Report - qvhq6gmh.biz/cgi/tbuckingham/bWxpbGxlZGFobEBub3J0aHN0YXJjYXBpdGFsLmNvbQ==

Report Overview

Visited public
2024-01-30 21:55:01
Tags
URL
qvhq6gmh.biz/cgi/tbuckingham/bWxpbGxlZGFobEBub3J0aHN0YXJjYXBpdGFsLmNvbQ==
Finishing URL
outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com
IP / ASN
111.90.141.20
#45839 Shinjiru Technology Sdn Bhd
Title
Encrypted Message Error

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
css0-00000001-4mb4014-00073106b7c528-1qw7-495f-910d0s1q000.cw00q2a0qw.live	unknown	2023-12-05	2024-01-17 06:55:28	2024-01-30 18:45:07	571 B	2.7 kB	94.156.69.71
outlook.office365.com	51	2005-06-20	2013-04-11 01:09:24	2021-03-15 09:11:50	3.7 kB	29 kB	52.98.149.178
static2.sharepointonline.com	2149	2005-03-21	2017-01-29 19:49:09	2024-01-30 18:19:07	1.4 kB	43 kB	23.52.21.48
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24 15:35:31	2024-01-30 18:17:12	431 B	34 kB	152.199.19.160
r1.res.office365.com	18241	2005-06-20	2014-12-19 11:18:54	2024-01-30 18:45:10	1.5 kB	71 kB	23.36.79.43
qvhq6gmh.biz	unknown	2024-01-17	2024-01-17 07:24:01	2024-01-18 01:19:40	527 B	327 B	111.90.141.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-01-30 21:54:36	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2024-01-30 21:54:36	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com	ScriptElement	0 B	0001-01-01	2025-06-15
Pretty URL outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com IP 52.98.149.178 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-15 13:08 Times Seen4968738 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com	ScriptElement	0 B	0001-01-01	2025-06-15
Pretty URL outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com IP 52.98.149.178 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-15 13:08 Times Seen4968738 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com	ScriptElement	0 B	0001-01-01	2025-06-15
Pretty URL outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com IP 52.98.149.178 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-15 13:08 Times Seen4968738 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com	ScriptElement	0 B	0001-01-01	2025-06-15
Pretty URL outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com IP 52.98.149.178 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-15 13:08 Times Seen4968738 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	moz-extension://23b2d7a8-22d7-4177-9d83-b23021f2475b/injections/js/bug1731825-office365-email-handling-prompt-autohide.js		995 B	2023-04-11	2025-06-15
Pretty URL moz-extension://23b2d7a8-22d7-4177-9d83-b23021f2475b/injections/js/bug1731825-office365-email-handling-prompt-autohide.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 22:15 Last Seen2025-06-15 12:14 Times Seen51546 Hash 7c873167b5d35fd9f6690071701d4669 f897afe9818a00a80e98bdbc67e7f67343f89378 014e00e9c71f02f5892cda29da8fd08058817ebd57a12cfee75236874f4e889a Loading...

	static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/js/fabric.min.js	ScriptElement	71 kB	2023-03-13	2024-11-13
Pretty URL static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/js/fabric.min.js IP 23.52.21.48 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:24 Last Seen2024-11-13 22:34 Times Seen268 Hash feee42503b4f434e577ad8fe100ce6f2 4dc83cda17e8774f333343fa3d2a34e57aa76af9 36b147da61d542a557a9b3d490e9ea174874c8d0d8fcdf35a841734bb5604ed5 Loading...

	ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js	ScriptElement	97 kB	2023-03-07	2025-06-15
Pretty URL ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-15 13:08 Times Seen31586 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

HTTP Transactions (14)

	URL	IP	Response	Size
	qvhq6gmh.biz/cgi/tbuckingham/bWxpbGxlZGFobEBub3J0aHN0YXJjYXBpdGFsLmNvbQ==	111.90.141.20		0 B
URL qvhq6gmh.biz/cgi/tbuckingham/bWxpbGxlZGFobEBub3J0aHN0YXJjYXBpdGFsLmNvbQ== IP 111.90.141.20:0 ASN #45839 Shinjiru Technology Sdn Bhd File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cgi/tbuckingham/bWxpbGxlZGFobEBub3J0aHN0YXJjYXBpdGFsLmNvbQ== HTTP/1.1 Host: qvhq6gmh.biz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Tue, 30 Jan 2024 21:54:35 GMT Server: Apache refresh: 0;url=https://css0-00000001-4mb4014-00073106b7c528-1qw7-495f-910d0s1q000.cw00q2a0qw.live//?username=mlilledahl@northstarcapital.com Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8`

	css0-00000001-4mb4014-00073106b7c528-1qw7-495f-910d0s1q000.cw00q2a0qw.live//?username=mlilledahl@northstarcapital.com	94.156.69.71	302 Found	2.3 kB
URL User Request GET HTTP/2 css0-00000001-4mb4014-00073106b7c528-1qw7-495f-910d0s1q000.cw00q2a0qw.live//?username=mlilledahl@northstarcapital.com IP 94.156.69.71:443 ASN #394711 LIMENET Certificate IssuerLet's Encrypt Subjectcw00q2a0qw.live FingerprintB1:A6:B9:70:6A:4B:12:C6:E5:48:C9:47:88:41:9E:3C:E6:FB:FB:A0 ValidityTue, 05 Dec 2023 09:27:11 GMT - Mon, 04 Mar 2024 09:27:10 GMT File type gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT) Size 2.3 kB (2344 bytes) Hash 81420aa894f259fb94d17ffbfd307971 ac845331d52845be2cf3eb00ed4d3349a8215ac2 583b8b1c66dd98321ecc106e21c8ff2430b9589f709cfe44ee505758ee422906 HTTP Headers GET //?username=mlilledahl@northstarcapital.com HTTP/1.1 Host: css0-00000001-4mb4014-00073106b7c528-1qw7-495f-910d0s1q000.cw00q2a0qw.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx date: Tue, 30 Jan 2024 21:54:36 GMT content-type: text/html; charset=utf-8 location: https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com referrer-policy: no-referrer X-Firefox-Spdy: h2`

	outlook.office365.com/Encryption/ErrorPage.aspx/base.css	52.98.149.178	200 OK	2.3 kB
URL GET HTTP/2 outlook.office365.com/Encryption/ErrorPage.aspx/base.css IP 52.98.149.178:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint36:18:F1:AE:4C:1B:9A:B4:43:F1:6E:82:31:48:81:81:E3:2E:45:09 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 2.3 kB (2276 bytes) Hash a8414f6b056fe4ad6fffdfb1f01df0f2 8c6aa2f7068daa206b5a26f73c71d39b2394b492 d598e667d3165ad7ee2101d76e171e56c076d10653b9655a9d59df26d41f5d2a HTTP Headers GET /Encryption/ErrorPage.aspx/base.css HTTP/1.1 Host: outlook.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Cookie: X-E4E-CorrelationId=aa91cc59-5b1c-4814-83bf-b5c6bfeb6acb; X-AnonResource=true Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK cache-control: no-cache pragma: no-cache content-length: 2276 content-type: text/html; charset=utf-8 content-encoding: gzip expires: -1 vary: Accept-Encoding server: Microsoft-IIS/10.0 request-id: 6b371edb-9225-49b1-fc6c-cc3f179e9aec alt-svc: h3=":443",h3-29=":443" x-calculatedbetarget: MM0P280MB0389.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200 set-cookie: X-AnonResource=true; path=/ x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-aspnet-version: 4.0.30319 x-diaginfo: MM0P280MB0389 x-beserver: MM0P280MB0389 x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-firsthopcafeefz: GVX x-feproxyinfo: GV3P280CA0090.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX x-powered-by: ASP.NET x-feserver: GV3P280CA0090 date: Tue, 30 Jan 2024 21:54:36 GMT X-Firefox-Spdy: h2

	static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css	23.52.21.48	200 OK	11 kB
URL GET HTTP/2 static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css IP 23.52.21.48:443 ASN #16625 AKAMAI-AS Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectprivatecdn.sharepointonline.com Fingerprint89:D8:A0:A8:A0:8B:9E:77:86:3D:9D:9F:80:07:D1:FA:7C:16:4D:6F ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (65291), with CRLF, LF line terminators Size 11 kB (11130 bytes) Hash 5d48f159bc5f915dcb15225b450087d8 b326b865d25f5479f3a53982a86cc7ad617c1f70 6d578eb55e7fb3fc677c63e6ab840053a5773ca0b667d6fe6dc27edbd1a59e73 HTTP Headers `GET /files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css HTTP/1.1 Host: static2.sharepointonline.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css content-md5: XUjxWbxfkV3LFSJbRQCH2A== last-modified: Fri, 22 Sep 2017 23:42:39 GMT etag: 0x8D502139C45D439 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 44c51ac8-d01e-0094-616f-8e3144000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * vary: Accept-Encoding content-encoding: gzip content-length: 11130 cache-control: public, max-age=9599161 date: Tue, 30 Jan 2024 21:54:36 GMT X-Firefox-Spdy: h2

	static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/js/fabric.min.js	23.52.21.48	200 OK	15 kB
URL GET HTTP/2 static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/js/fabric.min.js IP 23.52.21.48:443 ASN #16625 AKAMAI-AS Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectprivatecdn.sharepointonline.com Fingerprint89:D8:A0:A8:A0:8B:9E:77:86:3D:9D:9F:80:07:D1:FA:7C:16:4D:6F ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (32042), with CRLF, LF line terminators Size 15 kB (15069 bytes) Hash feee42503b4f434e577ad8fe100ce6f2 4dc83cda17e8774f333343fa3d2a34e57aa76af9 36b147da61d542a557a9b3d490e9ea174874c8d0d8fcdf35a841734bb5604ed5 HTTP Headers `GET /files/fabric/office-ui-fabric-js/1.2.0/js/fabric.min.js HTTP/1.1 Host: static2.sharepointonline.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript content-md5: /u5CUDtPQ05Xetj+EAzm8g== last-modified: Wed, 16 Aug 2017 00:33:35 GMT etag: 0x8D4E43E6E7A7355 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 704cf909-b01e-0066-3f7b-bec90d000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * vary: Accept-Encoding content-encoding: gzip content-length: 15069 cache-control: public, max-age=9052509 date: Tue, 30 Jan 2024 21:54:36 GMT X-Firefox-Spdy: h2

	static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.components.min.css	23.52.21.48	200 OK	15 kB
URL GET HTTP/2 static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.components.min.css IP 23.52.21.48:443 ASN #16625 AKAMAI-AS Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectprivatecdn.sharepointonline.com Fingerprint89:D8:A0:A8:A0:8B:9E:77:86:3D:9D:9F:80:07:D1:FA:7C:16:4D:6F ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (65277), with CRLF, LF line terminators Size 15 kB (14744 bytes) Hash 96490fcfbb701ff728c155a776a0a513 e17fe68aa8b8ff6a4a0d9900688a0f1c76e62047 6b701dbe9b7aeba38782e2f6726e2a928ec2abef62f43866c88f44fd1a282b2a HTTP Headers `GET /files/fabric/office-ui-fabric-js/1.2.0/css/fabric.components.min.css HTTP/1.1 Host: static2.sharepointonline.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK last-modified: Thu, 02 Nov 2017 17:22:03 GMT etag: 0x8D522163BD7D3C1 content-type: text/css content-md5: lkkPz7twH/cowVWndqClEw== server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 057a3c00-701e-000b-3001-b97d46000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * vary: Accept-Encoding content-encoding: gzip content-length: 14744 unused62: 8096267 date: Tue, 30 Jan 2024 21:54:36 GMT X-Firefox-Spdy: h2

	ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js	152.199.19.160	200 OK	34 kB
URL GET HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js IP 152.199.19.160:443 ASN #15133 EDGECAST Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subject.vo.msecnd.net Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80 ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (32077) Size 34 kB (33835 bytes) Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 HTTP Headers `GET /ajax/jQuery/jquery-1.12.4.min.js HTTP/1.1 Host: ajax.aspnetcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * age: 17864354 cache-control: public,max-age=31536000 content-type: application/javascript date: Tue, 30 Jan 2024 21:54:36 GMT etag: "0e6586cc33d21:0" last-modified: Mon, 31 Oct 2016 23:10:52 GMT server: ECAcc (ska/F6A4) timing-allow-origin: * vary: Accept-Encoding x-cache: HIT x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 33835 X-Firefox-Spdy: h2`

	r1.res.office365.com/owa/prem/fonts/segoeui-semilight.woff	23.36.79.43	200 OK	30 kB
URL GET HTTP/1.1 r1.res.office365.com/owa/prem/fonts/segoeui-semilight.woff IP 23.36.79.43:443 ASN #20940 Akamai International B.V. Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subject.res.outlook.com Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type Web Open Font Format, TrueType, length 29464, version 1.0 Size 30 kB (29464 bytes) Hash 6a419545705dee19082e8e62105488df 72a5d33a47932ed6cf2d196c8d8222204e4a71fd c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b HTTP Headers GET /owa/prem/fonts/segoeui-semilight.woff HTTP/1.1 Host: r1.res.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://outlook.office365.com DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Accept-Ranges: bytes Last-Modified: Tue, 10 Feb 2015 01:15:15 GMT Server: AkamaiNetStorage Content-Length: 29464 Cache-Control: public,max-age=630720000, s-maxage=630720000 Date: Tue, 30 Jan 2024 21:54:37 GMT Connection: keep-alive Timing-Allow-Origin: Access-Control-Allow-Origin: * Content-Type: application/font-woff Strict-Transport-Security: max-age=31536000; includeSubDomains`

	r1.res.office365.com/owa/prem/fonts/segoeui-regular.woff	23.36.79.11	200 OK	35 kB
URL GET HTTP/1.1 r1.res.office365.com/owa/prem/fonts/segoeui-regular.woff IP 23.36.79.11:443 ASN #20940 Akamai International B.V. Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subject.res.outlook.com Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type Web Open Font Format, TrueType, length 34924, version 1.0 Size 35 kB (34924 bytes) Hash 46749bbaebfe8f28b80df5381dd55aa4 ec0c969053ec70db78b2067955330b6d50df6300 07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b HTTP Headers GET /owa/prem/fonts/segoeui-regular.woff HTTP/1.1 Host: r1.res.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://outlook.office365.com DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Accept-Ranges: bytes Last-Modified: Tue, 10 Feb 2015 01:15:14 GMT Server: AkamaiNetStorage Content-Length: 34924 Cache-Control: public,max-age=630720000, s-maxage=630720000 Date: Tue, 30 Jan 2024 21:54:37 GMT Connection: keep-alive Timing-Allow-Origin: Access-Control-Allow-Origin: * Content-Type: application/font-woff Strict-Transport-Security: max-age=31536000; includeSubDomains`

	r1.res.office365.com/owa/prem/15.20.7228.34/resources/images/0/favicon.ico	23.36.79.43	200 OK	5.4 kB
URL GET HTTP/1.1 r1.res.office365.com/owa/prem/15.20.7228.34/resources/images/0/favicon.ico IP 23.36.79.43:443 ASN #20940 Akamai International B.V. Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subject.res.outlook.com Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size 5.4 kB (5430 bytes) Hash f82312f1281e8d6c87f7ffca0a7d147c 103d0c7b915b40584e0543856e87b360568fe8c8 dec51a1a5c6f5daddebe7c7d1048319969446f03de89a953c3c3514f8db08e8a HTTP Headers `GET /owa/prem/15.20.7228.34/resources/images/0/favicon.ico HTTP/1.1 Host: r1.res.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/x-icon Last-Modified: Sun, 28 Jan 2024 20:42:36 GMT Server: AkamaiNetStorage Content-Length: 5430 Cache-Control: public,max-age=630720000, s-maxage=630720000 Date: Tue, 30 Jan 2024 21:54:37 GMT Connection: keep-alive Timing-Allow-Origin: * Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31536000; includeSubDomains`

	outlook.office365.com/Encryption/ErrorPage.aspx/lock.png	52.98.149.178	200 OK	2.3 kB
URL GET HTTP/2 outlook.office365.com/Encryption/ErrorPage.aspx/lock.png IP 52.98.149.178:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint36:18:F1:AE:4C:1B:9A:B4:43:F1:6E:82:31:48:81:81:E3:2E:45:09 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 2.3 kB (2276 bytes) Hash 4759f0892d728d53c90916040ec8c6d1 85d6ae656c4dda38e01f8ce501a2dfa3ddd46370 9a5d14549f1ed456ae8ba4938229baa56d50f956848263e2cababd684b53d099 HTTP Headers GET /Encryption/ErrorPage.aspx/lock.png HTTP/1.1 Host: outlook.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Cookie: X-E4E-CorrelationId=aa91cc59-5b1c-4814-83bf-b5c6bfeb6acb; X-AnonResource=true Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK cache-control: no-cache pragma: no-cache content-length: 2276 content-type: text/html; charset=utf-8 content-encoding: gzip expires: -1 vary: Accept-Encoding server: Microsoft-IIS/10.0 request-id: 47ccaebf-28f7-db9c-1267-6a129ef354f1 alt-svc: h3=":443",h3-29=":443" x-calculatedbetarget: GVZP280MB0458.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200 set-cookie: X-AnonResource=true; path=/ x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-aspnet-version: 4.0.30319 x-diaginfo: GVZP280MB0458 x-beserver: GVZP280MB0458 x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-firsthopcafeefz: GVX x-feproxyinfo: GV3P280CA0090.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX x-powered-by: ASP.NET x-feserver: GV3P280CA0090 date: Tue, 30 Jan 2024 21:54:40 GMT X-Firefox-Spdy: h2

	outlook.office365.com/Encryption/ErrorPage.aspx/help.png	52.98.149.178	200 OK	8.7 kB
URL GET HTTP/2 outlook.office365.com/Encryption/ErrorPage.aspx/help.png IP 52.98.149.178:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint36:18:F1:AE:4C:1B:9A:B4:43:F1:6E:82:31:48:81:81:E3:2E:45:09 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 8.7 kB (8734 bytes) Hash 4759f0892d728d53c90916040ec8c6d1 85d6ae656c4dda38e01f8ce501a2dfa3ddd46370 9a5d14549f1ed456ae8ba4938229baa56d50f956848263e2cababd684b53d099 HTTP Headers GET /Encryption/ErrorPage.aspx/help.png HTTP/1.1 Host: outlook.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Cookie: X-E4E-CorrelationId=aa91cc59-5b1c-4814-83bf-b5c6bfeb6acb; X-AnonResource=true Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK cache-control: no-cache pragma: no-cache content-length: 8734 content-type: text/html; charset=utf-8 expires: -1 server: Microsoft-IIS/10.0 request-id: 6b0fc50c-30cb-fbaf-b6cb-b42666bb8ce9 alt-svc: h3=":443",h3-29=":443" x-calculatedbetarget: GVYP280MB0255.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200 set-cookie: X-AnonResource=true; path=/ x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-aspnet-version: 4.0.30319 x-diaginfo: GVYP280MB0255 x-beserver: GVYP280MB0255 x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-firsthopcafeefz: GVX x-feproxyinfo: GV3P280CA0090.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX x-powered-by: ASP.NET x-feserver: GV3P280CA0090 date: Tue, 30 Jan 2024 21:54:41 GMT X-Firefox-Spdy: h2

	outlook.office365.com/Encryption/ErrorPage.aspx/arrow.png	52.98.149.178	200 OK	2.3 kB
URL GET HTTP/2 outlook.office365.com/Encryption/ErrorPage.aspx/arrow.png IP 52.98.149.178:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint36:18:F1:AE:4C:1B:9A:B4:43:F1:6E:82:31:48:81:81:E3:2E:45:09 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 2.3 kB (2276 bytes) Hash 487d50a347595d631bb8cc3f37de120a bb8a3f189be59b1df22ca5693c60d399c8300e3c 0366f6a4e592fb3ced23b49f334183e4935c6b91b72b392dafc2a4d6788c12c3 HTTP Headers GET /Encryption/ErrorPage.aspx/arrow.png HTTP/1.1 Host: outlook.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com Cookie: X-E4E-CorrelationId=aa91cc59-5b1c-4814-83bf-b5c6bfeb6acb; X-AnonResource=true Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK cache-control: no-cache pragma: no-cache content-length: 2276 content-type: text/html; charset=utf-8 content-encoding: gzip expires: -1 vary: Accept-Encoding server: Microsoft-IIS/10.0 request-id: 7549624e-76a0-a090-1209-a74dda6dee29 alt-svc: h3=":443",h3-29=":443" x-calculatedbetarget: MM1PPF264E0A9EB.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200 set-cookie: X-AnonResource=true; path=/ x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-aspnet-version: 4.0.30319 x-diaginfo: MM1PPF264E0A9EB x-beserver: MM1PPF264E0A9EB x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-firsthopcafeefz: GVX x-feproxyinfo: GV3P280CA0090.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX x-powered-by: ASP.NET x-feserver: GV3P280CA0090 date: Tue, 30 Jan 2024 21:54:41 GMT X-Firefox-Spdy: h2

	outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com	52.98.149.178	200 OK	8.9 kB
URL User Request GET HTTP/2 outlook.office365.com/Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com IP 52.98.149.178:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint36:18:F1:AE:4C:1B:9A:B4:43:F1:6E:82:31:48:81:81:E3:2E:45:09 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (9570), with no line terminators Size 8.9 kB (8850 bytes) Hash c2ec5f3be303d26f7933bfd050dcec76 55cde84741fa3edeb7980242f93c0461a28d161c a774341b8e57025959a25a5c44aeb0e1c1456f4147acf32f7289826ee2dd16cd HTTP Headers GET /Encryption/ErrorPage.aspx/?src=3&code=11&be=SN6PR04MB4014&fe=JNAP275CA0040.ZAFP275.PROD.OUTLOOgK.COM&loc=en-US&itemID=E4E_M_e9df154a-e4b8-4486-8aec-7acceeb93fee&username=mlilledahl%40northstarcapital.com HTTP/1.1 Host: outlook.office365.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: no-cache pragma: no-cache content-length: 2344 content-type: text/html; charset=utf-8 content-encoding: gzip expires: -1 vary: Accept-Encoding server: Microsoft-IIS/10.0 request-id: db54654b-447d-f3b0-103c-d8ae0533179b alt-svc: h3=":443",h3-29=":443" x-calculatedbetarget: GVZP280MB0412.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200 set-cookie: X-E4E-CorrelationId=aa91cc59-5b1c-4814-83bf-b5c6bfeb6acb; path=/; secure; HttpOnly X-E4E-CorrelationId=aa91cc59-5b1c-4814-83bf-b5c6bfeb6acb; path=/; secure; HttpOnly X-AnonResource=true; path=/ x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-aspnet-version: 4.0.30319 x-diaginfo: GVZP280MB0412 x-beserver: GVZP280MB0412 x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-firsthopcafeefz: GVX x-feproxyinfo: GV3P280CA0090.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX x-powered-by: ASP.NET x-feserver: GV3P280CA0090 date: Tue, 30 Jan 2024 21:54:36 GMT X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP