aladevstart.scaffoldingssolutions.com Open in urlscan Pro
2606:4700:3035::ac43:dd03  Malicious Activity! Public Scan

Submitted URL: https://www.baidu.com/link?url=8w-_34w4kYEbtOarjJjR0-tcq_FkvgjjfCgSVW26Ljnqycm2zoQGlSae2pxMlo9S&wd=aHRvcnJlc3xZbkp2Ym5...
Effective URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openi...
Submission: On September 13 via manual from IN — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::ac43:dd03, located in United States and belongs to CLOUDFLARENET, US. The main domain is aladevstart.scaffoldingssolutions.com.
TLS certificate: Issued by WE1 on September 9th 2024. Valid for: 3 months.
This is the only time aladevstart.scaffoldingssolutions.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 103.235.47.188 55967 (BAIDU Bei...)
1 2 162.250.126.19 19318 (IS-AS-1)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
6 2620:1ec:bdf::57 8075 (MICROSOFT...)
13 5
Apex Domain
Subdomains
Transfer
5 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 3955
286 KB
3 scaffoldingssolutions.com
aladevstart.scaffoldingssolutions.com
28 KB
2 hebronproperties.com
www.hebronproperties.com
hebronproperties.com
2 KB
1 microsoft.com
csp.microsoft.com
browser.events.data.microsoft.com Failed
225 B
1 baidu.com
www.baidu.com — Cisco Umbrella Rank: 3957
909 B
0 live.com Failed
fpt.live.com Failed
13 6
Domain Requested by
5 logincdn.msauth.net aladevstart.scaffoldingssolutions.com
logincdn.msauth.net
3 aladevstart.scaffoldingssolutions.com 1 redirects hebronproperties.com
logincdn.msauth.net
1 csp.microsoft.com aladevstart.scaffoldingssolutions.com
1 hebronproperties.com www.baidu.com
1 www.hebronproperties.com 1 redirects
1 www.baidu.com
0 browser.events.data.microsoft.com Failed logincdn.msauth.net
0 fpt.live.com Failed logincdn.msauth.net
13 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
hebronproperties.com
R11
2024-08-31 -
2024-11-29
3 months crt.sh
scaffoldingssolutions.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
csp.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-08-14 -
2025-02-14
6 months crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 08
2024-08-31 -
2025-08-26
a year crt.sh

This page contains 2 frames:

Primary Page: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Frame ID: B58AAC5D27C86C03D4C31F42482098BA
Requests: 11 HTTP requests in this frame

Frame: https://fpt.live.com/?session_id=5cc3bd608cd23d2cf4073fc7a41bcf58&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SI
Frame ID: 3B7B415D94A9F2364405F6FD97D2E1B8
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Bei Ihrem Microsoft-Konto anmeldenMelden Sie sich bei Ihrem Microsoft-Konto an.

Page URL History Show full URLs

  1. https://www.baidu.com/link?url=8w-_34w4kYEbtOarjJjR0-tcq_FkvgjjfCgSVW26Ljnqycm2zoQGlSae2pxMlo9S&wd... Page URL
  2. https://www.hebronproperties.com/ HTTP 301
    https://hebronproperties.com/index.php Page URL
  3. https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/om/aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJ... HTTP 302
    https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_autho... Page URL

Page Statistics

13
Requests

77 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

5
IPs

2
Countries

311 kB
Transfer

1157 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.baidu.com/link?url=8w-_34w4kYEbtOarjJjR0-tcq_FkvgjjfCgSVW26Ljnqycm2zoQGlSae2pxMlo9S&wd=aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJUnNjZA== Page URL
  2. https://www.hebronproperties.com/ HTTP 301
    https://hebronproperties.com/index.php Page URL
  3. https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/om/aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJUnNjZA%3D%3D HTTP 302
    https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.hebronproperties.com/ HTTP 301
  • https://hebronproperties.com/index.php

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
link
www.baidu.com/
635 B
909 B
Document
General
Full URL
https://www.baidu.com/link?url=8w-_34w4kYEbtOarjJjR0-tcq_FkvgjjfCgSVW26Ljnqycm2zoQGlSae2pxMlo9S&wd=aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJUnNjZA==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.47.188 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Bdpagetype
3
Connection
keep-alive
Content-Encoding
br
Content-Length
352
Content-Type
text/html
Date
Fri, 13 Sep 2024 17:47:04 GMT
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Server
BWS/1.1
Traceid
1726249624148551885811772423481260730693
Vary
Accept-Encoding
X-Ua-Compatible
IE=Edge,chrome=1
X-Xss-Protection
1;mode=block
index.php
hebronproperties.com/
Redirect Chain
  • https://www.hebronproperties.com/
  • https://hebronproperties.com/index.php
853 B
511 B
Document
General
Full URL
https://hebronproperties.com/index.php
Requested by
Host: www.baidu.com
URL: https://www.baidu.com/link?url=8w-_34w4kYEbtOarjJjR0-tcq_FkvgjjfCgSVW26Ljnqycm2zoQGlSae2pxMlo9S&wd=aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJUnNjZA==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.250.126.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
stfpanama.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://www.baidu.com/link?url=8w-_34w4kYEbtOarjJjR0-tcq_FkvgjjfCgSVW26Ljnqycm2zoQGlSae2pxMlo9S&wd=aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJUnNjZA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
416
content-type
text/html; charset=UTF-8
date
Fri, 13 Sep 2024 17:47:06 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-type
text/html
date
Fri, 13 Sep 2024 17:47:05 GMT
location
https://hebronproperties.com/index.php
server
LiteSpeed
Primary Request oauth20_authorize.srf
aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/
Redirect Chain
  • https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/om/aHRvcnJlc3xZbkp2Ym5oc1pXSXViM0pufGp4bVhURWRYRVFJUnNjZA%3D%3D
  • https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&clien...
128 KB
22 KB
Document
General
Full URL
https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Requested by
Host: hebronproperties.com
URL: https://hebronproperties.com/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:dd03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405af1c1047e69830d77f96a4914334aca44a41e3e4a016c4001cf94f873fa17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hebronproperties.com/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
8c29f5f23a55d389-FRA
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self'; object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-9qZ5RAw5lIeJlzCnpi+3MaVFhQFiPQmPTdaTGToYxAs=' https://logincdn.msauth.net https://logincdn.msftauth.net https://lgincdnvzeuno.azureedge.net https://lgincdnmsftuswe2.azureedge.net https://ipv6.login.live.com https://*.microsoft.com https://*.office.net https://*.bing.com https://*.sharepointonline.com 'report-sample'; img-src 'self' https://logincdn.msauth.net https://logincdn.msftauth.net https://lgincdnvzeuno.azureedge.net https://lgincdnmsftuswe2.azureedge.net https://ipv6.login.live.com https://*.microsoft.com https://*.office.net https://*.bing.com https://*.sharepointonline.com; report-uri https://csp.microsoft.com/report/MSA-UX-All
content-type
text/html
date
Fri, 13 Sep 2024 17:47:09 GMT
expires
Mon, 25 Jul 1997 05:00:00 GMT
link
<https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
ppserver
PPV: 30 H: PH1PEPF000181B0 V: 0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0h0dvalBNMK7ECYxCOq%2BTnOeYFqfVoj%2Bmw2xDSwEr5SARwLS1vlycmDaxjpr6LFy%2B3Wvv5b6H18mjuj5Qq4AzLieOhxk%2BXz0B3bj3AHSM51qkdAD0YSoHM9RjxCWFfvLH10Yvf0ZyQlJ1xweoFBCZ9D6WnrLQ9ogBHYg%2Bqyt%2B8WxAUk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Origin, Origin, Accept-Encoding
x-cache-status
MISS
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-ms-request-id
a5a60492-6f2b-4447-a830-ab46327850f5
x-ms-route-info
C501_BAY
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
null
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
8c29f5e7d86dd389-FRA
content-type
text/html
date
Fri, 13 Sep 2024 17:47:08 GMT
location
https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000#
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XmRD1YSB9pbsvH9%2Ba2kY6C7WojvZaaFD0%2BeLyN9sR66C0GA8xwb5eOzcdIVOJ4RbZiqPdw5LlAv%2FapvbYCXNRx9GMyCfPnphl%2BiRCPAF1EPam%2ByoVVRI0MeMr2x2iBgu%2B8vmrsYzikE%2Bt0rvmOmj7uSoeiMCW3sk70Z3N7AMDI8AnOR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
x-cache-status
MISS
MSA-UX-All
csp.microsoft.com/report/
2 B
225 B
Other
General
Full URL
https://csp.microsoft.com/report/MSA-UX-All
Requested by
Host: aladevstart.scaffoldingssolutions.com
URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::57 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://aladevstart.scaffoldingssolutions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Fri, 13 Sep 2024 17:47:10 GMT
content-type
text/plain; charset=utf-8
x-azure-ref
20240913T174709Z-164cfbd49c9grts7d8edz5h55400000001pg0000000020k1
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:5c791ad2-9c50-4271-a8a5-5c74d929f3ed
login_de_LukWa28jkZBU0EncZBz1Rg2.js
logincdn.msauth.net/shared/5/js/
917 KB
233 KB
Script
General
Full URL
https://logincdn.msauth.net/shared/5/js/login_de_LukWa28jkZBU0EncZBz1Rg2.js
Requested by
Host: aladevstart.scaffoldingssolutions.com
URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::57 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87168a7a750c0786410f39303f06c05d5433addc95d414a8cf04dc581a339847

Request headers

Referer
https://aladevstart.scaffoldingssolutions.com/
Origin
https://aladevstart.scaffoldingssolutions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Sep 2024 17:47:09 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
67912908
content-length
238012
x-ms-lease-status
unlocked
last-modified
Wed, 04 Sep 2024 02:18:54 GMT
etag
0x8DCCC87ECBFCB4E
x-azure-ref
20240913T174709Z-164cfbd49c9gzhvl2zts5ynann00000001m00000000036pm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6468b334-f01e-006c-0e07-05176c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneds-analytics-js_077217740c853b5d4fe8.js
logincdn.msauth.net/shared/5/chunks/
89 KB
33 KB
Script
General
Full URL
https://logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_077217740c853b5d4fe8.js
Requested by
Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/5/js/login_de_LukWa28jkZBU0EncZBz1Rg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::57 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb327424aa27d47e4499187303774f8f22557359db3c6bb583e033e07dd0b337

Request headers

Referer
https://aladevstart.scaffoldingssolutions.com/
Origin
https://aladevstart.scaffoldingssolutions.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Sep 2024 17:47:09 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
32811
x-ms-lease-status
unlocked
last-modified
Fri, 09 Aug 2024 21:16:17 GMT
etag
0x8DCB8B881BE95D6
x-azure-ref
20240913T174709Z-164cfbd49c9gzhvl2zts5ynann00000001m00000000036q1
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f3595dda-c01e-006c-01ec-045f7e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
GetExperimentAssignments.srf
aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/
78 B
885 B
Fetch
General
Full URL
https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/GetExperimentAssignments.srf
Requested by
Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/5/js/login_de_LukWa28jkZBU0EncZBz1Rg2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:dd03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab15577c839132e63994a193592d983353a1a5aaa17d5a4d28553edf30a0f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

correlationId
5cc3bd608cd23d2cf4073fc7a41bcf58
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
client-request-id
5cc3bd608cd23d2cf4073fc7a41bcf58
Content-type
application/json; charset=utf-8
hpgid
33
Accept
application/json
Referer
https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
hpgact
0

Response headers

date
Fri, 13 Sep 2024 17:47:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-ms-route-info
C543_SN1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
ppserver
PPV: 30 H: SN1PEPF0002F99E V: 0
server
cloudflare
vary
Origin, Origin, Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS
content-type
application/json
access-control-allow-origin
https://aladevstart.scaffoldingssolutions.com
x-ms-request-id
29169012-1d7a-4dcb-b176-571284df1670
cache-control
s-maxage=0
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcC5tJXMDmm1MqZQjVnAfq%2FDi5fV6WkJe%2BXJL0Z3UEanVHzbHNYSfskH4b2ZaC3uy40lWAKS67k34rjvDzuXy1PRaADkeiodlXHGJDmQ9E2mq2Q%2BEsmjRBPUv4672a08TsuN%2BIBz1LVY97F4HFa4faeDU8ynaV9uc0B1u00LRhJy%2FUJ5"}],"group":"cf-nel","max_age":604800}
cf-ray
8c29f5f9fcced389-FRA
access-control-allow-headers
auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
expires
Mon, 25 Jul 1997 05:00:00 GMT
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msauth.net/shared/5/images/
4 KB
2 KB
Image
General
Full URL
https://logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Requested by
Host: aladevstart.scaffoldingssolutions.com
URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::57 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://aladevstart.scaffoldingssolutions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Sep 2024 17:47:09 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
1435
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:25 GMT
etag
0x8DB772562988611
x-azure-ref
20240913T174709Z-164cfbd49c9vnfx4vyh28evvp0000000010000000000usmm
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b17d5cdc-001e-0036-38f0-044e26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19d.svg
logincdn.msauth.net/shared/5/images/
2 KB
1 KB
Image
General
Full URL
https://logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
Requested by
Host: aladevstart.scaffoldingssolutions.com
URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::57 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://aladevstart.scaffoldingssolutions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Sep 2024 17:47:09 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
673
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:22 GMT
etag
0x8DB7725611C3E0C
x-azure-ref
20240913T174709Z-164cfbd49c9vnfx4vyh28evvp0000000010000000000usmn
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
aa8418d0-201e-0016-7cec-04423e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
fpt.live.com/ Frame 3B7B
0
0

favicon.ico
logincdn.msauth.net/16.000.30359.3/images/
17 KB
17 KB
Other
General
Full URL
https://logincdn.msauth.net/16.000.30359.3/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::57 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://aladevstart.scaffoldingssolutions.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Sep 2024 17:47:10 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
17174
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 22:03:08 GMT
etag
0x8DCCC64320F606E
x-azure-ref
20240913T174710Z-164cfbd49c9vnfx4vyh28evvp0000000010000000000usnu
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
e47cf6cb-201e-004b-4bd8-0448ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0

/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fpt.live.com
URL
https://fpt.live.com/?session_id=5cc3bd608cd23d2cf4073fc7a41bcf58&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SI
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| OITUp string| tAjizq string| VAFhtvD string| pqrBinZg string| cevlIJSec function| IvUiRzjPd object| PROOF object| ServerData function| $Loader object| g_dtFirstByte function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime object| __dynProto$Gbl

24 Cookies

Domain/Path Name / Value
.baidu.com/ Name: BAIDUID
Value: A9BC0B2E7DD3AFC2B22B6D975EFA8A4A:FG=1
www.baidu.com/ Name: BDSVRTM
Value: 0
aladevstart.scaffoldingssolutions.com/ Name: 0
Value: ClientId=88E242AE8F604CF4A7A051B85FBB8862
aladevstart.scaffoldingssolutions.com/ Name: 1
Value: ClientId=88E242AE8F604CF4A7A051B85FBB8862
aladevstart.scaffoldingssolutions.com/ Name: 2
Value: OIDC=1
aladevstart.scaffoldingssolutions.com/ Name: 16
Value: OpenIdConnect.nonce.v3.dMT5STAmFwYSKK_9uEBCEmJRLXJvuckdzA0ntgWi0x8=638618464272665580.22f3ce9a-0f32-4a41-b447-b24176beccfb
aladevstart.scaffoldingssolutions.com/ Name: 20
Value: ClientId=88E242AE8F604CF4A7A051B85FBB8862
aladevstart.scaffoldingssolutions.com/ Name: 21
Value: OIDC=1
aladevstart.scaffoldingssolutions.com/ Name: 35
Value: OpenIdConnect.nonce.v3.dMT5STAmFwYSKK_9uEBCEmJRLXJvuckdzA0ntgWi0x8=638618464272665580.22f3ce9a-0f32-4a41-b447-b24176beccfb
aladevstart.scaffoldingssolutions.com/ Name: 39
Value: X-OWA-RedirectHistory=ArLym14B7Ev6FRzU3Ag
aladevstart.scaffoldingssolutions.com/ Name: buid
Value: 0.ATgAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYsDpHIvmeKJKUugvEPHdlvNCgF9vXHiplBZ5p6nJAmJGJUv2FMztFFF_vHg6m9XBT2Xi_tKfQWoxjJ80_OxpZ2xSxJutOLwlJTQeLUppm8h0gAA
aladevstart.scaffoldingssolutions.com/ Name: esctx-EDYUbpX0wLA
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYQO4uA0A_gaJ0QoYLqpPHVT5nfTPPOUzZdTOPxSSx67kkGxkZsV67O36EkCVML5npUiiBRQDyjgr_CubSXT4IZEfwj-LN0D1mCeH7GZM68-3BF2Ew9vWSIC26p7eRPPsSBoEID23PrmpMdR_DdH05VyAA
aladevstart.scaffoldingssolutions.com/ Name: fpc
Value: AmYN3fzBghpNq7e1BH6_74WerOTJAQAAAJtxdt4OAAAA
aladevstart.scaffoldingssolutions.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY8Una0In5C6yTJAGGdC95aw1E3syab3H-2HEj66GEwnMKZjAEv0XtucYw_Rr0swStS7mhFkdrJsuOHXGyLtCpyBrtJAFbMuH_IF-u2rZHxAFEFZHXXadVZ_rqbHURfS0Zv1XmyxDJcx8fCgBUDWRhg7JZzXetqe6roSRM4QRdq-0gAA
aladevstart.scaffoldingssolutions.com/ Name: x-ms-gateway-slice
Value: estsfd
aladevstart.scaffoldingssolutions.com/ Name: stsservicecookie
Value: estsfd
aladevstart.scaffoldingssolutions.com/ Name: appdfmd5naosiz309213
Value: aHRvcnJlc0Bicm9ueGxlYi5vcmc=
aladevstart.scaffoldingssolutions.com/ Name: MSPRequ
Value: id=N&lt=1726249628&co=1
aladevstart.scaffoldingssolutions.com/ Name: uaid
Value: 5cc3bd608cd23d2cf4073fc7a41bcf58
aladevstart.scaffoldingssolutions.com/ Name: MSCC
Value: 20.49.3.104-US
aladevstart.scaffoldingssolutions.com/ Name: MSPOK
Value: $uuid-2d77b55d-197a-4b60-a51f-99654d5f9e3d
aladevstart.scaffoldingssolutions.com/ Name: OParams
Value: 11O.DsEdFzvWpFPcYXnOxdtCmCEY0jAL6K6XShNj61gwHBa4DtS4PWBvaax3g20hD49yhymB22X51FD4FILD!83kzTsX*Bcg36pFat2pqfBJawq53Y99Ex6C5Cq!N2JiHfg7*W4KTwU*CDQ7jwt7n02yaT3GRPiAS3GAiaXLNxaJ3Psv1ZonKaeg4XqHE8kbOUZV4AEusfl*ByM7iT3lxQ9o5z6bCqsy5UhVuRDZ!ar1avGaPTRJB2XsnVLmMXn3ALVucAe6ww1qnHFdt2Xbez6NgJ1Qn3Knb51*FXtClAtJ0FR*pcNcKujaCuNAxwP1D01eDTPP4Qwj9H*WnPkQMR!qMG67vLg9T*RtL5Aulm56!vUfKn4XYpYyrAYkIF!Q4wYrxsXqsEg3Osr*Ec!jQuQXxLQl3GMws16pUUJFcUAebSYqQi3*IUJoemH8YEh!5e1eApT5z7!mcdr9ULia2XlfqhOES1lj3cOAMnN1HyAD39XsNIxRoBtBHWN4ougeXxNdwXeL5Zjos4a4tPNfWjNi7*v9wHjoGCy9KELRjkJWHVT!KyEL6Pey8xYfjknyB47NPzeATGBDpJVtC9juPOn4!DhGS1Wj1VgZqYxuKpC4sJJPhwpkQnEHP79xzMuFeR4kVTl1mcbXlOfYF3Vxh3l!JtSFyalrJ3l9FaHt6BsuV8IOcLdzXKOXfyUzzlRovh6QOLqqeO9uaFdUo759rmEkFp!IY301aZVroY!Bas0d26uyFY9BGuEpmK3OXomBHzC9GxJlSQrpgU0tja39LnPaAVvIPmksww3!34yIpm2t7YuZsSgelaccxSaJDCnDquUe5zylCyhhWBIbLd4ZErL8LHPcGjks6jn*Hz9oBrN6syZJXvQfXPWKZk*Wup!xhRyvwXnKe5LoS7lleMMXuFw30iT7lSstUZzUAoNnCEzIheEw8bRShxV15YJqXhkUcd3ShZIcR9ZuaOEAbvwUS42pCUOFcc3k7ctqf530d1mn0wsphEqZ00KCigGq0GHWKGUppJvawcT5gPwF!p!pU67RDDx1ydm2M43evVUWUy70G9*nM6tujTnrR2M6JCybxOqpPdx7e*hMxRUbAlmIHgoU6Inju9vf0Sod9CcgKlxtcjK*RB3m5iULKdMIwlm8z6e*LK8G9tyx2MRDZ0ZtTK81CTyC!TVIkY5c!5WTIv3OIw7hKtVyUwaQnN38EtFPv7lpFzQT02JwY9Mfl2wHKCecOR!w3X2gRvvnfuEbHfnlwzI5QYwsM6qYvAFE2dVSckA7WfLVl*m*DoMzJ*oKk0M9wNHS8ZceYiRAabV6z1JC*6AsR1OTnHSA!7vYajeyvGWYc2RqVZYB9fhQwmgYxYPFgk8$
aladevstart.scaffoldingssolutions.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 074e2630-9854-49eb-8e6e-889f4fde8c22
aladevstart.scaffoldingssolutions.com/ Name: ai_session
Value: dsjrGwLheo1Zcn7GZ99uU7|1726249629944|1726249629944

4 Console Messages

Source Level URL
Text
security error URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000#
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-9qZ5RAw5lIeJlzCnpi+3MaVFhQFiPQmPTdaTGToYxAs=' https://logincdn.msauth.net https://logincdn.msftauth.net https://lgincdnvzeuno.azureedge.net https://lgincdnmsftuswe2.azureedge.net https://ipv6.login.live.com https://*.microsoft.com https://*.office.net https://*.bing.com https://*.sharepointonline.com 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-CU/AuTIP0wOItc26djEPl+tNM8n6f49TRu8IK+CU21Q='), or a nonce ('nonce-...') is required to enable inline execution.
javascript warning URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://logincdn.msauth.net/shared/5/js/login_de_LukWa28jkZBU0EncZBz1Rg2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://logincdn.msauth.net/shared/5/js/login_de_LukWa28jkZBU0EncZBz1Rg2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation verbose URL: https://aladevstart.scaffoldingssolutions.com/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLoGEvYdjLvXo2H5htz--RPp8xCxGzviczLJUveT83FWM8hklJQXFVvr6-aUlOfn52Xr5aWmZyWBJ_fzyRP0djIwXGBlfMDJOYhLJKMkvKkotdkgqys-ryElN0ssvSl_FZG5mbGFmaGFiZmJkbmRmZmpqYaBnZJRmnJxqmQh0lrGRrkmiiaFukomJuW6SkYmhuVlSanJyWtItJn5_x9KSDCMQkV-UWZX6iYkzLb8oN74gv7hkFnOCS3KJk2u-Y7qzq1NQkX-2SYGzp7NHaHKycVJSsW6Rm0lafHKIo1dVhrN3jmugd3hUmLtfRmiGT4FxcoFfiV9JcpWFc6V7pWtAUWmWb2a2aXJYRJVfaYixW6puhLF7fLbHKmaiwnATMxswMHLz804xs-UXpOZlplxgYXzAwviKhcmA4wcL4yJWYCAvTXtz7sk2FfedW55nWdTlMJxi1c_yKfN38y8NT0xMzDUtN6lycrMMCvfyDfQ1zDGyCAgONi4rz3U1KEjJzQi0NbcynMDGOIGNbRcbJwezAIMSs3OA4Qs2xg9sjB3sDLs4CcXSBW7GDTyMt3hMuNiScxIzc4uFtKqVMlPiS_KzU_OUrKqVKnKL45OTQayyxJzS1GIlq2gloBVKsbW1tQd4GX7wbZ63ZcvB5q3vPF7x6xibmZY6lZVHaKcFVDiGlHk6J-caZObrZ6WX-HgmlRY4mmZWFbqnJRpmJ2XbbhBgeCDAAAA1&login_hint=htorres%40bronxleb.org&estsfed=1&uaid=5cc3bd608cd23d2cf4073fc7a41bcf58&cobrandid=deb3f74a-ed5b-4ef1-8d3c-92b85dd47352&fci=00000002-0000-0ff1-ce00-000000000000#
Message:
[DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1;mode=block