urlscan.io logo urlscan.io
SecurityTrails logo

sharepo.davinks.com Open in urlscan Pro
46.29.161.217  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=flori...
Effective URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xu...
Submission: On April 05 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 27 HTTP transactions. The main IP is 46.29.161.217, located in Moscow, Russian Federation and belongs to ASBAXET, RU. The main domain is sharepo.davinks.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 3rd 2020. Valid for: 3 months.
This is the only time sharepo.davinks.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

IP Address AS Autonomous System
2 3 199.192.30.36 22612 (NAMECHEAP...)
16 46.29.161.217 51659 (ASBAXET)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.85.250.70 16625 (AKAMAI-AS)
7 2.16.186.40 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
27 7
3    199.192.30.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.glazzer.io
formsite.hhhjgj.com
16    46.29.161.217 (Moscow, Russian Federation)

ASN51659 (ASBAXET, RU)
sharepo.davinks.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.85.250.70 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-250-70.deploy.static.akamaitechnologies.com
r3.res.outlook.com
7    2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
spoprod-a.akamaihd.net
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
16 sharepo.davinks.com formsite.hhhjgj.com
sharepo.davinks.com
7 spoprod-a.akamaihd.net sharepo.davinks.com
3 formsite.hhhjgj.com 2 redirects
1 fonts.gstatic.com sharepo.davinks.com
1 r3.res.outlook.com sharepo.davinks.com
1 fonts.googleapis.com sharepo.davinks.com
27 6

This site contains no links.

Subject Issuer Validity Valid
formsite.hhhjgj.com
Let's Encrypt Authority X3		 2020-04-02 -
2020-07-01		 3 months crt.sh
sharepo.davinks.com
Let's Encrypt Authority X3		 2020-04-03 -
2020-07-02		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.res.outlook.com
Microsoft IT TLS CA 2		 2019-10-21 -
2021-10-21		 2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Frame ID: 5AD5188F4F4F9D1A6A2794E023359C42
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpP... HTTP 301
    https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpP... Page URL
  2. https://formsite.hhhjgj.com/reviews.php?id=florin.usurelu@bayer.com&width=1600&height=1200 HTTP 302
    https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

27
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

5
Countries

1751 kB
Transfer

1990 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com HTTP 301
    https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com Page URL
  2. https://formsite.hhhjgj.com/reviews.php?id=florin.usurelu@bayer.com&width=1600&height=1200 HTTP 302
    https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com HTTP 301
  • https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
screen_.php
formsite.hhhjgj.com/
Redirect Chain
  • http://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com
  • https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com
187 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.192.30.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.glazzer.io
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
05d9b3393f52b6b47eb0bf6d50ca8e59de2e4bc825647e43214433c4476bcdc8

Request headers

Host
formsite.hhhjgj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Apr 2020 16:11:42 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
152
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 05 Apr 2020 16:11:41 GMT
Server
Apache/2.4.18 (Ubuntu)
Location
https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com
Content-Length
436
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Primary Request index.php
sharepo.davinks.com/sharey/
Redirect Chain
  • https://formsite.hhhjgj.com/reviews.php?id=florin.usurelu@bayer.com&width=1600&height=1200
  • https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
64 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Requested by
Host: formsite.hhhjgj.com
URL: https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ba44a1db15bc99e46473d9b6d5a12987bc695e84fc31cf4635d0411c49e3025e

Request headers

Host
sharepo.davinks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://formsite.hhhjgj.com/screen_.php?_dfEERifoGfjgvSwqq__ew0dXXskdcZmaspowwwq______________doffkvlgpPdkfjgggWqqweRe=florin.usurelu@bayer.com

Response headers

Date
Sun, 05 Apr 2020 16:11:43 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7136
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 05 Apr 2020 16:11:42 GMT
Server
Apache/2.4.18 (Ubuntu)
location
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Content-Length
6
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		2 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ccffa5096e12764aa6c84137becb13f6951fa531fcf9e56c93317d77de118fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Apr 2020 16:11:44 GMT
server
ESF
date
Sun, 05 Apr 2020 16:11:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Apr 2020 16:11:44 GMT
shellg2coremincss_592985a3.css
r3.res.outlook.com/o365/versionless/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r3.res.outlook.com/o365/versionless/shellg2coremincss_592985a3.css
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.85.250.70 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-250-70.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Cache-Control
public,max-age=630720000, s-maxage=630720000
Server
Apache
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
16
Content-Type
text/html; charset=iso-8859-1
style.css
sharepo.davinks.com/sharey/css/ 		390 KB
267 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/css/style.css
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2dcc6dad0440417f39909f67c817978fbbd0cac4c4eff9e4e25879360f8a2652

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 10:45:56 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"619f1-5a2609f4da7e0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
style2.css
sharepo.davinks.com/sharey/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/css/style2.css
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7e3edaa4b8184f5105ac1c8d51ccea8cd4057b35d81371b7bcc827880b8ce435

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 10:45:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"15e0-5a2609f6304a0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1176
jquery-1.11.3.min.js
sharepo.davinks.com/sharey/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/js/jquery-1.11.3.min.js
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 10:46:23 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"176da-5a260a0e81e00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33289
main.js
sharepo.davinks.com/sharey/js/ 		1 KB
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/js/main.js
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6984c75818581b86833050959727bb60d97698b82364a6c81bbaa9dee11061da

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 10:46:24 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4c3-5a260a0edea60-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
538
logo.png
sharepo.davinks.com/sharey/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/logo.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
40903eb5ad5d22095229975bb37d2ab6e9e563633737eb242a53ad22a30b59b3

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:09 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"273f-5a260a0127e80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10047
25.gif
sharepo.davinks.com/sharey/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/25.gif
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a9d64b217f88e826de742d90d1d54b3ca16075f26224156bf0f0a5d7d901f3e4

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:06 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2ba4-5a2609fde7e00"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11172
out.png
sharepo.davinks.com/sharey/img/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/out.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
37ac5510e9ee88f6cc41948675cd68d6d773bfe58c6a4c064f7b5e37002c9919

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:11 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"104ad-5a260a02a7b20"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
66733
close.png
sharepo.davinks.com/sharey/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/close.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
df66b81a8bda93fdc85813f4f9363e0e2b9572a7a36621ae4b9d2200c2fcb6b4

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:07 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1576-5a2609ff3bb80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5494
tm.png
sharepo.davinks.com/sharey/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/tm.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
92512c23482e0af96b36e3926ac64250495a25e23aebb021c37ae53690d275db

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:13 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1452-5a260a0479840"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5202
word.png
sharepo.davinks.com/sharey/img/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/word.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a9450aaf6f1e984c628afca7413148b5e9531fca5468b543d2c15e1593cfb86a

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:13 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"ab6b-5a260a04824e0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43883
succ.png
sharepo.davinks.com/sharey/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/succ.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1c8e5dbd702e5c0195e2d1990f524998a713a9ecd3029f869c8d87d7d927ef58

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:11 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"20da-5a260a02a9a60"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8410
info.png
sharepo.davinks.com/sharey/img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepo.davinks.com/sharey/img/info.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bdd45858d59375d432b2936120b2664dcceb5c9c97f7cdc0635c22d9f3c8a528

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Last-Modified
Fri, 03 Apr 2020 10:46:09 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3df4-5a260a00acdc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
15860
curatedfolders.gif
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfeatureexperience/v3/ 		621 KB
622 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfeatureexperience/v3/curatedfolders.gif
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
26afe5c517df89ec32c8368652fa5e98aa8d8c869c103f62292c6defeb64cebe

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
last-modified
Fri, 27 Apr 2018 22:39:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
etag
0x8D5AC8FC060FAC0
content-type
image/gif
status
200
x-ms-request-id
1df8106a-701e-0050-69bc-0902da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114730
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
635499
officelens.gif
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfeatureexperience/v3/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfeatureexperience/v3/officelens.gif
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5df985d6d6ae5e8d655a6241b8ed8a6ef1511b88adbd2d46ae88718432240b9c

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
last-modified
Fri, 27 Apr 2018 22:39:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
etag
0x8D5AC8FBFEA7C1D
content-type
image/gif
status
200
x-ms-request-id
3a56d33b-901e-0078-37bc-097565000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114730
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
99943
photosview.gif
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfeatureexperience/v3/ 		451 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfeatureexperience/v3/photosview.gif
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f4c7cecc5728079f818e241991b6268fc5c02b9b5b93f02faf5962790912ea10

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
last-modified
Fri, 27 Apr 2018 22:39:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
etag
0x8D5AC8FC06F2E38
content-type
image/gif
status
200
x-ms-request-id
e005a63e-101e-008c-5cbc-095089000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114718
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
461444
diamond-blue-background-24.svg
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/premium/ 		845 B
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/premium/diamond-blue-background-24.svg
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6879571a4d8cf1895a1b8c022ae46e087b3c1d560629b0e72b8190ba1b8e3fd2

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
content-encoding
gzip
status
200
content-length
526
x-ms-lease-status
unlocked
last-modified
Fri, 27 Apr 2018 22:38:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5AC8F93F1D01E
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c6285ed4-001e-00dc-44bc-094f81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114730
x-ms-version
2009-09-19
timing-allow-origin
*
folder.svg
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/itemtypes/20/ 		761 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/itemtypes/20/folder.svg
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dbe5521a02632746a368984579a259420991e38681ccb8e272ae4b9fc1323748

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
content-encoding
gzip
status
200
content-length
464
x-ms-lease-status
unlocked
last-modified
Fri, 27 Apr 2018 22:38:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5AC8FAAF7B173
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f3a685bd-801e-012c-68bc-09d9ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114697
x-ms-version
2009-09-19
timing-allow-origin
*
photo.png
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/itemtypes/20_2x/ 		381 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/itemtypes/20_2x/photo.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
13da2ba4101711d8419dc9dc4a2812d4b61eb30c732193006bf6c6d5fee0a6d2

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
last-modified
Fri, 27 Apr 2018 22:39:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
etag
0x8D5AC8FAC76D0A9
content-type
image/png
status
200
x-ms-request-id
3085c569-801e-0001-11bc-091c2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114730
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
381
code.png
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/itemtypes/20_2x/ 		385 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/itemtypes/20_2x/code.png
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6addd54be8654caf150044dcdb671a2c97bbcda1da0ac41656b1ead9054fd663

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 05 Apr 2020 16:11:45 GMT
last-modified
Fri, 27 Apr 2018 22:39:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin
*
etag
0x8D5AC8FAC6196FD
content-type
image/png
status
200
x-ms-request-id
4d245cef-b01e-00e7-7fbc-090ddf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31114682
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
385
truncated
/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
258bde13244377813ef43ed80de6b59b79c9d67784674a50c85642b88df99273

Request headers

Origin
https://sharepo.davinks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
shellwofficons_ceb492ec.woff
sharepo.davinks.com/sharey/css/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/css/shellwofficons_ceb492ec.woff
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/js/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer
https://sharepo.davinks.com/sharey/css/style.css
Origin
https://sharepo.davinks.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cde535670a77bdbd297f236c737ff22c0b4ce7fc8cfa39ae58b64a681244504

Request headers

Origin
https://sharepo.davinks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5aa4d09f772fb4d667442da3773dbc1de37766aa99be24b3f9be027e5316fa62

Request headers

Origin
https://sharepo.davinks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
undefined
sharepo.davinks.com/sharey/ 		282 B
498 B 		Media
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/undefined
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3c919c65eb02d4048c45a961a8821284177b53960b54fc47a49b7a0cc5591e74

Request headers

Referer
https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Sec-Fetch-Dest
audio
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
shellttficons_79de49fd.ttf
sharepo.davinks.com/sharey/css/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://sharepo.davinks.com/sharey/css/shellttficons_79de49fd.ttf
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/index.php?recv=florin.usurelu@bayer.com&s_details=SFI7Q09WSUQtMTkgSW1wLiA5NDk1My5kb2N4&xuuid=7745d040-9fb6-45d1-b989-e439422bbce7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.29.161.217 Moscow, Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer
https://sharepo.davinks.com/sharey/css/style.css
Origin
https://sharepo.davinks.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Apr 2020 16:11:45 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: sharepo.davinks.com
URL: https://sharepo.davinks.com/sharey/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:300
Origin
https://sharepo.davinks.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 09:56:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
108910
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Sun, 04 Apr 2021 09:56:39 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
formsite.hhhjgj.com
r3.res.outlook.com
sharepo.davinks.com
spoprod-a.akamaihd.net
104.85.250.70
199.192.30.36
2.16.186.40
2a00:1450:4001:814::2003
2a00:1450:4001:821::200a
46.29.161.217
05d9b3393f52b6b47eb0bf6d50ca8e59de2e4bc825647e43214433c4476bcdc8
13da2ba4101711d8419dc9dc4a2812d4b61eb30c732193006bf6c6d5fee0a6d2
1c8e5dbd702e5c0195e2d1990f524998a713a9ecd3029f869c8d87d7d927ef58
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
258bde13244377813ef43ed80de6b59b79c9d67784674a50c85642b88df99273
26afe5c517df89ec32c8368652fa5e98aa8d8c869c103f62292c6defeb64cebe
2dcc6dad0440417f39909f67c817978fbbd0cac4c4eff9e4e25879360f8a2652
37ac5510e9ee88f6cc41948675cd68d6d773bfe58c6a4c064f7b5e37002c9919
3c919c65eb02d4048c45a961a8821284177b53960b54fc47a49b7a0cc5591e74
40903eb5ad5d22095229975bb37d2ab6e9e563633737eb242a53ad22a30b59b3
5aa4d09f772fb4d667442da3773dbc1de37766aa99be24b3f9be027e5316fa62
5cde535670a77bdbd297f236c737ff22c0b4ce7fc8cfa39ae58b64a681244504
5df985d6d6ae5e8d655a6241b8ed8a6ef1511b88adbd2d46ae88718432240b9c
6879571a4d8cf1895a1b8c022ae46e087b3c1d560629b0e72b8190ba1b8e3fd2
6984c75818581b86833050959727bb60d97698b82364a6c81bbaa9dee11061da
6addd54be8654caf150044dcdb671a2c97bbcda1da0ac41656b1ead9054fd663
7e3edaa4b8184f5105ac1c8d51ccea8cd4057b35d81371b7bcc827880b8ce435
92512c23482e0af96b36e3926ac64250495a25e23aebb021c37ae53690d275db
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a9450aaf6f1e984c628afca7413148b5e9531fca5468b543d2c15e1593cfb86a
a9d64b217f88e826de742d90d1d54b3ca16075f26224156bf0f0a5d7d901f3e4
ba44a1db15bc99e46473d9b6d5a12987bc695e84fc31cf4635d0411c49e3025e
bdd45858d59375d432b2936120b2664dcceb5c9c97f7cdc0635c22d9f3c8a528
ccffa5096e12764aa6c84137becb13f6951fa531fcf9e56c93317d77de118fd0
dbe5521a02632746a368984579a259420991e38681ccb8e272ae4b9fc1323748
df66b81a8bda93fdc85813f4f9363e0e2b9572a7a36621ae4b9d2200c2fcb6b4
f4c7cecc5728079f818e241991b6268fc5c02b9b5b93f02faf5962790912ea10