do737836file8373474.azurewebsites.net Open in urlscan Pro
52.173.249.137  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set signin.php Show response do737836file8373474.azurewebsites.net/	12 KB 4 KB	620ms 139ms	Document text/html	52.173.249.137 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.173.249.137 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / PHP/7.2.17 ASP.NET Resource Hash d69d2370ca91cc08d1cc1d32292091c77acb25199c758879f67d0e3c25b4373f Request headers Host do737836file8373474.azurewebsites.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Length 3662 Content-Type text/html; charset=UTF-8 Content-Encoding gzip Expires Thu, 19 Nov 1981 08:52:00 GMT Vary Accept-Encoding Server Microsoft-IIS/10.0 Set-Cookie PHPSESSID=72m39dshsh9qp6rmb229et7n2k; path=/ ARRAffinity=cb545079065329a076f9a941920a00de9e56911d055bb50e1c6b74aa72552b45;Path=/;HttpOnly;Domain=do737836file8373474.azurewebsites.net X-Powered-By PHP/7.2.17 ASP.NET Date Tue, 02 Jul 2019 02:03:54 GMT
GET H/1.1	200 OK	style.css adfs.hkland.com/adfs/portal/css/	8 KB 8 KB	16421ms 250ms	Stylesheet text/css	202.64.36.211 WTT-AS-AP WTT HK ...
General Check archive.org Show headers Download Go to Full URL https://adfs.hkland.com/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99 Requested by Host: do737836file8373474.azurewebsites.net URL: https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 202.64.36.211 , Hong Kong, ASN9381 (WTT-AS-AP WTT HK Limited, HK), Reverse DNS Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99 Request headers Referer https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 02 Jul 2019 02:04:06 GMT Server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 Content-Type text/css ETag D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99 Content-Length 7812 Expires Thu, 01 Aug 2019 02:04:11 GMT
GET		microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg aadcdn.msftauth.net/ests/2.1/content/images/	0 0
GET H2	200	skype-logo-full.svg secure.skypeassets.com/content/dam/scom/legal/brand-guidelines/	7 KB 3 KB	214ms 87ms	Image image/svg+xml	104.111.227.44 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://secure.skypeassets.com/content/dam/scom/legal/brand-guidelines/skype-logo-full.svg Requested by Host: do737836file8373474.azurewebsites.net URL: https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.227.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-227-44.deploy.static.akamaitechnologies.com Software / Resource Hash fdf9a6153f76c82bd16069dbcdc1e1e24037815499e06cfe49dbdea246122d00 Request headers Referer https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 02 Jul 2019 02:04:11 GMT content-encoding gzip last-modified Fri, 08 Sep 2017 12:34:10 GMT content-md5 uPfRtn+rfXUUDg4ShokujA== etag 0x8D4F6B5E7949F33 vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=7776000 content-length 3316
GET H2	200	skypebiz_0.png www.itprotoday.com/sites/itprotoday.com/files/uploads/2016/11/	146 KB 146 KB	64ms 14ms	Image image/png	2606:4700::6810:9130 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.itprotoday.com/sites/itprotoday.com/files/uploads/2016/11/skypebiz_0.png Requested by Host: do737836file8373474.azurewebsites.net URL: https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:9130 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash bfb9b8fb1a5106ab6d6c49170e2c8118b6d207ea8808dd71e04a6ac69ea606a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://do737836file8373474.azurewebsites.net/signin.php?websrc=59c275dc2e97dd3b896ed4ff2b82a8fd&dispatched=73&id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 02 Jul 2019 02:04:11 GMT x-content-type-options nosniff cf-cache-status HIT age 1066 status 200 content-length 149045 last-modified Fri, 04 Aug 2017 20:01:53 GMT server cloudflare etag "24635-555f2f7ee08a0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=1209600 accept-ranges bytes cf-ray 4efd0c2c7f1ed70d-FRA expires Tue, 16 Jul 2019 01:46:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aadcdn.msftauth.net

URL

https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
adfs.hkland.com
do737836file8373474.azurewebsites.net
secure.skypeassets.com
www.itprotoday.com
aadcdn.msftauth.net
104.111.227.44
202.64.36.211
2606:4700::6810:9130
52.173.249.137
bfb9b8fb1a5106ab6d6c49170e2c8118b6d207ea8808dd71e04a6ac69ea606a4
d69d2370ca91cc08d1cc1d32292091c77acb25199c758879f67d0e3c25b4373f
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
fdf9a6153f76c82bd16069dbcdc1e1e24037815499e06cfe49dbdea246122d00