urlscan.io logo urlscan.io
SecurityTrails logo

primoframe.com Open in urlscan Pro
173.237.190.21  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Submission: On April 15 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 33 HTTP transactions. The main IP is 173.237.190.21, located in Saint Louis, United States and belongs to COLO4-CO - Colo4, LLC, US. The main domain is primoframe.com.
This is the only time primoframe.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
5 173.237.190.21 36024 (COLO4-CO)
22 95.101.245.11 16625 (AKAMAI-AS)
1 131.253.61.82 8075 (MICROSOFT...)
3 2a02:26f0:78:... 20940 (AKAMAI-ASN1)
1 104.45.0.17 8075 (MICROSOFT...)
1 207.46.194.10 8075 (MICROSOFT...)
33 6
5    173.237.190.21 (Saint Louis, United States)

ASN36024 (COLO4-CO - Colo4, LLC, US)
PTR: web2.thepowerservers.com
primoframe.com
22    95.101.245.11 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-245-11.deploy.akamaitechnologies.com
auth.gfx.ms
1    131.253.61.82 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.live.com
3    2a02:26f0:78:184::747 (European Union)

ASN20940 (AKAMAI-ASN1, US)
i.s-microsoft.com
1    104.45.0.17 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
account.live.com
1    207.46.194.10 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: msnbot-207-46-194-10.search.msn.com
c.live.com
Domain Requested by
22 auth.gfx.ms primoframe.com
auth.gfx.ms
5 primoframe.com primoframe.com
3 i.s-microsoft.com auth.gfx.ms
1 c.live.com
1 account.live.com auth.gfx.ms
1 login.live.com primoframe.com
33 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
login.live.com
Subject Issuer Validity Valid
msagfx.live.com
Symantec Class 3 Secure Server CA - G4		 2016-12-14 -
2018-12-15		 2 years crt.sh
gateway.login.live.com
Symantec Class 3 EV SSL CA - G3		 2015-11-20 -
2017-11-20		 2 years crt.sh
www.microsoft.com
Symantec Class 3 Secure Server CA - G4		 2017-04-07 -
2019-04-08		 2 years crt.sh
graph.windows.net
Microsoft IT SSL SHA2		 2016-09-15 -
2018-05-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Frame ID: 11845.1
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

33
Requests

82 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

6
IPs

4
Countries

358 kB
Transfer

731 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 29
  • http://c.bing.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%2...
  • http://c.live.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%2...

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ah.php
primoframe.com/danny/PDF_Document/Adobepdf/ 		57 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Server
173.237.190.21 Saint Louis, United States, ASN36024 (COLO4-CO - Colo4, LLC, US),
Reverse DNS
web2.thepowerservers.com
Software
Apache /
Resource Hash
7ca801e58e119e69dc5299999cc0be9d87004c795309cb97c0b403711751f5c6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
primoframe.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:44:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
58428
Content-Type
text/html; charset=UTF-8
adb.js
primoframe.com/danny/PDF_Document/Adobepdf/img/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://primoframe.com/danny/PDF_Document/Adobepdf/img/adb.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Server
173.237.190.21 Saint Louis, United States, ASN36024 (COLO4-CO - Colo4, LLC, US),
Reverse DNS
web2.thepowerservers.com
Software
Apache /
Resource Hash
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
primoframe.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:44:31 GMT
Last-Modified
Sun, 28 Feb 2016 19:21:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
20325
msa_xHEtHB_OhE8-DGjHCQrnoA2.css
auth.gfx.ms/ 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
774bdb90b2a7abd1d0b3fb8e4cfa9477b4df166ddbfb9b884acfaea61745e373

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2015 07:05:30 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A001 V: 0
ETag
"0d9e81b9a1d01:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14591
Server
Microsoft-IIS/8.5
jquery_fkARAG2XCi0aQBl8NJfK6A2.js
auth.gfx.ms/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/jquery_fkARAG2XCi0aQBl8NJfK6A2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
921f3fb487ee81989ae938e3faa052b6e0b8e5a0a7112549774ffd6918fe7146

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2016 22:45:31 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C003 V: 0
ETag
"807713e68b6ed11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33688
Server
Microsoft-IIS/8.5
bootstrap_3.3.0_TAjmEa4X8mniy7U22Y_4JA2.js
auth.gfx.ms/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/bootstrap_3.3.0_TAjmEa4X8mniy7U22Y_4JA2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
cf81b18702e195f67e1fe31d7a6ee856c77ce0268d015678fc37ba45b59ca4ec

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2016 02:23:34 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A003 V: 0
ETag
"097f4dfe062d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8941
Server
Microsoft-IIS/8.5
debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js
auth.gfx.ms/ 		545 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
474ebb1019ae43c1f7e3410b3aa00941d3b9b895e640939da62c0c4c110cc138

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Last-Modified
Thu, 17 Dec 2015 01:29:11 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"80cdbf546a38d11:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
545
Server
Microsoft-IIS/8.5
lightObjectPackage_MjbDJD20Fbf62f6RLD3hzg2.js
auth.gfx.ms/ 		2 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/lightObjectPackage_MjbDJD20Fbf62f6RLD3hzg2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
a1218b3c416aab761ed16ccfba8173704d88370a848d53493aa03ee8f77eee2b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2015 01:29:11 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"80cdbf546a38d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
687
Server
Microsoft-IIS/8.5
lightStringPackage_pTo_sFvCjMDAkBCHXhpkfg2.js
auth.gfx.ms/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/lightStringPackage_pTo_sFvCjMDAkBCHXhpkfg2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6a9726f1da70798d3a6b6220c3964125fa10b580d9d82f2b6cf850f8caeb6c17

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2015 01:29:11 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"80cdbf546a38d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1056
Server
Microsoft-IIS/8.5
wLiveBasePackage_puWJiQvu3Z-eXMntvEPunA2.js
auth.gfx.ms/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/wLiveBasePackage_puWJiQvu3Z-eXMntvEPunA2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0c930523d5c978c6e20c8b3e0d11ed47dd918835d5c1d236fed9fd49733042cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jul 2015 22:48:23 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"80158b2e3ec3d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8718
Server
Microsoft-IIS/8.5
identityControlPackage_0fkD1DsWxagc46duPerDow2.js
auth.gfx.ms/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/identityControlPackage_0fkD1DsWxagc46duPerDow2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2b4f17bb71878a9c556e69ba6c53369744ea8cc9688700437326f964d52c0570

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Aug 2015 01:32:15 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"8039c9c31d6d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6051
Server
Microsoft-IIS/8.5
wLivePackage_Izfl4Rrkiv6dkNuGmgWzIQ2.js
auth.gfx.ms/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/wLivePackage_Izfl4Rrkiv6dkNuGmgWzIQ2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4f615e8fe49795758c3e95fa72a320dda6afcbece39ec0d1a1f1cf70de6079ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jul 2015 22:48:29 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"809c1e323ec3d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26387
Server
Microsoft-IIS/8.5
liveDepExPackage_7_RN1jEBYE8AqQhmGAWc2g2.js
auth.gfx.ms/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/liveDepExPackage_7_RN1jEBYE8AqQhmGAWc2g2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c60acbffec9bbf6db5dc3f48031bce225dedd4b125a1f71ca434d5d3ff53463d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2015 01:31:01 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"807850966a38d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11827
Server
Microsoft-IIS/8.5
animations_F0feig31z1IAjWLnhlI63Q2.js
auth.gfx.ms/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/animations_F0feig31z1IAjWLnhlI63Q2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e24a8417f9e68ca635d037a403710d997fb518f305bf0db2dd0321ffd3e6694a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2017 19:16:50 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A004 V: 0
ETag
"0bdccd9f7a7d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=148526
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2435
Server
Microsoft-IIS/8.5
popoverExPackage_mba2Gdb8TSyQJOkzDPvT6A2.js
auth.gfx.ms/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/popoverExPackage_mba2Gdb8TSyQJOkzDPvT6A2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f1951ece50e9966ce1a3d91fc2d47adcdada3c1ec4a4bac4da33cf532d244a44

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Sep 2015 02:14:39 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"80d1a699a5f5d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3686
Server
Microsoft-IIS/8.5
jsViewsPackage_1L8dOoDvyz7pGU8nh0Lu9Q2.js
auth.gfx.ms/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/jsViewsPackage_1L8dOoDvyz7pGU8nh0Lu9Q2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
94a562be2f8741ced1c35447b07943320304109cb3bec55b67d0aa3f978e0a5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Nov 2015 21:30:50 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"0e1f2b9da23d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8635
Server
Microsoft-IIS/8.5
notificationsPackage_H4BuR8TeYPHDrl8CQupPcA2.js
auth.gfx.ms/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/notificationsPackage_H4BuR8TeYPHDrl8CQupPcA2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
5d5ddd39ffe996c1e1c8eaebe4394cae4052faaadb5e6a0452f87a5b4d3da183

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Nov 2015 21:31:47 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A003 V: 0
ETag
"8063ecdbda23d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10041
Server
Microsoft-IIS/8.5
dataRequestPackage_cQLYyUCls0nLTeSr0W9DdA2.js
auth.gfx.ms/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/dataRequestPackage_cQLYyUCls0nLTeSr0W9DdA2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
81156343a747924b3b9f98251926e124c5b5b009b2f532e8eb6dd0b504044571

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Aug 2015 17:46:53 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"80a469515e4d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7982
Server
Microsoft-IIS/8.5
accountCorePackage__4ItZRdSW5zHuKnNIrCoOQ2.js
auth.gfx.ms/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/accountCorePackage__4ItZRdSW5zHuKnNIrCoOQ2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4ac7982d34d450dad3e3e5cee884500e47ce32640e1f3ee9a5d252b57c9baae2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2015 07:06:22 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C003 V: 0
ETag
"06bda0b9a1d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9396
Server
Microsoft-IIS/8.5
ConfirmIdentity.Web_661G8azxu2Lk5X3sBRWIUw2.js
auth.gfx.ms/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/ConfirmIdentity.Web_661G8azxu2Lk5X3sBRWIUw2.js
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0b73d129e7dae1e533f4405a43bb11091891d98824039336f2dd685452890df0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jul 2015 22:48:23 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A002 V: 0
ETag
"80158b2e3ec3d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13181
Server
Microsoft-IIS/8.5
JSPublicKey.srf
login.live.com/ppsecure/ 		804 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.live.com/ppsecure/JSPublicKey.srf
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
131.253.61.82 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
88eeb7b3589e46a1e7f6971546fa7125062e865cac194151ed281de7524a58ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
login.live.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
Date
Sat, 15 Apr 2017 05:40:00 GMT
Vary
Accept-Encoding
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Cache-Control
no-cache
Connection
close
Content-Type
application/x-javascript
Content-Length
509
X-XSS-Protection
1; mode=block
Expires
Sat, 15 Apr 2017 05:39:01 GMT
ms-logo-v2.jpg
auth.gfx.ms/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.gfx.ms/images/ms-logo-v2.jpg
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
bc2b16b51738b77d94ed7591ad1033fa804297ca9faaa35222aa65773f749164

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:01 GMT
Last-Modified
Tue, 28 Mar 2017 19:14:01 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A003 V: 0
ETag
"80621175f7a7d21:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=148312
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2797
Server
Microsoft-IIS/8.5
invis.gif
auth.gfx.ms/images/is/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.gfx.ms/images/is/invis.gif
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Last-Modified
Tue, 28 Mar 2017 19:14:01 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"80621175f7a7d21:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Server
Microsoft-IIS/8.5
c5.png
auth.gfx.ms/images/h/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.gfx.ms/images/h/c5.png
Requested by
Host: auth.gfx.ms
URL: https://auth.gfx.ms/jquery_fkARAG2XCi0aQBl8NJfK6A2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
45d767170192a5526ac3a10f917350334c0bbc500487939bd9d1c5b49d9add84

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Last-Modified
Tue, 28 Mar 2017 19:14:01 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A003 V: 0
ETag
"80621175f7a7d21:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4506
Server
Microsoft-IIS/8.5
latest.woff
i.s-microsoft.com/fonts/segoe-ui/west-european/normal/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.s-microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff
Requested by
Host: auth.gfx.ms
URL: https://auth.gfx.ms/jquery_fkARAG2XCi0aQBl8NJfK6A2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:78:184::747 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1

Request headers

:path
/fonts/segoe-ui/west-european/normal/latest.woff
pragma
no-cache
origin
http://primoframe.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.s-microsoft.com
referer
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
Origin
http://primoframe.com

Response headers

date
Sat, 15 Apr 2017 05:40:01 GMT
last-modified
Tue, 01 Mar 2016 17:40:35 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"d0ec1e76e173d11:0"
vtag
279363926700000000
status
200
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
*
cache-control
public, max-age=378577
accept-ranges
bytes
content-type
application/octet-stream
content-length
41280
latest.woff
i.s-microsoft.com/fonts/segoe-ui/west-european/light/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.s-microsoft.com/fonts/segoe-ui/west-european/light/latest.woff
Requested by
Host: auth.gfx.ms
URL: https://auth.gfx.ms/jquery_fkARAG2XCi0aQBl8NJfK6A2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:78:184::747 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9

Request headers

:path
/fonts/segoe-ui/west-european/light/latest.woff
pragma
no-cache
origin
http://primoframe.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.s-microsoft.com
referer
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
Origin
http://primoframe.com

Response headers

date
Sat, 15 Apr 2017 05:40:01 GMT
last-modified
Tue, 01 Mar 2016 17:40:35 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"dbcc876e173d11:0"
vtag
279290926700000000
status
200
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
*
cache-control
public, max-age=460590
accept-ranges
bytes
content-type
application/octet-stream
content-length
33556
latest.woff
i.s-microsoft.com/fonts/segoe-ui/west-european/semibold/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.s-microsoft.com/fonts/segoe-ui/west-european/semibold/latest.woff
Requested by
Host: auth.gfx.ms
URL: https://auth.gfx.ms/jquery_fkARAG2XCi0aQBl8NJfK6A2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:78:184::747 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
942e5dd201200674506b0df50c1afef021fff6d5bd7bb7f600ded8617dbcb386

Request headers

:path
/fonts/segoe-ui/west-european/semibold/latest.woff
pragma
no-cache
origin
http://primoframe.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
i.s-microsoft.com
referer
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
https://auth.gfx.ms/msa_xHEtHB_OhE8-DGjHCQrnoA2.css
Origin
http://primoframe.com

Response headers

date
Sat, 15 Apr 2017 05:40:02 GMT
last-modified
Tue, 01 Mar 2016 17:40:35 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"ce62576e173d11:0"
vtag
43848405800000000
status
200
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
*
cache-control
public, max-age=720527
accept-ranges
bytes
content-type
application/octet-stream
content-length
35900
favicon.ico
auth.gfx.ms/images/ 		17 KB
540 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/images/favicon.ico?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2017 19:14:01 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A001 V: 0
ETag
"80621175f7a7d21:0"
Vary
Accept-Encoding
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Cache-Control
max-age=159666
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
540
Server
Microsoft-IIS/8.5
invis.gif
auth.gfx.ms/images/is/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.gfx.ms/images/is/invis.gif
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.11 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-11.deploy.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
auth.gfx.ms
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:02 GMT
Last-Modified
Tue, 28 Mar 2017 19:14:01 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"80621175f7a7d21:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Server
Microsoft-IIS/8.5
Cookie set ReportClientEvent
account.live.com/API/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://account.live.com/API/ReportClientEvent?canary=SU5ZQ8Q3JCBpQAQ6royhp7cU0WE7qA9xwk8W2oUkO4b6Cir6a8GD9Ia2CMyH3tWXGDEP8D3cvs03Fhxsg3pMMFFJao8jmLSkpnWzxwyZknRBQzbdZcsj4O6jCISL4%2FBnyibTgznrg5PtIod3Dvt5pjT2NPuJaF1Y9WxUkTMaRiLhErTDagr7UDtFT5%2FiS33Ucq5t3ozSW64yF6WOywbKe2xgNIOHaMeK0AcH0B4ONcBLpz7H4BAiCKKjGPHAD813%3A1%3A3c&callback=wLive.Core.DataRequest.dataRequestCallback_0&{%22pageApiId%22:200356,%22clientDetails%22:[],%22userAction%22:%22%22,%22source%22:%22PageView%22,%22uiflvr%22:1001,%22uaid%22:%22f239d96a5a9c4f8aad2fe4bf248430b5%22,%22scid%22:100166,%22hpgid%22:200355}&_=1492234802311
Requested by
Host: auth.gfx.ms
URL: https://auth.gfx.ms/jquery_fkARAG2XCi0aQBl8NJfK6A2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.45.0.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
account.live.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:40:00 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
P3P
CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
Content-Length
18649
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge, chrome=1
Pragma
no-cache
Server
Microsoft-IIS/8.5
X-Wlp-ProxyInstrumentation
True
X-Frame-Options
deny
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store
Set-Cookie
AVC=v=1.41.1.944&t=04/15/2017 05:40:02; domain=live.com; path=/; secure E=P:mAPo3MGD1Ig=:PQ1iH19uw/PbsZvDnUIiQm268sMrYbh+lqDIPvq/mZA=:F; domain=.live.com; path=/; secure
AMServer
BL2XXXXMFE3C047
Expires
-1
Watson.mvc
primoframe.com/handlers/ 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://primoframe.com/handlers/Watson.mvc?sr=100&biciNoLDParse=1&ec=TypeError%3A%20%24Do.when%20is%20not%20a%20function&pn=Interrupt.confirmidentity.F.U&msg=Uncaught%20TypeError%3A%20%24Do.when%20is%20not%20a%20function&url=http%3A%2F%2Fprimoframe.com%2Fdanny%2FPDF_Document%2FAdobepdf%2Fah.php&ln=7&ih=false&an=false&ac=&ad=36&cs=&biciPrevious=e262cbd5-a28d-44c6-896f-d64cffd85120_0012ccaa4e6_6434&mmn=BL2IDSAMFE1A002&r=0.11064589106591649
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Server
173.237.190.21 Saint Louis, United States, ASN36024 (COLO4-CO - Colo4, LLC, US),
Reverse DNS
web2.thepowerservers.com
Software
Apache /
Resource Hash
dd76ed48a5eb85457a31e3ba887b5356b72b9288b690f2d81076c47c00aa8170

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
primoframe.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:44:33 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
Cookie set c.gif
c.live.com/
Redirect Chain
  • http://c.bing.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%2...
  • http://c.live.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%2...
 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.live.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%252A%253ACXP.Account%252AInterrupt.confirmidentity.F.U.%26PLT%3D2560%26IR%3D1%26EX%3D1%26L.h%3D1666%26L.ac%3D1668%26L.sjs%3D2432%26L.f%3D2525%26L.ttg%3D1666%26C.domIn%3D2526%26C.dns%3D1%26C.tcp%3D124%26C.req%3D1376%26C.resp%3D250%26C.navType%3D0%26C.redirectCount%3D0&r=0.890444835673784&ctsa=mr&CtsSyncId=EBA0C26E4E73467088E514F4DA2065C1&MUID=39844724EBF8655D1CAD4D41EFF861CF
Protocol
HTTP/1.1
Server
207.46.194.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
msnbot-207-46-194-10.search.msn.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
c.live.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Cookie
SM=T; MUID=2EAB97817D06656609D99DE479066129
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 Apr 2017 05:40:02 GMT
ETag
"6213c344329cd21:0"
Last-Modified
Mon, 13 Mar 2017 19:44:46 GMT
Server
Microsoft-IIS/8.5
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private, no-cache, proxy-revalidate, no-store
Set-Cookie
SM=C; domain=c.live.com; path=/; MUID=39844724EBF8655D1CAD4D41EFF861CF; domain=.live.com; expires=Thu, 10-May-2018 05:40:02 GMT; path=/; MR=0; domain=c.live.com; expires=Thu, 12-Oct-2017 05:40:02 GMT; path=/; ANONCHK=0; domain=c.live.com; expires=Sat, 15-Apr-2017 05:50:02 GMT; path=/;
Accept-Ranges
bytes
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 15 Apr 2017 05:40:01 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
http://c.live.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%252A%253ACXP.Account%252AInterrupt.confirmidentity.F.U.%26PLT%3D2560%26IR%3D1%26EX%3D1%26L.h%3D1666%26L.ac%3D1668%26L.sjs%3D2432%26L.f%3D2525%26L.ttg%3D1666%26C.domIn%3D2526%26C.dns%3D1%26C.tcp%3D124%26C.req%3D1376%26C.resp%3D250%26C.navType%3D0%26C.redirectCount%3D0&r=0.890444835673784&ctsa=mr&CtsSyncId=EBA0C26E4E73467088E514F4DA2065C1&MUID=39844724EBF8655D1CAD4D41EFF861CF
Cache-Control
private, no-cache, proxy-revalidate, no-store
Set-Cookie
MUID=39844724EBF8655D1CAD4D41EFF861CF; domain=.bing.com; expires=Thu, 10-May-2018 05:40:02 GMT; path=/; MR=0; domain=c.bing.com; expires=Thu, 12-Oct-2017 05:40:02 GMT; path=/; SRM_B=39844724EBF8655D1CAD4D41EFF861CF; domain=c.bing.com; expires=Thu, 10-May-2018 05:40:02 GMT; path=/; SRM_L=39844724EBF8655D1CAD4D41EFF861CF; domain=c.bing.com; expires=Thu, 10-May-2018 05:40:02 GMT; path=/;
Content-Length
0
Watson.mvc
primoframe.com/handlers/ 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://primoframe.com/handlers/Watson.mvc?sr=100&biciNoLDParse=1&ec=36&pn=Interrupt.confirmidentity.F.U&msg=Script%20error.&url=&ln=0&ih=false&an=false&ac=&ad=0&cs=&biciPrevious=e262cbd5-a28d-44c6-896f-d64cffd85120_0012ccaa4e6_6434&mmn=BL2IDSAMFE1A002&r=0.9035922141124975
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Server
173.237.190.21 Saint Louis, United States, ASN36024 (COLO4-CO - Colo4, LLC, US),
Reverse DNS
web2.thepowerservers.com
Software
Apache /
Resource Hash
dd76ed48a5eb85457a31e3ba887b5356b72b9288b690f2d81076c47c00aa8170

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
primoframe.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:44:33 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
Plt.mvc
primoframe.com/Handlers/ 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://primoframe.com/Handlers/Plt.mvc?bicild=&v=17.4.6334
Requested by
Host: primoframe.com
URL: http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Protocol
HTTP/1.1
Server
173.237.190.21 Saint Louis, United States, ASN36024 (COLO4-CO - Colo4, LLC, US),
Reverse DNS
web2.thepowerservers.com
Software
Apache /
Resource Hash
a3764854d750f4c05f37cc97150280a41b7857467e187004881a664e02494e81

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
primoframe.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://primoframe.com/danny/PDF_Document/Adobepdf/ah.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Sat, 15 Apr 2017 05:44:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
333
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js(Line 1)
Message:
CSIPerf: Assembling GT1Param for: NA*NA*:CXP.Account*Interrupt.confirmidentity.F.U.
console-api log URL: https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js(Line 1)
Message:
CSIPerf: GT1Param.IR = _instrumentedReferrer(true) && !t.nostart(true) && !forced(true) : 1
console-api log URL: https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js(Line 1)
Message:
CSIPerf: BSI csiperf isEmpty(idssPerfData)(false) || idssPerfData.IR(true): ANON=&NL=0&TP=0&CL=BL2IDSAMFE1A002&MA=en-US&B=17.4.6334&TR=NA%2ANA%2A%3ACXP.Account%2AInterrupt.confirmidentity.F.U.&PLT=2560&IR=1&EX=1&L.h=1666&L.ac=1668&L.sjs=2432&L.f=2525&L.ttg=1666&C.domIn=2526&C.dns=1&C.tcp=124&C.req=1376&C.resp=250&C.navType=0&C.redirectCount=0
console-api log URL: https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js(Line 1)
Message:
CSIPerf: Not sending transaction, _csiPerfConfigWLXFD.enabled(0) && _sbsPltConfig.enabled(0) && wlxFdPerfData([object Object]): ANON=&NL=0&TP=0&CL=BL2IDSAMFE1A002&MA=en-US&B=17.4.6334&TR=NA%2ANA%2A%3ACXP.Account%2AInterrupt.confirmidentity.F.U.&PLT=2560&IR=1&EX=1&L.h=1666&L.ac=1668&L.sjs=2432&L.f=2525&L.ttg=1666&C.domIn=2526&C.dns=1&C.tcp=124&C.req=1376&C.resp=250&C.navType=0&C.redirectCount=0
console-api log URL: https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js(Line 1)
Message:
CSIPerf: Clearing FROM (was '') and START_TIME (was '') in perf cookie.
console-api log URL: https://auth.gfx.ms/debugPackage_FXJNPnA80aWOT3mweKw-Qw2.js(Line 1)
Message:
BSI: Firing beacon //c.live.com/c.gif?DI=6434&wlxid=e262cbd5-a28d-44c6-896f-d64cffd85120&reqid=0012ccaa4e6: csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL2IDSAMFE1A002%26MA%3Den-US%26B%3D17.4.6334%26TR%3DNA%252ANA%252A%253ACXP.Account%252AInterrupt.confirmidentity.F.U.%26PLT%3D2560%26IR%3D1%26EX%3D1%26L.h%3D1666%26L.ac%3D1668%26L.sjs%3D2432%26L.f%3D2525%26L.ttg%3D1666%26C.domIn%3D2526%26C.dns%3D1%26C.tcp%3D124%26C.req%3D1376%26C.resp%3D250%26C.navType%3D0%26C.redirectCount%3D0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.live.com
auth.gfx.ms
c.live.com
i.s-microsoft.com
login.live.com
primoframe.com
104.45.0.17
131.253.61.82
173.237.190.21
207.46.194.10
2a02:26f0:78:184::747
95.101.245.11
0b73d129e7dae1e533f4405a43bb11091891d98824039336f2dd685452890df0
0c930523d5c978c6e20c8b3e0d11ed47dd918835d5c1d236fed9fd49733042cb
0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9
1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1
2b4f17bb71878a9c556e69ba6c53369744ea8cc9688700437326f964d52c0570
45d767170192a5526ac3a10f917350334c0bbc500487939bd9d1c5b49d9add84
474ebb1019ae43c1f7e3410b3aa00941d3b9b895e640939da62c0c4c110cc138
4ac7982d34d450dad3e3e5cee884500e47ce32640e1f3ee9a5d252b57c9baae2
4f615e8fe49795758c3e95fa72a320dda6afcbece39ec0d1a1f1cf70de6079ea
5d5ddd39ffe996c1e1c8eaebe4394cae4052faaadb5e6a0452f87a5b4d3da183
6a9726f1da70798d3a6b6220c3964125fa10b580d9d82f2b6cf850f8caeb6c17
774bdb90b2a7abd1d0b3fb8e4cfa9477b4df166ddbfb9b884acfaea61745e373
7ca801e58e119e69dc5299999cc0be9d87004c795309cb97c0b403711751f5c6
81156343a747924b3b9f98251926e124c5b5b009b2f532e8eb6dd0b504044571
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
88eeb7b3589e46a1e7f6971546fa7125062e865cac194151ed281de7524a58ba
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
921f3fb487ee81989ae938e3faa052b6e0b8e5a0a7112549774ffd6918fe7146
942e5dd201200674506b0df50c1afef021fff6d5bd7bb7f600ded8617dbcb386
94a562be2f8741ced1c35447b07943320304109cb3bec55b67d0aa3f978e0a5d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1218b3c416aab761ed16ccfba8173704d88370a848d53493aa03ee8f77eee2b
a3764854d750f4c05f37cc97150280a41b7857467e187004881a664e02494e81
bc2b16b51738b77d94ed7591ad1033fa804297ca9faaa35222aa65773f749164
c60acbffec9bbf6db5dc3f48031bce225dedd4b125a1f71ca434d5d3ff53463d
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
cf81b18702e195f67e1fe31d7a6ee856c77ce0268d015678fc37ba45b59ca4ec
dd76ed48a5eb85457a31e3ba887b5356b72b9288b690f2d81076c47c00aa8170
e24a8417f9e68ca635d037a403710d997fb518f305bf0db2dd0321ffd3e6694a
f1951ece50e9966ce1a3d91fc2d47adcdada3c1ec4a4bac4da33cf532d244a44