avprojetss.com Open in urlscan Pro
104.234.10.255 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://welovehtml.com/auth/then/sf_rand_string_lowercase6/ZGFyaW5Ac3dwYXkuY29t
Effective URL:
https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU...
Submission: On May 17 via automatic, source openphish (May 17th 2023, 3:22:21 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 104.234.10.255, located in Canada and belongs to HVC-AS, US. The main domain is avprojetss.com.
TLS certificate: Issued by R3 on May 17th 2023. Valid for: 3 months.

This is the only time avprojetss.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	192.185.138.222 192.185.138.222	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
2 4	104.234.10.255 104.234.10.255	29802 (HVC-AS) (HVC-AS)
11	192.229.221.185 192.229.221.185	15133 (EDGECAST) (EDGECAST)
14	3

1 192.185.138.222 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: thewindowcentre.ca

welovehtml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.234.10.255 (Canada) 2 redirects

ASN29802 (HVC-AS, US)

avprojetss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.229.221.185 (United States)

ASN15133 (EDGECAST, US)

logincdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	msftauth.net logincdn.msftauth.net — Cisco Umbrella Rank: 3793	223 KB
4	avprojetss.com 2 redirects avprojetss.com	77 KB
1	welovehtml.com welovehtml.com	111 B
14	3

	Domain	Requested by
11	logincdn.msftauth.net	avprojetss.com logincdn.msftauth.net
4	avprojetss.com	2 redirects avprojetss.com
1	welovehtml.com
14	3

This site contains links to these domains. Also see Links.

Domain
account.live.com
login.live.com

Subject Issuer	Validity	Valid
*.welovehtml.com R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
avprojetss.com R3	`2023-05-17` - `2023-08-15`	3 months	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2022-08-23` - `2023-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw==
Frame ID: 55AA2E4550559FF333FB91DA0389D350
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your Microsoft account

Page URL History Show full URLs

https://avprojetss.com/?grbw&qrc=darin@swpay.com HTTP 302
https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... HTTP 302
https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY... Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

295 kB
Transfer

953 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://account.live.com/ResetPassword.aspx?wreply=https://login.live.com/oauth20_authorize.srf%3fclient_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26uaid%3d361dd8e0a12f43aa9569813a34524cdd%26contextid%3d2A0D4D7A6AD86DAC%26opid%3d096A923FEAE277C6%26bk%3d1684336939&id=38936&uiflavor=web&client_id=1E00004040979A&uaid=361dd8e0a12f43aa9569813a34524cdd&mkt=EN-US&lc=1033&bk=1684336939
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://login.live.com/
Title: Other ways to sign in

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&mkt=EN-US&uaid=361dd8e0a12f43aa9569813a34524cdd
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=MSNPrivacyStatement&mkt=EN-US&uaid=361dd8e0a12f43aa9569813a34524cdd
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://avprojetss.com/?grbw&qrc=darin@swpay.com HTTP 302
https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo Page URL
https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo&sso_reload=true HTTP 302
https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://avprojetss.com/?grbw&qrc=darin@swpay.com HTTP 302
https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ZGFyaW5Ac3dwYXkuY29t Show response
welovehtml.com/auth/then/sf_rand_string_lowercase6/ 0
111 B 493ms
122ms Document
text/html 192.185.138.222
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://welovehtml.com/auth/then/sf_rand_string_lowercase6/ZGFyaW5Ac3dwYXkuY29t
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.138.222 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: thewindowcentre.ca
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 15:22:15 GMT
refresh: 0;url=https://avprojetss.com/?grbw&qrc=darin@swpay.com
server: Apache

GET
H/1.1

200
OK

cwvjqtkbg Show response
avprojetss.com/__//eqooqp/qcwvj2/x2.0/
Redirect Chain

https://avprojetss.com/?grbw&qrc=darin@swpay.com
https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgp...

154 KB
56 KB

369ms
369ms

Document
text/html

104.234.10.255
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.234.10.255 , Canada, ASN29802 (HVC-AS, US),

Reverse DNS

Software

Resource Hash

2d86ebcc1d207d22182eea3f25cc60a94c69c2bc4ec13fd3d98210efe06b828f

Security Headers

Name

Value

Content-Security-Policy

default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://welovehtml.com/auth/then/sf_rand_string_lowercase6/ZGFyaW5Ac3dwYXkuY29t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Connection: close
Content-Encoding: gzip
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Wed, 17 May 2023 15:22:17 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
content-length: 157752
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san"}]}
x-ms-clitelem: 1,50168,0,,
x-ms-ests-server: 2.1.15427.8 - SCUS ProdSlices
x-ms-request-id: b904af8f-8e8f-419d-97bd-b9533aff3700

Redirect headers

Connection: keep-alive
Date: Wed, 17 May 2023 15:22:17 GMT
Keep-Alive: timeout=5
Transfer-Encoding: chunked
location: /__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo

GET
H/1.1

200
OK

Primary Request redirect.cgi Show response
avprojetss.com/
Redirect Chain

https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgp...
https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwc...

28 KB
16 KB

634ms
373ms

Document
text/html

104.234.10.255
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw==

Requested by

Host: avprojetss.com
URL: https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.234.10.255 , Canada, ASN29802 (HVC-AS, US),

Reverse DNS

Software

Resource Hash

a27fd1a6e1068b5a117fb0689e3c26c2008b6c5915d9187b2039d8c628ba2a57

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000

Request headers

Referer: https://avprojetss.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=fctkp%40uyrca.eqo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Connection: close
Content-Encoding: gzip
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Wed, 17 May 2023 15:22:18 GMT
Expires: Wed, 17 May 2023 15:21:19 GMT
Link: <https://logincdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://logincdn.msftauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: SN1PEPF00010FE8 V: 0
Referer: https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=G-VlqctyXJoQazNds6PWnW7GHB_JRMNCQNIscmNm49y8wyBm0ioAbPHzBE3jzPLGCyk2xLKOAqbJtwTLTLDUqnAJFuN5Si8AFjBXKydzhb6x4EIi3_N0oFy9vVNHYBjWByDP66t5m5Ra01fSIg5C_SimIq8o1nplzEjy9Yh5zzJM6YRiEI82IK6PzXyy32HA_42pbx0DvZw525HpcuVgMA1VWPZiCKFly3JEnMPTh7Ldfoo6w-4xJkUhkywZlP-WulmpO3prRseGYKBIVVplJw&response_mode=form_post&nonce=637929903776466681.Y2Y4YjNjOWItNWRlMi00NWRmLWEyNGEtNGMxM2RhNjhmMmY1NTI3YmM5OTMtOWEyNi00YWJjLTg5ZDAtYmYyMjgwOWFjMWUx&login_hint=darin%40swpay.com&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&uaid=361dd8e0a12f43aa9569813a34524cdd&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&epct=PAQABAAEAAAD--DLA3VO7QrddgJg7WevrcELwBf0HkA0mQHnnypOxgy6TR1aSha8Df_xwRN061951S5DiQjeYQCAIp0tlTUWldMOaoTRHcmc5IgLKbQVWwLkcAAnAJHN-GStN59atT99BwKzytXEF9tredBvpL1orIayA6ofIXyl1frg9kSPIUTcx2aRqd2khmAPAXjQPd34oED6yitUl2OVc7STzjBga2PGhjz6UhXGuMKXTgMN7NyAA&jshs=0#
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
content-length: 28529
x-ms-request-id: 3260590c-1462-4163-908c-50f747d072dd
x-ms-route-info: C105_SN1

Redirect headers

Cache-Control: no-store, no-cache
Connection: close
Content-Encoding: gzip
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Wed, 17 May 2023 15:22:18 GMT
Expires: -1
Location: https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw==
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
content-length: 1294
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san"}]}
x-ms-clitelem: 1,0,0,,
x-ms-ests-server: 2.1.15427.8 - WUS2 ProdSlices
x-ms-request-id: 23e9200d-c573-4063-9e6a-9a1f49bb3500

GET
H2 200 Converged_v21033_Ouf1esRqI-5-K85Q2hruAw2.css
logincdn.msftauth.net/16.000/ 108 KB
20 KB 89ms
14ms Stylesheet
text/css 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/16.000/Converged_v21033_Ouf1esRqI-5-K85Q2hruAw2.css
Requested by: Host: avprojetss.com
URL: https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4897) /
Resource Hash: 257d51dc38cf3695b024433ffcb6d66e3e21db0660ef379f9c3006b5602c82d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:19 GMT
content-encoding: gzip
content-md5: wJYYvy+okibaZHTZTL0pzw==
age: 742213
x-cache: HIT
content-length: 20144
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 06:13:41 GMT
server: ECAcc (ama/4897)
etag: 0x8DB10AE1DD62330
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7278ed32-701e-0036-0a13-82f93d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLoginPaginatedStrings.en_01Nk8jlJ0g_Gi5DhbnI_fg2.js Show response
logincdn.msftauth.net/16.000/content/js/ 36 KB
9 KB 14ms
13ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/16.000/content/js/ConvergedLoginPaginatedStrings.en_01Nk8jlJ0g_Gi5DhbnI_fg2.js
Requested by: Host: avprojetss.com
URL: https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48A3) /
Resource Hash: 5f616976e912fe18811f6dea1bab9c10c679a12a86fcc89f734ea10745c232ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:19 GMT
content-encoding: gzip
content-md5: WAzbGqbuuqbIBJXveu57Nw==
age: 326433
x-cache: HIT
content-length: 9423
x-ms-lease-status: unlocked
last-modified: Fri, 14 Apr 2023 05:13:30 GMT
server: ECAcc (ama/48A3)
etag: 0x8DB3CA6FC8D3319
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e7ac15e1-601e-0058-6edb-85ba20000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_SMnHRMhkFj69pbVgYFL8ig2.js Show response
logincdn.msftauth.net/shared/1.0/content/js/ 401 KB
111 KB 13ms
13ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SMnHRMhkFj69pbVgYFL8ig2.js
Requested by: Host: avprojetss.com
URL: https://avprojetss.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PWRhcmluJTQwc3dwYXkuY29tJngtY2xpZW50LVNLVT1JRF9ORVRTVEFOREFSRDJfMCZ4LWNsaWVudC1WZXI9Ni4xMi4xLjAmdWFpZD0zNjFkZDhlMGExMmY0M2FhOTU2OTgxM2EzNDUyNGNkZCZtc3Byb3h5PTEmaXNzdWVyPW1zbyZ0ZW5hbnQ9Y29tbW9uJnVpX2xvY2FsZXM9ZW4tVVMmZXBjdD1QQVFBQkFBRUFBQUQtLURMQTNWTzdRcmRkZ0pnN1dldnJjRUx3QmYwSGtBMG1RSG5ueXBPeGd5NlRSMWFTaGE4RGZfeHdSTjA2MTk1MVM1RGlRamVZUUNBSXAwdGxUVVdsZE1PYW9UUkhjbWM1SWdMS2JRVld3TGtjQUFuQUpITi1HU3RONTlhdFQ5OUJ3S3p5dFhFRjl0cmVkQnZwTDFvcklheUE2b2ZJWHlsMWZyZzlrU1BJVVRjeDJhUnFkMmtobUFQQVhqUVBkMzRvRUQ2eWl0VWwyT1ZjN1NUempCZ2EyUEdoano2VWhYR3VNS1hUZ01ON055QUEmanNocz0wIw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F7) /
Resource Hash: e3a90396765b02c9fd3656170e36d9ad37b117b9c7517d97ff539ffef84aea61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:19 GMT
content-encoding: gzip
content-md5: CWioE6fbDhmrl79J/apotg==
age: 2268799
x-cache: HIT
content-length: 113794
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 23:33:34 GMT
server: ECAcc (ama/48F7)
etag: 0x8DB4065538B9EE8
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec24c2f8-c01e-004f-7c30-741dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 oneDs_5b54317b5869f142bd86.js Show response
logincdn.msftauth.net/shared/1.0/content/js/ 186 KB
60 KB 13ms
13ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/shared/1.0/content/js/oneDs_5b54317b5869f142bd86.js
Requested by: Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SMnHRMhkFj69pbVgYFL8ig2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F2) /
Resource Hash: c1e4010012a1784174646effaf458ab7350fb4517b001dde76544c069c8e9511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:19 GMT
content-encoding: gzip
content-md5: 7C7n+DdpmZ25LE9cj/Haqg==
age: 2836165
x-cache: HIT
content-length: 61055
x-ms-lease-status: unlocked
last-modified: Wed, 12 Apr 2023 22:42:32 GMT
server: ECAcc (ama/48F2)
etag: 0x8DB3BA733FCEDBB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0645a06c-b01e-0016-2f07-6f876c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_ppassword_1b6f9289b7bd6167643a.js Show response
logincdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 23 KB
7 KB 13ms
13ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_1b6f9289b7bd6167643a.js
Requested by: Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SMnHRMhkFj69pbVgYFL8ig2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48EA) /
Resource Hash: 61def129893d598a86b9a2865e457149ffe12afcc31793accb0f1346644ab97d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-encoding: gzip
content-md5: km06CQT3dxEBetFtmNQ0TA==
age: 2245671
x-cache: HIT
content-length: 7019
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 23:33:01 GMT
server: ECAcc (ama/48EA)
etag: 0x8DB40654017B5E6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f58eaba9-301e-0056-1866-747bce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
logincdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 13ms
12ms Image
image/gif 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B2) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 13787025
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ama/48B2)
etag: 0x8D79ED29CB9A36C
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 67c7ca47-f01e-0014-796e-0b8a01000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
logincdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 13ms
13ms Image
image/gif 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4894) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 13787025
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ama/4894)
etag: 0x8D79ED29CB92E2C
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: d14cf230-801e-0029-276e-0b79f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msftauth.net/shared/1.0/content/images/backgrounds/ 2 KB
836 B 14ms
13ms Image
image/svg+xml 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D1) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 13787028
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:42 GMT
server: ECAcc (ama/48D1)
etag: 0x8D7B00724D9E930
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 12773085-f01e-0035-386e-0b0a5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
logincdn.msftauth.net/shared/1.0/content/images/ 4 KB
2 KB 14ms
13ms Image
image/svg+xml 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4894) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
age: 13787028
x-cache: HIT
content-length: 1435
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ama/4894)
etag: 0x8D79ED29CF0C29A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: db2fe3aa-d01e-0006-536e-0b3844000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
logincdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 14ms
14ms Image
image/gif 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by: Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SMnHRMhkFj69pbVgYFL8ig2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B2) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 13787025
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ama/48B2)
etag: 0x8D79ED29CB9A36C
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 67c7ca47-f01e-0014-796e-0b8a01000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
logincdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 14ms
14ms Image
image/gif 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by: Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_SMnHRMhkFj69pbVgYFL8ig2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4894) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avprojetss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 15:22:20 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 13787025
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 00:32:50 GMT
server: ECAcc (ama/4894)
etag: 0x8D79ED29CB92E2C
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: d14cf230-801e-0029-276e-0b79f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
avprojetss.com/	1969-12-31 23:59:59	Name: qPdM Value: 53Wvn2tF4zCN
avprojetss.com/	1969-12-31 23:59:59	Name: qPdM.sig Value: njgMblj-Xg5rTG4fb727Q2BrS0s
avprojetss.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
avprojetss.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.avprojetss.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
avprojetss.com/	1970-01-20 11:52:16	Name: SSOCOOKIEPULLED Value: 1
avprojetss.com/	1970-01-20 12:35:28	Name: buid Value: 0.AS4AMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrzL0ZGiqGlNc6DCz3cyPJGiQwdVXgXHrN1Q6Wv-PEnbYfGn0UNaOZ5lEuxgxZ_Wsk96PW1f0kZ37yj7wDE5EUUjXmqWmH7rmprFmj-48ey7sgAA
avprojetss.com/	1970-01-20 12:35:28	Name: fpc Value: AklVEP86_OJIvk4UgGY8MoW8Ae7AAQAAACro9tsOAAAA
.avprojetss.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrKa5ufoqzz7f3X3niPF3-weCztluxcBc6Tr6Zn0BalLOzhm3xeKPwzBeWUDHrGuMfsV-QgYrwQykt4NbLIb9O7LMBBksrRD9q987-9K4u-E56c6RaOMygK7NWeG63AVN-tbsy4Z5F8gXC8Bnsfo4hrPBI99OMfKicCAdHUcx8-bYgAA
.avprojetss.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1684336939&co=1
.avprojetss.com/	1969-12-31 23:59:59	Name: uaid Value: 361dd8e0a12f43aa9569813a34524cdd
.avprojetss.com/	1970-01-20 21:13:52	Name: MSCC Value: 104.234.10.255-US
.avprojetss.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-060eda1a-97ad-4db9-a03b-9b5640296473
.avprojetss.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DfPg0EBTNIh43gxptEgy5kCk!ny6DsOkcweVXu3ZpgETdCQzQL1Pajrxwj8KSiGwzuD0WsL!AOA8TR2S9Wl2kF!4lZ!dQgyFRkE3jf7yt3ff1pSrXvWhc2BTyeovEOhSISQ3KZTi2skkrpJoF3XYsmNQKBx8sB!qVCtzwO!7rSkxM0W5OvUIVAsygb6kSdpymmpVJ1dA7Rpn8W3OLHX8bagHt4avV3RSvXjORE58IPJW4OpzCCLT4NRJ7DGfLK2tdkBQ8!7OyIxJM8UC4TP7LHHPq5C3PwY0KxGcwlO7858Bqd71Ao!5DDDhqX1sS7i8MhUas2bddePdN4xDH8Nd1w4P4nzqVCHXx3mn7L5zcDUxQaeD9c8!fiaM!HxeNWVvVnHunx3TYUh2KNfE4cyWew0d5aJisLIchw3lOQ4KZ3vSKqS5NcdXTimkKLtlVRCttXbPw10nGpugBhM0Fj!APkaZ0L4VHE6RsUeuBr!kK8fw3sPkjjsm2nPkqPJfuNappgMjMXD96v7wQDyfs!uTn7bPvTjLIZ1TDIuEBTXfnwMhC6JTa3dxhUxw9pvKWLNVgpc8sJj2v!pbJrvIWXCFCMhyF1Sggy81oird1FrcEbWYykpiO4Nt0AjLv9M5v81DHr9NTv5d7OqxtR99vYDFOy0AqS1kpo5cBAUeQwRFdRH8HY2LPXL1ol887VVKqbMJMco2IqI!g0bBqr0ya74quclZhqiRvojM!a0CgGaGqmH8TfXPyIP7OyMRT1ielLS6pSD1nOfMMmlX!tOUMHWtcABFJACbfcFNOboL1ArLsyIlNymKsjsv3WMGMCsGn6rjGOVBIvNqZbnyWUeSeHnAuEnj2JB009Gp1kqTiKGnuOJz!BpeJIydaES8aTEQfc3Urzkl3Ra3eVCP2kHNSU9ovtOK3xfKk63fG6KDVLjZzIen!!r!GVyeEknYOVWrX5FciDMsk1Rf1KsaoMG5hbaswKmNiLVjboC4LNL9A4aYUzmEcUYfIYE31t3XQgBUMZ1!wxjNhgLSoR8YH6DXPjJW1a89qNRtq6F!GsQYqk!yQ1fziV2by8cI8BbHGK2lZt9tb!66ylRcLiNkiSU8!QnKRRqisXvhR748niyFRkHqTGatdcqWZUFKxcCi7guioiQOokk1eBtQ6YA1kMilpnr!Q59sIMGezdtrmPiFHuZMBE1o7RZLUi9VDdFzFPo2Rq5hpSlL3Ec$
avprojetss.com/	1970-01-20 20:37:52	Name: MicrosoftApplicationsTelemetryDeviceId Value: 789c0ba5-2a0d-444a-90a4-9849f580053e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avprojetss.com
logincdn.msftauth.net
welovehtml.com
104.234.10.255
192.185.138.222
192.229.221.185
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
257d51dc38cf3695b024433ffcb6d66e3e21db0660ef379f9c3006b5602c82d6
2d86ebcc1d207d22182eea3f25cc60a94c69c2bc4ec13fd3d98210efe06b828f
5f616976e912fe18811f6dea1bab9c10c679a12a86fcc89f734ea10745c232ff
61def129893d598a86b9a2865e457149ffe12afcc31793accb0f1346644ab97d
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
a27fd1a6e1068b5a117fb0689e3c26c2008b6c5915d9187b2039d8c628ba2a57
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c1e4010012a1784174646effaf458ab7350fb4517b001dde76544c069c8e9511
e3a90396765b02c9fd3656170e36d9ad37b117b9c7517d97ff539ffef84aea61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

avprojetss.com Open in urlscan Pro 104.234.10.255 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

295 kBTransfer

953 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

15 Cookies

Indicators

avprojetss.com Open in urlscan Pro
104.234.10.255 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

295 kB
Transfer

953 kB
Size

15
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!