50f9633a14052f16e7433cccf3202708805bd2d9a2367308

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 06 Mar 2020 22:03:48 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=52322
content-length: 1110
expires: Wed, 11 Mar 2020 22:02:56 GMT

GET
H2 200 RE2m6OO
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 1 KB
1 KB 33ms
31ms Image
image/webp 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2m6OO?ver=409f&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a72d87a114ea823eb4277ea53b9a261f4eb843c2e1f0dd67bd98956ae9c77d6a

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Fri, 06 Mar 2020 22:06:11 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=52395
content-length: 1248
expires: Wed, 11 Mar 2020 22:04:09 GMT

GET
H2 200 LinkedIn.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/30de2af0/office.testdrive/images/social/ 315 B
875 B 19ms
17ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/30de2af0/office.testdrive/images/social/LinkedIn.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: a93543c95c23b744984d69eedd1e6fc8
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 102bf275-3381-4e6b-b11c-db319df0412d
tls_version: tls1.2
ms-cv: NfWDZ3wRiEKRabSy.0
content-length: 315
x-xss-protection: 1
last-modified: Tue, 14 May 2019 18:23:13 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-04-27T07:36:54.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5482301
x-appversion: 1.0.7055.42507
expires: Wed, 13 May 2020 18:22:35 GMT

GET
H2 200 LinkedIn-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e9682e51/office.testdrive/images/social/ 293 B
852 B 30ms
28ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e9682e51/office.testdrive/images/social/LinkedIn-high-contrast.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

361b6014458b0bb0eeca24f4cbc59f4dd365e7a6813855ea159b7b596af9c772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: 502a1111a8560b4a92112b602065c426
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 5d27981e-7584-40f1-b602-3ffeae0eae7f
tls_version: tls1.2
ms-cv: 48S2oqBAu0OmUHmU.0
content-length: 293
x-xss-protection: 1
last-modified: Thu, 18 Jul 2019 17:57:45 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-07-16T08:22:52.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=11097068
x-appversion: 1.0.7136.686
expires: Fri, 17 Jul 2020 18:02:02 GMT

GET
H2 200 Facebook.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e2b1dcf2/office.testdrive/images/social/ 256 B
816 B 41ms
40ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e2b1dcf2/office.testdrive/images/social/Facebook.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

81dd42197f137d54b0833fb24aab0c9a05ac07bd4aecec3f79ac281bbc46b64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: 4ec719952ae1824c97c7b4669f56f93d
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: fefa7db1-5a26-4e73-8dff-2fe74a7f75f6
tls_version: tls1.2
ms-cv: 7AqVvycgw0ufZZhP.0
content-length: 256
x-xss-protection: 1
last-modified: Tue, 14 May 2019 18:23:13 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-04-27T07:36:54.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5482290
x-appversion: 1.0.7055.42507
expires: Wed, 13 May 2020 18:22:24 GMT

GET
H2 200 Facebook-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/baef1210/office.testdrive/images/social/ 200 B
757 B 52ms
51ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/baef1210/office.testdrive/images/social/Facebook-high-contrast.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

fb9e5c62d9da72c5792b819cc2d4ca8ecb4888a7e6f2d2020214c177f463cb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: 791a0b5880de5340b38f4d61108c89ed
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: f4c3d95b-5719-4c1a-9d7f-bca9c92324e8
tls_version: tls1.2
ms-cv: z4h6Mfw2l0qLjGjh.0
content-length: 200
x-xss-protection: 1
last-modified: Thu, 13 Jun 2019 18:48:19 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-06-08T09:52:20.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=8075753
x-appversion: 1.0.7098.3370
expires: Fri, 12 Jun 2020 18:46:47 GMT

GET
H2 200 Twitter.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/10609c90/office.testdrive/images/social/ 369 B
929 B 65ms
63ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/10609c90/office.testdrive/images/social/Twitter.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: aa1bd637054431429c76c84854e3502b
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: e10a198b-d14b-4bb9-b548-993331d67a4b
tls_version: tls1.2
ms-cv: xo9WhUpp50mndit3.0
content-length: 369
x-xss-protection: 1
last-modified: Sun, 23 Jun 2019 13:33:16 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-06-08T09:52:20.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=8920894
x-appversion: 1.0.7098.3370
expires: Mon, 22 Jun 2020 13:32:28 GMT

GET
H2 200 Twitter-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/6edf9aa7/office.testdrive/images/social/ 382 B
939 B 83ms
81ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/6edf9aa7/office.testdrive/images/social/Twitter-high-contrast.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

b97f1390080d6f405c86af4c00f87e5a2b460da827273c6d6e1d5370aeaef705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: db505063b584d4478d8081ac03838d21
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 9f715e6e-b187-48f4-b358-e972d34383ea
tls_version: tls1.2
ms-cv: PiGv0oX45UOdrTjE.0
content-length: 382
x-xss-protection: 1
last-modified: Thu, 13 Jun 2019 18:48:01 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastasia, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-06-08T09:52:20.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=8075688
x-appversion: 1.0.7098.3370
expires: Fri, 12 Jun 2020 18:45:42 GMT

GET
H2 200 Instagram.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/a9f75165/office.testdrive/images/social/ 410 B
968 B 102ms
101ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/a9f75165/office.testdrive/images/social/Instagram.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

9ede85d6c2139703e1a1dfa94105f6063607bc0f2f53cfb98d30daf90134bc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: 353b48a55fc7b14facddff6c90326ef4
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 3c6b0f0e-a455-4d2b-b962-7a5106b48bce
tls_version: tls1.2
ms-cv: adq/8QM8oUCeXzvi.0
content-length: 410
x-xss-protection: 1
last-modified: Tue, 14 May 2019 18:31:22 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-04-27T07:36:54.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5482781
x-appversion: 1.0.7055.42507
expires: Wed, 13 May 2020 18:30:35 GMT

GET
H2 200 Instagram-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/7a92475b/office.testdrive/images/social/ 304 B
864 B 122ms
120ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/7a92475b/office.testdrive/images/social/Instagram-high-contrast.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

448981cc6e350a9404a41599e3a8f0f6d84302d426c729c8cbf855255aaa9f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: f2b07f55e161f745b30306493f8a436e
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: b4b4dd59-ea5d-4e87-9769-901a43eeb688
tls_version: tls1.2
ms-cv: mytlqwP+uUeZI3hN.0
content-length: 304
x-xss-protection: 1
last-modified: Thu, 13 Jun 2019 19:02:22 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-06-08T09:52:20.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=8076848
x-appversion: 1.0.7098.3370
expires: Fri, 12 Jun 2020 19:05:02 GMT

GET
H2 200 Blog.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/36ff46b6/office.testdrive/images/social/ 1 KB
2 KB 143ms
142ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/36ff46b6/office.testdrive/images/social/Blog.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

207f50299063fbb1f3b17bc02663cc5e8fb3b385e8ea29919d1af13a7baa6247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: 9e329c41bb3d0c428b2a451d7742f15f
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 49906d95-a757-4aff-bc9e-19721754130b
tls_version: tls1.2
ms-cv: 9+CJ7vJvU0quc8RX.0
content-length: 1131
x-xss-protection: 1
last-modified: Tue, 14 May 2019 18:31:22 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-04-27T07:36:54.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5482884
x-appversion: 1.0.7055.42507
expires: Wed, 13 May 2020 18:32:18 GMT

GET
H2 200 Blog-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/fa221510/office.testdrive/images/social/ 266 B
825 B 163ms
161ms Image
image/png 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/fa221510/office.testdrive/images/social/Blog-high-contrast.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

8a56b4d7e088c0a978e014d429d3952584edafa49a6b6ecf3f1e1ef23486b469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

ms-operation-id: aa366a9c5b932e449dfe31469abac69b
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 16cda971-f6d5-4d34-b069-d42b23020ed7
tls_version: tls1.2
ms-cv: 25ZqQGrSp0K3brzW.0
content-length: 266
x-xss-protection: 1
last-modified: Sun, 01 Sep 2019 16:30:45 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2019-08-27T08:00:58.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14979725
x-appversion: 1.0.7178.29
expires: Mon, 31 Aug 2020 16:32:59 GMT

GET
H/1.1 200
OK PMG-PhoneFormatTokenized.xml Show response
products.office.com/en-us/XmlData/ 241 B
924 B 156ms
133ms XHR
text/xml 2a02:26f0:6c00:180::69d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://products.office.com/en-us/XmlData/PMG-PhoneFormatTokenized.xml
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/b3-5ed3d8?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:180::69d , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 7478462a824d8eeb2d08bd618bab694274ac61c0a42a01443f15ff2f61c43267

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Mar 2020 07:30:54 GMT
X-RTag: RTPOC
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.office.com
CorrelationVector: qxlvjjqJqUC9Qpvh.1.0
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Access-Control-Allow-Headers: Content-Type
Content-Length: 241
Expires: -1

GET
H/1.1 403
Forbidden commercial Show response
4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/en-us/api/contactsales/ 243 B
520 B 112ms
111ms XHR
application/xml 52.95.146.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/en-us/api/contactsales/commercial?r=htm&s=onedrive&preview=null
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/b3-5ed3d8?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.146.112 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9edb5c08d0d91e97193b8b301bd1caab0f919b6c0d10187291d78ab23952641

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Date: Wed, 11 Mar 2020 07:30:54 GMT
Server: AmazonS3
x-amz-request-id: 8F774F20363B5546
Transfer-Encoding: chunked
x-amz-id-2: uuIj8+9ES/b/AkZ0tFcSd7kISKBMbmSy8IkAy8q1jQjzZkRgVVhTaNpyn+NgDf/Gh4CwUrSKKZI=
Content-Type: application/xml

GET
H/1.1 200
OK meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.20056.4/en-US/ 132 KB
29 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:18d::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.20056.4/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

7ddde9c325e7854bedabf59c04f3b81bf8539701d4c0e7fdc66624fd1580d78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Feb 2020 09:21:28 GMT
Date: Wed, 11 Mar 2020 07:30:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28828
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 130 B
879 B 177ms
37ms XHR
application/json 34.243.44.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_orgid=A5FF776A5245AF830A490D44@AdobeOrg&d_cid=88170%016675a02e7d45433e9bf614cf56d66d15%010&d_ver=2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.44.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-44-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3f58610f8512b65c15895918b31d86cad4d27137836500fd14482c5bfd9fb580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json; charset=utf-8
Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v062-0a7483da6.edge-irl1.demdex.com 5.65.0.20200212140016 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Error: 2
X-TID: y/BDfToaQ6c=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 130
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6952136;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;or...
https://adservice.google.com/ddm/fls/z/src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
109 B

109ms
108ms

Image
image/gif

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Mar 2020 07:30:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=6952136;dc_pre=CMbkz7vzkegCFcmJdwodwQcFMQ;type=store0;cat=jsll;u58=6675a02e7d45433e9bf614cf56d66d15;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 RE4n1g8
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 212 KB
213 KB 26ms
26ms Image
image/png 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4n1g8?ver=c794&q=90&h=675&w=830&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 5e4ab94cfeba829ca359252183b48f5be665bf22d4f09c30f0d4625de5b50503

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
x-check-cacheable: YES
server: Akamai Image Manager
access-control-allow-origin: *
x-serial: 501
content-type: image/png
status: 200
cache-control: private, no-transform, max-age=125268
last-modified: Sat, 07 Mar 2020 18:19:37 GMT
content-length: 217260
expires: Thu, 12 Mar 2020 18:18:42 GMT

GET
H2 200 RE4ozpj
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 59 KB
59 KB 28ms
28ms Image
image/webp 2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4ozpj?ver=c736&q=90&h=675&w=830&b=%23FFFFFFFF&aim=true
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 789d4c4a492e25d37b2d3e888555c130d89c06711334b8f0759f2353ccb26779

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 07:30:54 GMT
last-modified: Sun, 08 Mar 2020 19:45:00 GMT
server: Akamai Image Manager
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=216855
content-length: 60002
expires: Fri, 13 Mar 2020 19:45:09 GMT

GET
H2 200 Primary Request CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html Show response
firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/ 41 KB
42 KB 1868ms
1844ms Document
text/html 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8dda229c7a40e7c2fe054bf6195592220be02be27d438a225d5f4606cbdb9c4a

Request headers

:method: GET
:authority: firebasestorage.googleapis.com
:scheme: https
:path: /v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys

Response headers

status: 200
x-guploader-uploadid: AEnB2UpstkrYcW7rKN96kaXr4fQMjAjfNglntrNgdm2cfGcm7MAS7ave3I2szrH5qEjSGoKbhR8KFu_alm8cTZ8Cus6ilGjIKw
expires: Wed, 11 Mar 2020 07:30:56 GMT
date: Wed, 11 Mar 2020 07:30:56 GMT
cache-control: private, max-age=0
last-modified: Tue, 10 Mar 2020 18:55:38 GMT
etag: "46324eb1b1716feae2c2e8c5fff62cb7"
x-goog-generation: 1583866538551939
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 42288
x-goog-meta-firebasestoragedownloadtokens: 55a7a421-201d-4b96-81db-edcd28e4ece3
content-type: text/html
content-disposition: inline; filename*=utf-8''tbwyvyutwgLwShFSKNcb.html
x-goog-hash: crc32c=oSfXFg== md5=RjJOsbFxb+riwujF//Ystw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 42288
server: UploadServer
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ 13 B
462 B 401ms
99ms XHR
text/plain 34.227.153.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/6203590383.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Access-Control-Request-Method: POST
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 11 Mar 2020 07:30:55 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 28ms
28ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=true&ext-javascript-msfpc=%27GUID%3D6675a02e7d45433e9bf614cf56d66d15%26HASH%3D6675%26LV%3D202003%26V%3D4%26LU%3D1583911854598%27
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 53ms
27ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=true&ext-javascript-msfpc=%27GUID%3D6675a02e7d45433e9bf614cf56d66d15%26HASH%3D6675%26LV%3D202003%26V%3D4%26LU%3D1583911854598%27
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

GET
H2 200 me.srf
login.live.com/ Frame 6134 0
0 504ms
178ms Document
text/html 40.90.22.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2F4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com&uaid=7d8751ba-f3ef-445c-733b-827ac88181e9&partnerId=officeproducts

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.20056.4/en-US/meBoot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.90.22.184 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: login.live.com
:scheme: https
:path: /me.srf?wa=wsignin1.0&wreply=https%3A%2F%2F4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com&uaid=7d8751ba-f3ef-445c-733b-827ac88181e9&partnerId=officeproducts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Wed, 11 Mar 2020 07:29:55 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
set-cookie: uaid=7d8751baf3ef445c733b827ac88181e9; domain=login.live.com; Secure; path=/; HttpOnly MSPRequ=id=N&lt=1583911855&co=1; domain=login.live.com; Secure; path=/; HttpOnly
referrer-policy: strict-origin-when-cross-origin
x-ms-request-id: 3aeaa766-25ad-4e63-bf49-b735475778c3
ppserver: PPV: 30 H: BY1PPF801F0D2D0 V: 0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
date: Wed, 11 Mar 2020 07:30:55 GMT
content-length: 4304

GET
H/1.1 200
OK meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.20056.4/en-US/ 101 KB
17 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:18d::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.20056.4/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:18d::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Feb 2020 09:21:34 GMT
Date: Wed, 11 Mar 2020 07:30:55 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16987
X-UA-Compatible: IE=edge

GET
H2 200 d0ab222a-1420-48cc-9bbd-6bdae7be01fc.js
cdnssl.clicktale.net/www32/ptc/ 63 KB
14 KB 23ms
8ms Script
text/javascript 2a02:26f0:6c00:183::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www32/ptc/d0ab222a-1420-48cc-9bbd-6bdae7be01fc.js
Requested by: Host: 4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:183::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 07:30:55 GMT
content-encoding: gzip
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=600
content-length: 14031
expires: Wed, 11 Mar 2020 07:40:55 GMT

GET
H/1.1 200
OK RE1r2ij
query.prod.cms.rt.microsoft.com/cms/api/am/binary/ 4 KB
3 KB 30ms
7ms Script
application/x-javascript 88.221.61.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE1r2ij

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.221.61.151 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-61-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

AppEx-Activity-Id: 4eb3135b-0152-4204-8522-d226fe8e3c55
Content-Encoding: gzip
X-CMS-Tenant: am
X-CMS-ServiceLocation: eastus:11
X-CMS-Type: binary
X-CMS-DocumentId: RE1r2ij
X-CMS-Alias: default
Content-Disposition: inline; filename=oa.min.js
Connection: keep-alive
MS-CV: tzt2ORBl+kG9aXlNmMVJJQ.0
Content-Length: 2299
X-Trace-Context: {"ActivityId":"4eb3135b-0152-4204-8522-d226fe8e3c55"}
X-CMS-Version: 45
Last-Modified: Tue, 09 Oct 2018 21:46:16 GMT
X-Frame-Options: deny
ETag: W/"133"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-CMS-ExecutionTimeInMilliseconds: 121
Cache-Control: public, must-revalidate, max-age=11328
Date: Wed, 11 Mar 2020 07:30:55 GMT
X-CMS-State: Published

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 31ms
30ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=true&ext-javascript-msfpc=%27GUID%3D6675a02e7d45433e9bf614cf56d66d15%26HASH%3D6675%26LV%3D202003%26V%3D4%26LU%3D1583911854598%27
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c1.microsoft.com/
Redirect Chain

https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=32C0EDE338CC42D9BA3AE50228F85C67&RedC=c1.microsoft.com&MXFR=12578A0DECAC65E41F1E8487E8AC633D
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=32C0EDE338CC42D9BA3AE50228F85C67&MUID=3CB17DC826A866831D417342271D67CA

42 B
334 B

28ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=32C0EDE338CC42D9BA3AE50228F85C67&MUID=3CB17DC826A866831D417342271D67CA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 07:30:55 GMT
last-modified: Mon, 02 Mar 2020 16:34:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "fbf5562b0f0d51:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 200
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 11 Mar 2020 07:30:54 GMT
x-msedge-ref: Ref A: DDB29772BB8B43298F2617D8781B5457 Ref B: FRAEDGE0110 Ref C: 2020-03-11T07:30:55Z
x-powered-by: ASP.NET
location: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=32C0EDE338CC42D9BA3AE50228F85C67&MUID=3CB17DC826A866831D417342271D67CA
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 302
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 59ms
28ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=true&ext-javascript-msfpc=%27GUID%3D6675a02e7d45433e9bf614cf56d66d15%26HASH%3D6675%26LV%3D202003%26V%3D4%26LU%3D1583911854598%27
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 52ms
29ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=true&ext-javascript-msfpc=%27GUID%3D6675a02e7d45433e9bf614cf56d66d15%26HASH%3D6675%26LV%3D202003%26V%3D4%26LU%3D1583911854598%27
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 87ms
31ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=true&ext-javascript-msfpc=%27GUID%3D6675a02e7d45433e9bf614cf56d66d15%26HASH%3D6675%26LV%3D202003%26V%3D4%26LU%3D1583911854598%27
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/9e-bcc229/1e-fd610f?ver=2.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

GET
H2 200 launch-ENc0cbffaf0f8248c3a934a56818d7737e.min.js
assets.adobedtm.com/ 123 KB
26 KB 36ms
17ms Script
application/x-javascript 23.210.248.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc0cbffaf0f8248c3a934a56818d7737e.min.js
Requested by: Host: query.prod.cms.rt.microsoft.com
URL: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE1r2ij
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 07:30:55 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 20:14:23 GMT
server: AkamaiNetStorage
etag: "50c9185ef8190e311d65b53b88532b99:1583784863.293692"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 26661
expires: Wed, 11 Mar 2020 08:30:55 GMT

GET
H2 200 RCe273b42c34d5427cb02b2d6cd022cac2-source.min.js
assets.adobedtm.com/5ef092d1efb5/2537c33769cb/8ae8d80e2338/ 1 KB
757 B 21ms
20ms Script
application/x-javascript 23.210.248.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/8ae8d80e2338/RCe273b42c34d5427cb02b2d6cd022cac2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cbffaf0f8248c3a934a56818d7737e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 07:30:55 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 20:14:24 GMT
server: AkamaiNetStorage
etag: "7511fa6b703d147995ee779f0d66df09:1583784864.241846"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 512
expires: Wed, 11 Mar 2020 08:30:55 GMT

GET
H2 200 RCb88241d3e29144c1b886ab5fabb4ef5a-source.min.js
assets.adobedtm.com/5ef092d1efb5/2537c33769cb/8ae8d80e2338/ 3 KB
1 KB 23ms
22ms Script
application/x-javascript 23.210.248.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/8ae8d80e2338/RCb88241d3e29144c1b886ab5fabb4ef5a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cbffaf0f8248c3a934a56818d7737e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 07:30:55 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 20:14:24 GMT
server: AkamaiNetStorage
etag: "7511fa6b703d147995ee779f0d66df09:1583784864.241846"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1011
expires: Wed, 11 Mar 2020 08:30:55 GMT

GET
H2 200 RC609c6a62e6764307915e122757d5274b-source.min.js
assets.adobedtm.com/5ef092d1efb5/2537c33769cb/8ae8d80e2338/ 74 KB
19 KB 19ms
18ms Script
application/x-javascript 23.210.248.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/8ae8d80e2338/RC609c6a62e6764307915e122757d5274b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cbffaf0f8248c3a934a56818d7737e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-45.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 07:30:55 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 20:14:24 GMT
server: AkamaiNetStorage
etag: "7511fa6b703d147995ee779f0d66df09:1583784864.241846"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 19171
expires: Wed, 11 Mar 2020 08:30:55 GMT

POST
H/1.1 204
No Content log
errors.client.optimizely.com/ 0
296 B 100ms
99ms XHR
text/plain 34.227.153.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys
Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 11 Mar 2020 07:30:55 GMT
Content-Type: text/plain

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 27ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Origin: https://firebasestorage.googleapis.com
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin: *
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Origin: https://firebasestorage.googleapis.com
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 28545797
cf-ray: 572392b20eab9766-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-9226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Mon, 01 Mar 2021 07:30:56 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 26ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Origin: https://firebasestorage.googleapis.com
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK picker_account_aad.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/ 1 KB
1 KB 43ms
9ms Image
image/png 2a02:26f0:10c:38c::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_account_aad.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38c::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

a3ec79086c71191b0dbc128b397d1a27d132bd2b658667bc4229b53cbcb20b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 11 Mar 2020 07:30:57 GMT
Last-Modified: Sat, 18 May 2019 14:25:33 GMT
Content-MD5: nciOew3+QXz8WWEjgXKGmA==
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=471626
Connection: keep-alive
Content-Length: 1082

GET
H/1.1 200
OK picker_more.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/ 192 B
519 B 44ms
9ms Image
image/png 2a02:26f0:10c:38c::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_more.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38c::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

1b8e9869c33c1086478e807f8537b155c84660c631c830d6a83d83accfd1ed18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 11 Mar 2020 07:30:57 GMT
Last-Modified: Sat, 18 May 2019 14:25:45 GMT
Content-MD5: ztMxwTK195jx86s2cS1GCA==
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=439609
Connection: keep-alive
Content-Length: 192

GET
H/1.1 200
OK picker_account_add.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/ 222 B
562 B 43ms
9ms Image
image/svg+xml 2a02:26f0:10c:38c::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_account_add.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38c::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 11 Mar 2020 07:30:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 14:25:49 GMT
Content-MD5: ykuOnMaTo0vw2Gx/ZceiPg==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=467067
Connection: keep-alive
Content-Length: 184

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 22ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 11 Mar 2020 07:30:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2016 22:32:34 GMT
Server: nginx
ETag: W/"57e45c02-152b5"
Vary: Accept-Encoding
X-HW: 1583911856.dop024.fr8.shc,1583911856.dop024.fr8.t,1583911856.cds012.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30070

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Origin: https://firebasestorage.googleapis.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 11406080
cf-ray: 572392b20eac9766-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Mar 2021 07:30:56 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 31ms
14ms Script
text/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Origin: https://firebasestorage.googleapis.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 07:30:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H/1.1 200
OK Cookie set logout.srf
login.microsoftonline.com/ Frame 4886 0
0 162ms
70ms Document
text/html 40.126.1.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.1.166 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: login.microsoftonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
x-ms-request-id: 57d71cd2-6b03-4d67-8e04-1d1ceb221300
x-ms-ests-server: 2.1.10155.17 - DUB2 ProdSlices
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: SignInStateCookie=CAQABAAIAAABeAFzDwllzTYGDLh_qYbH8Gs5lPIP-1-X675n_1jvoLDd8W6Sz8dz2EBdW3om2V9yHslORUXD_aHIB-bHr7so_Jq3gsI7dlQl0LkQsR6ubYiAA; path=/; secure; HttpOnly ESTSSSOTILES=1; expires=Mon, 11-Mar-2030 07:30:57 GMT; path=/; secure AADSSOTILES=1; expires=Mon, 11-Mar-2030 07:30:57 GMT; path=/; secure; HttpOnly ESTSAUTHPERSISTENT=AQABAAQAAABeAFzDwllzTYGDLh_qYbH8AlTxSF0S0-KhIiAsbDzc09WZurIV3r1o8fyfiP_nRZm8fVsx_LkLenMnCf7HED_eqIt_ykEGN5ENAE6xO7ILcrBHHOF0tmZeozn7loJZp46EN7NTEiHsjDUy-s-g7MZ_Yaxkevx1kpozZiHHAjPgWmWiRKcFzYs7O9QzCpKHEJpFZ196t-uQIzrbqVc7Xg53HKmVyz15ArHeCw75NZwkkSAAIABAACAAAAA; domain=.login.microsoftonline.com; expires=Tue, 09-Jun-2020 07:30:57 GMT; path=/; secure; HttpOnly ESTSAUTH=AQABAAQAAABeAFzDwllzTYGDLh_qYbH8w_ZPMinDiN6JPKYnnByrMOCi26gFd6vz6quGZPnKoesbzhXopyC9d0OmYSg2vgIhNA9GpSZamwt6-5rJ5pQzJTdZd5G2kvepWERP0rDUxLgzJ2QoyOEQM0MYnSux732Ux1x8RPlbOo-s0eih6wQpcRFtnFHTj6MO0F0jw926Zy9gnf1XbAXSiX2BCdXirEhKcVWobM0EZ7Tj6a2dvINfAiAAIABAACAAAAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly ESTSAUTHLIGHT=+; path=/; secure ch=5nkkXGLrLj3BfwfWki5mRg1Ppx4OBGdtUEAQ1sFR8R8; domain=.login.microsoftonline.com; expires=Tue, 09-Jun-2020 07:30:57 GMT; path=/; secure ESTSSC=00; path=/; secure; HttpOnly buid=AQABAAEAAABeAFzDwllzTYGDLh_qYbH8bIVPQHTT02S7Yq2lT7rTz-e6EPYJkqDrrYYofY5uPc3RD7rf34ne09rddM4jwXXADYcv5Y6jayrna1sZAyVMQrv6cedHRAM_dA9YRnHyZ74gAA; expires=Fri, 10-Apr-2020 07:30:57 GMT; path=/; secure; HttpOnly fpc=ArZgPtfTuexOnc3RsZ34RKY; expires=Fri, 10-Apr-2020 07:30:57 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAABeAFzDwllzTYGDLh_qYbH8mPnkllMvf09F-wKalhrhTnchDCmDVPwRyIJTLpQMJbQ6XzriCI4wxW1D8OR_59iDH8pd_uB40pwTZImoVhOBVr8f0oUoM8fJQ_Y9DezzDXK8M7O_kSBRAjcKKOSHnXOsXoAQYfz5Z8mbtiSAcJZWcZZaYIJQf_OVWVPGRYcXF1QgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=prod; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 11 Mar 2020 07:30:56 GMT
Content-Length: 117723

GET truncated
/ 0
0

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92d065b3e29a2f6634ca7e88841a02d0954d99cf5746fa343b0cc25020e91487

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
aadcdn.msauth.net/ests/2.1/content/images/backgrounds/ 277 KB
278 KB 26ms
8ms Image
image/jpeg 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/v45ih-eda-ao2blup1fkohacmxmysj.appspot.com/o/CeeEmuyQ2V52KcCjOZwv%20J4pUUxaXaE1t1xQ7eKMK%2FysuiVmO0GzoBVPgmQgFTRl63cMXaPPzDPxv3A%2FtbwyvyutwgLwShFSKNcb.html?alt=media&token=55a7a421-201d-4b96-81db-edcd28e4ece3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

Referer: https://huffingtonpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Mar 2020 07:30:56 GMT
x-azure-ref-originshield: 0teRnXgAAAADk6o0JBJrxQ5N1vASg6wf7QU1TRURHRTA1MTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5: pdvUOT/2pyXH5ith335y8A==
x-cache: TCP_HIT
status: 200
content-length: 283351
x-ms-lease-status: unlocked
last-modified: Fri, 02 Nov 2018 20:26:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6410178E329F6
x-azure-ref: 0sZNoXgAAAAAZDnU/gjg7R4uTk6nAACDDRlJBRURHRTEwMTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f1e654ad-801e-001b-56aa-f3a246000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=604800
x-ms-version: 2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: ests
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: prod
login.microsoftonline.com/	1970-01-19 08:41:43	Name: buid Value: AQABAAEAAABeAFzDwllzTYGDLh_qYbH8bIVPQHTT02S7Yq2lT7rTz-e6EPYJkqDrrYYofY5uPc3RD7rf34ne09rddM4jwXXADYcv5Y6jayrna1sZAyVMQrv6cedHRAM_dA9YRnHyZ74gAA
login.microsoftonline.com/	1970-01-22 23:37:24	Name: AADSSOTILES Value: 1
login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSSC Value: 00
.login.microsoftonline.com/	1970-01-19 10:08:07	Name: ch Value: 5nkkXGLrLj3BfwfWki5mRg1Ppx4OBGdtUEAQ1sFR8R8
login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSAUTHLIGHT Value: +
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSAUTH Value: AQABAAQAAABeAFzDwllzTYGDLh_qYbH8w_ZPMinDiN6JPKYnnByrMOCi26gFd6vz6quGZPnKoesbzhXopyC9d0OmYSg2vgIhNA9GpSZamwt6-5rJ5pQzJTdZd5G2kvepWERP0rDUxLgzJ2QoyOEQM0MYnSux732Ux1x8RPlbOo-s0eih6wQpcRFtnFHTj6MO0F0jw926Zy9gnf1XbAXSiX2BCdXirEhKcVWobM0EZ7Tj6a2dvINfAiAAIABAACAAAAA
.login.microsoftonline.com/	1970-01-19 10:08:07	Name: ESTSAUTHPERSISTENT Value: AQABAAQAAABeAFzDwllzTYGDLh_qYbH8AlTxSF0S0-KhIiAsbDzc09WZurIV3r1o8fyfiP_nRZm8fVsx_LkLenMnCf7HED_eqIt_ykEGN5ENAE6xO7ILcrBHHOF0tmZeozn7loJZp46EN7NTEiHsjDUy-s-g7MZ_Yaxkevx1kpozZiHHAjPgWmWiRKcFzYs7O9QzCpKHEJpFZ196t-uQIzrbqVc7Xg53HKmVyz15ArHeCw75NZwkkSAAIABAACAAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAABeAFzDwllzTYGDLh_qYbH8mPnkllMvf09F-wKalhrhTnchDCmDVPwRyIJTLpQMJbQ6XzriCI4wxW1D8OR_59iDH8pd_uB40pwTZImoVhOBVr8f0oUoM8fJQ_Y9DezzDXK8M7O_kSBRAjcKKOSHnXOsXoAQYfz5Z8mbtiSAcJZWcZZaYIJQf_OVWVPGRYcXF1QgAA
login.microsoftonline.com/	1970-01-19 08:41:43	Name: fpc Value: ArZgPtfTuexOnc3RsZ34RKY
login.microsoftonline.com/	1970-01-22 23:37:24	Name: ESTSSSOTILES Value: 1
login.microsoftonline.com/	1969-12-31 23:59:59	Name: SignInStateCookie Value: CAQABAAIAAABeAFzDwllzTYGDLh_qYbH8Gs5lPIP-1-X675n_1jvoLDd8W6Sz8dz2EBdW3om2V9yHslORUXD_aHIB-bHr7so_Jq3gsI7dlQl0LkQsR6ubYiAA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e7dff113/office.testdrive/externalscripts/adobetarget/at.js(Line 63) Message: AT: [page-init] Adobe Target content delivery is disabled. Ensure that you can save cookies to your current domain, there is no "mboxDisable" cookie and there is no "mboxDisable" parameter in query string.
console-api	log	URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/b3-5ed3d8?ver=2.0(Line 1) Message: locale:
console-api	log	URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/b3-5ed3d8?ver=2.0(Line 1) Message: locale:
console-api	log	URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/POC-OneDrive/_scrf/js/themes=default/22-bbdb47/a6-32d127/db-a25f61/d6-6e76d0/33-df9551/e9-a7ee15/cd-8ce651/f5-7e27a5/dc-bba150/b3-5ed3d8?ver=2.0(Line 1) Message: Error message: Phone token xml data was not received
console-api	log	URL: https://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm?czwh=nksg&BoROAP1Uf9Ril4MKJXZ5=afoltz@msts.com&vests=dys(Line 2011) Message: me
console-api	log	(Line 2) Message: webblends match failed forhttps://4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com/l9v7m651ePOVl5z7KM8mzus9NZEaKvhQcAYZZAOH/exVNxxkTTEPHM6pPx2Cliv8MyDq5SzgMFjGvpEOj/rNfu93Cbpb9P0Xpv2VZs.htm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4crev1vmvsk4xfwco52yz80fbvyyz93salcsmpca.s3.ca-central-1.amazonaws.com
aadcdn.msauth.net
ad.doubleclick.net
adservice.google.com
assets.adobedtm.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
cdn.optimizely.com
cdnjs.cloudflare.com
cdnssl.clicktale.net
code.jquery.com
dpm.demdex.net
errors.client.optimizely.com
firebasestorage.googleapis.com
img-prod-cms-rt-microsoft-com.akamaized.net
login.live.com
login.microsoftonline.com
maxcdn.bootstrapcdn.com
mem.gfx.ms
products.office.com
query.prod.cms.rt.microsoft.com
secure.aadcdn.microsoftonline-p.com
stackpath.bootstrapcdn.com
truncated
web.vortex.data.microsoft.com
www.microsoft.com
www.taxsaleresources.com
truncated
172.217.22.6
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3a
23.210.248.45
2606:4700::6811:4104
2620:1ec:bdf::10
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:815::200a
2a01:4a0:1338:28::c38a:ff11
2a02:26f0:10c:384::356e
2a02:26f0:10c:38c::35c1
2a02:26f0:6c00:180::69d
2a02:26f0:6c00:181::13b8
2a02:26f0:6c00:183::2db0
2a02:26f0:6c00:183::356e
2a02:26f0:6c00:18d::37
34.227.153.53
34.243.44.116
40.126.1.166
40.77.226.250
40.90.22.184
52.142.114.2
52.95.146.112
67.227.172.209
88.221.61.151
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
1376a3de93b6c6565a024295b7da06adc5db00552615f4bfec7925c6b3454c48
1b8e9869c33c1086478e807f8537b155c84660c631c830d6a83d83accfd1ed18
207f50299063fbb1f3b17bc02663cc5e8fb3b385e8ea29919d1af13a7baa6247
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
2247b3713a514d2b8f2eac69cd44ed614e83972bf96a2752feae4b6bcb458c20
2266338eba270a2d50f9633a14052f16e7433cccf3202708805bd2d9a2367308
23219ea38ba7fbab87025bb95f318198c131a06244f4aab61042bfac17a662d0
305b10c97d1573bae097a146f5753b9c6f35e78ae8cb1c6a577ba31b8e622437
361b6014458b0bb0eeca24f4cbc59f4dd365e7a6813855ea159b7b596af9c772
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3701c3ed8391ab19174d60cd5a0426e1457b64f8fa7560989dc1255405835853
38aae607a02c27e90a8601bfc898fb848c9148f4a02061d5f6607d5c4bf147ef
3f58610f8512b65c15895918b31d86cad4d27137836500fd14482c5bfd9fb580
448981cc6e350a9404a41599e3a8f0f6d84302d426c729c8cbf855255aaa9f3d
4ed5722f1f22c340283895d44dbc7b965a41904eedd2c43d17fcaecf29bfdcb3
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
50ac64c8e9ee637f7002a9f6aa5effce81039795d044ec9922683f4a54a65ffd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5e4ab94cfeba829ca359252183b48f5be665bf22d4f09c30f0d4625de5b50503
65967c69a78c125e3a028078fa4ee80391822663ca9763fd5b30d6b995c44619
69e893b1984646a78237a1658bf99b814f1cb21ee97c568cffefbcae1b69c181
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
7478462a824d8eeb2d08bd618bab694274ac61c0a42a01443f15ff2f61c43267
749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2
789d4c4a492e25d37b2d3e888555c130d89c06711334b8f0759f2353ccb26779
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ddde9c325e7854bedabf59c04f3b81bf8539701d4c0e7fdc66624fd1580d78b
81dd42197f137d54b0833fb24aab0c9a05ac07bd4aecec3f79ac281bbc46b64a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89e47c18091724d6ba7c22641e633cf74553632e90156b7b1126bfdfc76477fb
8a56b4d7e088c0a978e014d429d3952584edafa49a6b6ecf3f1e1ef23486b469
8dda229c7a40e7c2fe054bf6195592220be02be27d438a225d5f4606cbdb9c4a
92d065b3e29a2f6634ca7e88841a02d0954d99cf5746fa343b0cc25020e91487
968788fb3ea1c89cf9e18cbd1850acd106754e16e01ac4e87688b8aded23e145
9871d1febd81765c7d00d926fc93407272bbf25d2ab1613219f642ab644d4a98
9ede85d6c2139703e1a1dfa94105f6063607bc0f2f53cfb98d30daf90134bc51
a3ec79086c71191b0dbc128b397d1a27d132bd2b658667bc4229b53cbcb20b05
a72d87a114ea823eb4277ea53b9a261f4eb843c2e1f0dd67bd98956ae9c77d6a
ad28b65c3054ef0fecf51f4d4f83a04d8c43f8dcb4eb0a28c09a91eb45cf33b8
b97f1390080d6f405c86af4c00f87e5a2b460da827273c6d6e1d5370aeaef705
c1f73277afa7d4cccba3696680870181a8682932c56b6c5b34e7b74f21cbbbf1
c20b13598cfc3b29774a3909d1ee5927ff2947a6ebfe7064575d3b1738dd7548
c6f0277e271d9660603fa0422a98e2aee5a5d3d04ce230c008b14aec7fcc32b4
c8ca734d8ed9fdd3b5178445020d5896520034f8796f1232c5148ab80479ac2a
cde6beb27bd473afab57bd95b916ec881506efca1f5bbb7f544965ec3e3692b0
d5d7e3809c33b2db811d4a116c4b96200b21e07904c895405c00f7e53c1a9f55
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
e647c6a09d7794a1fb4c8d3b1832b7dcf45bfd23d61427d676a312a8ec71ebe1
e9edb5c08d0d91e97193b8b301bd1caab0f919b6c0d10187291d78ab23952641
ebc7bbadf566f0d4cdc44c49d4e384b6f0b8db95aab6f47f89e05b429d90088a
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff4888e144b59ed8287a600345f76dd524a5e7ef8c068020367edefd0b8853f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb9e5c62d9da72c5792b819cc2d4ca8ecb4888a7e6f2d2020214c177f463cb58

firebasestorage.googleapis.com Open in urlscan Pro 2a00:1450:4001:815::200a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

58 %IPv6

23 Domains

28 Subdomains

24 IPs

6 Countries

1568 kBTransfer

3541 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

firebasestorage.googleapis.com Open in urlscan Pro
2a00:1450:4001:815::200a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

58 %
IPv6

23
Domains

28
Subdomains

24
IPs

6
Countries

1568 kB
Transfer

3541 kB
Size

13
Cookies

77 HTTP transactions
3 data transactions