root-site.ru
Open in
urlscan Pro
2606:4700:3034::6815:5796
Malicious Activity!
Public Scan
Effective URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Submission: On April 13 via manual from AE — Scanned from JP
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time root-site.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-37.members.linode.com
hnelectric.vn |
ASN131626 (NSS-GROUP-AS-TW NSS INTL CO., LTD., TW)
PTR: px6.coowo.com
summer.com.tw |
ASN13335 (CLOUDFLARENET, US)
api.statvoo.com | |
api-images.statvoo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1420 |
255 KB |
7 |
bitronic.es
bitronic.es |
383 KB |
3 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388 |
53 KB |
3 |
root-site.ru
root-site.ru |
8 KB |
2 |
statvoo.com
2 redirects
api.statvoo.com api-images.statvoo.com |
959 B |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 282 |
63 KB |
2 |
hnelectric.vn
1 redirects
hnelectric.vn |
1 KB |
1 |
gstatic.com
t0.gstatic.com |
3 KB |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 4 |
377 B |
1 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 26 |
131 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 647 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238 |
28 KB |
1 |
summer.com.tw
1 redirects
summer.com.tw |
539 B |
0 |
ibb.co
Failed
i.ibb.co Failed |
|
38 | 14 |
Domain | Requested by | |
---|---|---|
16 | aadcdn.msauth.net |
login.microsoftonline.com
|
7 | bitronic.es |
root-site.ru
|
3 | stackpath.bootstrapcdn.com |
root-site.ru
|
3 | root-site.ru |
hnelectric.vn
root-site.ru |
2 | ajax.googleapis.com |
root-site.ru
|
2 | hnelectric.vn | 1 redirects |
1 | t0.gstatic.com |
root-site.ru
|
1 | www.google.com | 1 redirects |
1 | api-images.statvoo.com | 1 redirects |
1 | api.statvoo.com | 1 redirects |
1 | login.microsoftonline.com |
root-site.ru
|
1 | code.jquery.com |
root-site.ru
|
1 | cdnjs.cloudflare.com |
root-site.ru
|
1 | summer.com.tw | 1 redirects |
0 | i.ibb.co Failed |
root-site.ru
|
38 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hnelectric.vn GoGetSSL RSA DV CA |
2022-02-12 - 2023-02-12 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-11 - 2022-06-10 |
a year | crt.sh |
www.bitronic.es Sectigo RSA Domain Validation Secure Server CA |
2021-05-05 - 2022-05-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-03-21 - 2022-06-13 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-01-10 - 2023-01-10 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2022-02-22 - 2023-02-22 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Frame ID: 28F6F59779F6145E03ABB9BF7F2AF771
Requests: 22 HTTP requests in this frame
Frame:
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: B14653B108B6BBB8FD502FE7AB84E257
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Sign inPage URL History Show full URLs
-
https://hnelectric.vn/*
HTTP 301
https://hnelectric.vn/*/ Page URL
-
https://summer.com.tw/dir/008/aGFueS5tYWhkeUBkaWIuYWU=
HTTP 302
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://hnelectric.vn/*
HTTP 301
https://hnelectric.vn/*/ Page URL
-
https://summer.com.tw/dir/008/aGFueS5tYWhkeUBkaWIuYWU=
HTTP 302
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://hnelectric.vn/* HTTP 301
- https://hnelectric.vn/*/
- https://api.statvoo.com/favicon/?url=dib.ae HTTP 302
- https://api-images.statvoo.com/favicon/?domain=dib.ae HTTP 302
- https://www.google.com/s2/favicons?sz=64&domain_url=dib.ae HTTP 301
- https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dib.ae&size=64
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
hnelectric.vn/*/ Redirect Chain
|
851 B 787 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sm97867656544545437767665545353s.html
root-site.ru/app/Listeners/ Redirect Chain
|
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
bitronic.es/wp-content/plugins/timer/008/ |
152 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
bitronic.es/wp-content/plugins/timer/008/ |
52 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
99.js
bitronic.es//wp-includes/ID3/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
max
root-site.ru/app/Listeners/ |
986 B 986 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
bitronic.es/wp-content/plugins/timer/008/ |
513 B 732 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
57 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
77 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ |
85 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.session.min.js
bitronic.es/wp-content/plugins/timer/008/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08.js
bitronic.es//wp-includes/ID3/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logout.srf
login.microsoftonline.com/ Frame B146 |
464 KB 131 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame B146 |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 |
0 1 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 |
0 17 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo.png
aadcdn.msauth.net/ests/2.1/content/images/ Frame B146 |
0 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 |
0 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 |
0 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 |
0 40 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aad.login.min_ktc4wemsewhydsbdjhhsja2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 |
0 44 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oppo
root-site.ru/app/Listeners/ |
986 B 986 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
root-site.ru/app/Listeners/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.png
bitronic.es/wp-content/plugins/timer/008/ |
347 KB 348 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
off.png
i.ibb.co/XJ3Zqnc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t0.gstatic.com/ Redirect Chain
|
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 |
987 B 2 KB |
Fetch
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 |
17 KB 17 KB |
Fetch
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo.png
aadcdn.msauth.net/ests/2.1/content/images/ Frame B146 |
1 KB 1 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 |
1 KB 2 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 |
1 KB 2 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 |
108 KB 20 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 |
117 KB 40 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aad.login.min_ktc4wemsewhydsbdjhhsja2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 |
178 KB 44 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- root-site.ru
- URL
- https://root-site.ru/app/Listeners/image.jpg
- Domain
- i.ibb.co
- URL
- https://i.ibb.co/XJ3Zqnc/off.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| bootstrap object| jQuery112409904939590127564 string| ear string| pop string| urp string| man string| earth string| uri string| key string| bml object| max function| closeBox function| redirectCU function| redirectKK string| email object| PASS object| PASSX object| PASSY object| displayName object| Tombol1 object| Tombol315 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
summer.com.tw/ | Name: PHPSESSID Value: r6tfh390e56i6ii8fso3k2efif |
|
.login.microsoftonline.com/ | Name: SignInStateCookie Value: CAgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P8GgfM5UD_9pVtat_-4Hf5Ts2wesrBDT3d1wvxBiQoy1R_1dN0WBNJvI74KHLzKuvppQQwJN5gJCQ |
|
login.microsoftonline.com/ | Name: ESTSSSOTILES Value: 1 |
|
login.microsoftonline.com/ | Name: AADSSOTILES Value: 1 |
|
.login.microsoftonline.com/ | Name: ESTSAUTHPERSISTENT Value: AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P97wBkFhMob3OmkUxZ13-1jLHn4B7WtAhXKz_Hnr0P5lEQprUS8rJt8H24vWIQnbK3bbhx9IO8CXg |
|
.login.microsoftonline.com/ | Name: ESTSAUTH Value: AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-88v5qMBQLTlu2I5azEKOU_Q8mwHYjkWkjgyYcPXBCSC6MUJ74X2V8FEwBWekVvaTajJ73E8poyQ |
|
login.microsoftonline.com/ | Name: ESTSAUTHLIGHT Value: + |
|
.login.microsoftonline.com/ | Name: ch Value: xuKhKNAZs3f9aKvsK585kpt3o3hrsT-z-tA5_dM3l68 |
|
login.microsoftonline.com/ | Name: ESTSSC Value: 00 |
|
login.microsoftonline.com/ | Name: buid Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrMxN1Npgivf7liexHofLw9Kq6MEh3Mw0GC4bHxM-WDv2G5TSttzZbgh04G4_GtJyuR9-SzHX03pQX4rRA0a0ZnnR8hVft9okZ8uCLKzK9390gAA |
|
login.microsoftonline.com/ | Name: fpc Value: Akx1TOi4TVJOn95yHN4jqAI |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrkXf21Eg2V_Uy3CQqKqEPFEWFQROt49hKRz7lY441ZxXmn1EDgLH1KR6TV1FGHUgyOC_Tqry5o2Jv_zW8krmLu6iYAVT1cMAJ_EGOTD2pfyYvX_wMFX4yxAqffSjx428Wttsacp_UbxbL_BTNde5PwkfWryMFfgyyqNpi-C2q42YgAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
login.microsoftonline.com/ | Name: clrc Value: {%2219096%22%3a[%22EMpsNPTF%22%2c%22kcWZ4OQW%22%2c%22yZSSS9v8%22%2c%22Wjn1sBrL%22%2c%22yuxjVS3Y%22%2c%22EaDIOExo%22%2c%22lNl2d2sZ%22%2c%22qLLY5Mo7%22]} |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
ajax.googleapis.com
api-images.statvoo.com
api.statvoo.com
bitronic.es
cdnjs.cloudflare.com
code.jquery.com
hnelectric.vn
i.ibb.co
login.microsoftonline.com
root-site.ru
stackpath.bootstrapcdn.com
summer.com.tw
t0.gstatic.com
www.google.com
i.ibb.co
root-site.ru
103.118.24.39
172.104.105.37
185.14.58.212
20.190.141.33
2001:4de0:ac18::1:a:2b
2404:6800:4004:81d::2004
2404:6800:4004:81f::2004
2404:6800:4004:826::200a
2606:4700:3031::ac43:9f0f
2606:4700:3034::6815:5796
2606:4700::6811:190e
2606:4700::6812:acf
2620:1ec:bdf::46
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b110c35df6ba7923eb2b80869f047fe3102e2f41ddc767627cb977f44e2ae75
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
411f6c62035a290bcdd1df9401f080816c9d62064c53c8d1e98f111bfe90ad4f
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6861bf5d44797332a7fd57c5a0d5e868b02db67de9585a87dac2d8680f95d42c
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
85c829a1eec91c04856baa11cc39d140fab6074b057367fd15a8cdb95846fa8a
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
923f659e6f6b5fa356565d62014b14ff8838d1cd9312125f84f51ea51640d9d0
961a95f97c07eb81061fd5160d25e6d8fe3085ee912128d878a950b4af08212d
9abab0b217d4a65f16b3a0ecc5b0dd87595ef96fda07c4746f0dc5e52785060d
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e
c08d26c073bbebf518136b520b2646b04568fe2cd46183294cdf8efd84b0726f
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e125dd381aae4b690833767b2a6011635e86aac9aef49692a849aa31ab8006d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71767cbe60f5a22ad67720e2a06f279ab9d80afa3bf9d546d13bead3a83650e
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c