urlscan.io logo urlscan.io
SecurityTrails logo

greatnesdexs2.cloud Open in urlscan Pro
2606:4700:3037::6815:2664  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.baidu.com/link?url=ATqG0a_ihkTpDFw73uKnFt7rVdfzhyDO-Z8YOsG-hFHVIQHYSwGIaR8NHcVp2WmO&wd=bWxld2lzfGMyeHBaR1Z...
Effective URL: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdS...
Submission: On September 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:2664, located in United States and belongs to CLOUDFLARENET, US. The main domain is greatnesdexs2.cloud.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time greatnesdexs2.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.235.47.188 55967 (BAIDU Bei...)
2 174.136.57.7 17378 (AS17378)
3 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:2800:233... 15133 (EDGECAST)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
16 6
1    103.235.47.188 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
www.baidu.com
2    174.136.57.7 (United States)

ASN17378 (AS17378, US)
PTR: dragon.vivawebhost.com
lahoremarina.com
3    2606:4700:3037::6815:2664 (United States)

ASN13335 (CLOUDFLARENET, US)
greatnesdexs2.cloud
7    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 848
286 KB
3 greatnesdexs2.cloud
greatnesdexs2.cloud
24 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3083
8 KB
2 lahoremarina.com
lahoremarina.com
952 B
1 baidu.com
www.baidu.com — Cisco Umbrella Rank: 4352
903 B
0 office365.com Failed
outlook.office365.com Failed
16 6
Domain Requested by
7 aadcdn.msftauth.net greatnesdexs2.cloud
aadcdn.msftauth.net
3 greatnesdexs2.cloud lahoremarina.com
greatnesdexs2.cloud
2 aadcdn.msftauthimages.net
2 lahoremarina.com www.baidu.com
1 www.baidu.com
0 outlook.office365.com Failed aadcdn.msftauth.net
16 6

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
autodiscover.lahoremarina.com
R10		 2024-08-05 -
2024-11-03		 3 months crt.sh
greatnesdexs2.cloud
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-12 -
2025-09-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Frame ID: 0AC43A7C64E2C8B8F8A5BE6598AD59DC
Requests: 15 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 1A2EE51B51E88CA6D5DF67C1E8B6D447
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Outlook anmelden

Page URL History Show full URLs

  1. https://www.baidu.com/link?url=ATqG0a_ihkTpDFw73uKnFt7rVdfzhyDO-Z8YOsG-hFHVIQHYSwGIaR8NHcVp2WmO&wd... Page URL
  2. http://lahoremarina.com/ HTTP 307
    https://lahoremarina.com/ Page URL
  3. https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FX... Page URL

Page Statistics

16
Requests

94 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

319 kB
Transfer

1093 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.baidu.com/link?url=ATqG0a_ihkTpDFw73uKnFt7rVdfzhyDO-Z8YOsG-hFHVIQHYSwGIaR8NHcVp2WmO&wd=bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E= Page URL
  2. http://lahoremarina.com/ HTTP 307
    https://lahoremarina.com/ Page URL
  3. https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://lahoremarina.com/ HTTP 307
  • https://lahoremarina.com/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
link
www.baidu.com/ 		617 B
903 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.baidu.com/link?url=ATqG0a_ihkTpDFw73uKnFt7rVdfzhyDO-Z8YOsG-hFHVIQHYSwGIaR8NHcVp2WmO&wd=bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.47.188 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
54deb0556f225d27bcac1c074918aa2385083b17a7dc77f707ce1eb2c25b3d8e
Security Headers
Name Value
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Bdpagetype
3
Connection
keep-alive
Content-Encoding
br
Content-Length
346
Content-Type
text/html
Date
Mon, 23 Sep 2024 17:17:06 GMT
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Server
BWS/1.1
Traceid
1727111826378635674610789056225481691766
Vary
Accept-Encoding
X-Ua-Compatible
IE=Edge,chrome=1
X-Xss-Protection
1;mode=block
/
lahoremarina.com/
Redirect Chain
  • http://lahoremarina.com/
  • https://lahoremarina.com/
853 B
926 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lahoremarina.com/
Requested by
Host: www.baidu.com
URL: https://www.baidu.com/link?url=ATqG0a_ihkTpDFw73uKnFt7rVdfzhyDO-Z8YOsG-hFHVIQHYSwGIaR8NHcVp2WmO&wd=bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
174.136.57.7 , United States, ASN17378 (AS17378, US),
Reverse DNS
dragon.vivawebhost.com
Software
Apache /
Resource Hash
07a36d86f20a9a5b5ebfe06770add526063b18f0fbd28083f1115026505ff905

Request headers

Referer
https://www.baidu.com/link?url=ATqG0a_ihkTpDFw73uKnFt7rVdfzhyDO-Z8YOsG-hFHVIQHYSwGIaR8NHcVp2WmO&wd=bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 23 Sep 2024 17:17:06 GMT
server
Apache

Redirect headers

Location
https://lahoremarina.com/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/ 		42 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Requested by
Host: lahoremarina.com
URL: https://lahoremarina.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba1774713613563e6f8cb92c92a2e540fd97bbd113ea4ba50f04473b4d3e5ea

Request headers

Referer
https://lahoremarina.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-origin
greatnesdexs2.cloud
access-control-max-age
1
cf-cache-status
DYNAMIC
cf-ray
8c7c2fb8797e9734-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 23 Sep 2024 17:17:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZKsmJ2xN%2FquoI%2Fsl%2BYitD9h4nMAJXmSa%2Ffb5dD6mOrAVvkoulE42%2B56EQdSaTm4NtoouDgdfhyCKJcRMJ8yTedxygfclaxzYz%2Bv6zLXfdnXGyy5dPia1CuHXU9kgC9vfwD5upWmDnOHG%2Bg%2B8fil1sIu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-cache-status
MISS
favicon.ico
lahoremarina.com/ 		4 B
26 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lahoremarina.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
174.136.57.7 , United States, ASN17378 (AS17378, US),
Reverse DNS
dragon.vivawebhost.com
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lahoremarina.com/

Response headers

date
Mon, 23 Sep 2024 17:17:06 GMT
content-type
text/html; charset=UTF-8
server
Apache
speculation
greatnesdexs2.cloud/cdn-cgi/ 		128 B
505 B 		Other
General
Check archive.org
Download Go to
Full URL
https://greatnesdexs2.cloud/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://greatnesdexs2.cloud
Referer
https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kB5xzC3o5zUFOjAGfnz1I0S5fZUkYLJ%2FrxDbJm9IkkGkFj4Ozb327i7nhEPi%2Bgja24WyqiH%2B%2BHPwD0a0z%2Fsr%2BeX%2BmnC67KRs8HpJpJvB%2FOsiZRU7rxwC%2B18Gbj1GgpP1EAD9jyJKg5zM1pvxHaZotrk"}],"group":"cf-nel","max_age":604800}
cf-ray
8c7c2fbe2b009734-FRA
access-control-allow-origin
https://greatnesdexs2.cloud
content-length
128
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
Me.htm
greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/Me.htm?v=3
Requested by
Host: greatnesdexs2.cloud
URL: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytupiWHusC2icn%2FCafGUxIcvSRrkNOIEHh21mMDUn9DAmG%2B0hPehE2yOllMa%2FRFMYnCETAOV0nIas%2BbLMeV7XVMv5Jzwvx8P8p1LCVI2v6AYMr1oBEdZBhZIY2lt47jbOvsm4uFjrQ3MUQgZWqkikI83"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS
expires
Mon, 25 Jul 1997 05:00:00 GMT
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
text/html; charset=utf-8
vary
Origin
access-control-allow-headers
auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
x-cache-status
MISS
strict-transport-security
max-age=31536000
ppserver
PPV: 30 H: SN1PEPF0002F0E7 V: 0
cache-control
no-cache,no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-route-info
C516_SN1
speculation-rules
"/cdn-cgi/speculation"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-ms-request-id
339c9231-60e5-4b41-ad07-b9da5ead478a
cf-ray
8c7c2fbe8b8d9734-FRA
access-control-allow-origin
greatnesdexs2.cloud
x-xss-protection
1; mode=block
server
cloudflare
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: greatnesdexs2.cloud
URL: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D08) /
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://greatnesdexs2.cloud
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
SJgdPPV+fFjKfj6FHvk1Tg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DC9BAA0E5931F9
age
6987548
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
text/css
last-modified
Wed, 03 Jul 2024 21:49:46 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
22c2d1bd-501e-006a-1b4f-ce1611000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20414
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4D08)
ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		439 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Requested by
Host: greatnesdexs2.cloud
URL: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCC) /
Resource Hash
729b9bf98f3edbbbe47c947a08b87b8f434a2e9277230b12129889787fe3c507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://greatnesdexs2.cloud
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
7jqpIDJjKe3pGGDRmgWT5A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCC771092FD3BD
age
2066823
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
application/x-javascript
last-modified
Wed, 28 Aug 2024 14:52:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
e2f0aada-701e-00fe-0210-fb3b8f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
122194
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CCC)
ux.converged.login.strings-de.min_ko72obxvu9yj3q3_akvs9q2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ko72obxvu9yj3q3_akvs9q2.js
Requested by
Host: greatnesdexs2.cloud
URL: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D09) /
Resource Hash
b9df4bf16fcb24c8da35cf1a1e891f5a4c8d4bceb89a7cf1ffd5a0f29a6d43ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://greatnesdexs2.cloud
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
Xk63t4Ut+m7GAuwKIOriFg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCC6D4DD6BA0A8
age
2249457
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
application/x-javascript
last-modified
Tue, 27 Aug 2024 20:14:32 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
6e4a5774-301e-0056-4166-f9a521000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17996
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4D09)
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
LT++1t3XGfzBv7UAthL87A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCBD52F37806EC
age
3302349
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:51:54 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
4a5ad515-a01e-0009-79d3-ef111d000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
116365
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CD4)
prefetch.aspx
outlook.office365.com/owa/ Frame 1A2E 		0
0
convergedlogin_ppassword_89db715e3340a2e8ecd8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBE) /
Resource Hash
d53d9957a7073b965147291ae6f4d812df1cc06da4d2bb3e98622fedc5809265

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
SMJ5Ru2UEObX0bOUP7nOGw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCBD52F3E2FAB3
age
3302347
x-ms-version
2009-09-19
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:51:55 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
7febb0f5-b01e-0079-05d3-ef7d43000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
7396
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CBE)
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDE) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
Fm3lNHEmUlOrOkVt7+baIw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F4982FD30
age
15860188
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
image/gif
last-modified
Wed, 24 May 2023 10:11:48 GMT
cache-control
public, max-age=31536000
x-ms-request-id
08f58f55-a01e-00e9-639d-7d3c42000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
2672
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CDE)
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D04) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/

Response headers

content-md5
tUCo5RgDcZLjLE/li/Lbqw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DB5C3F492F3EE5
age
15860087
x-cache
HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
image/gif
last-modified
Wed, 24 May 2023 10:11:48 GMT
cache-control
public, max-age=31536000
x-ms-request-id
b6e17d00-601e-00a1-2e9d-7db742000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3620
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4D04)
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-xl-vcomuqbzqhmf-conoznwryk7cvxnxmk0bu-wg5gq/logintenantbranding/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-xl-vcomuqbzqhmf-conoznwryk7cvxnxmk0bu-wg5gq/logintenantbranding/0/bannerlogo?ts=638132914995849011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6817701f6247a1985d9f8a3c7feb8d0068979b974b48aae0ec89cdbb253bbe7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/

Response headers

x-cache-info
L2_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB1A8155EAE0D1
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
x-cache
TCP_REMOTE_HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
image/*
last-modified
Wed, 01 Mar 2023 18:18:19 GMT
cache-control
public, max-age=86400
x-ms-request-id
93fd4ab8-101e-0029-3ecc-0d3927000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3585
x-azure-ref
20240923T171708Z-17b7969cc4b52k9fh9hm6pns3g00000000xg00000001ms9e
x-ms-blob-type
BlockBlob
favicon
aadcdn.msftauthimages.net/dbd5a2dd-xl-vcomuqbzqhmf-conoznwryk7cvxnxmk0bu-wg5gq/logintenantbranding/0/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-xl-vcomuqbzqhmf-conoznwryk7cvxnxmk0bu-wg5gq/logintenantbranding/0/favicon?ts=638132915019701775
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6817701f6247a1985d9f8a3c7feb8d0068979b974b48aae0ec89cdbb253bbe7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://greatnesdexs2.cloud/

Response headers

x-cache-info
L2_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB1A81575B7892
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
x-cache
TCP_REMOTE_HIT
date
Mon, 23 Sep 2024 17:17:08 GMT
content-type
image/*
last-modified
Wed, 01 Mar 2023 18:18:22 GMT
cache-control
public, max-age=86400
x-ms-request-id
1a93a323-a01e-0071-08cc-0de178000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3585
x-azure-ref
20240923T171708Z-17b7969cc4b52k9fh9hm6pns3g00000000xg00000001ms9f
x-ms-blob-type
BlockBlob

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
outlook.office365.com
URL
https://outlook.office365.com/owa/prefetch.aspx

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_ppassword_89db715e3340a2e8ecd8

20 Cookies

Domain/Path Name / Value
.baidu.com/ Name: BAIDUID
Value: 7250429611045BB6752827540260F557:FG=1
www.baidu.com/ Name: BDSVRTM
Value: 0
greatnesdexs2.cloud/ Name: 0
Value: ClientId=91E9A9A49DD640EDAA7A099798B254D6
greatnesdexs2.cloud/ Name: 1
Value: ClientId=91E9A9A49DD640EDAA7A099798B254D6
greatnesdexs2.cloud/ Name: 2
Value: OIDC=1
greatnesdexs2.cloud/ Name: 16
Value: OpenIdConnect.nonce.v3.12LTMTE0rmuBGFLSyOMYxQTQgEry7HCGwe_SZvmhhIE=638627086278931951.400c5408-7a5d-4c5d-9653-dcdeb9d92e26
greatnesdexs2.cloud/ Name: 20
Value: ClientId=91E9A9A49DD640EDAA7A099798B254D6
greatnesdexs2.cloud/ Name: 21
Value: OIDC=1
greatnesdexs2.cloud/ Name: 35
Value: OpenIdConnect.nonce.v3.12LTMTE0rmuBGFLSyOMYxQTQgEry7HCGwe_SZvmhhIE=638627086278931951.400c5408-7a5d-4c5d-9653-dcdeb9d92e26
greatnesdexs2.cloud/ Name: 39
Value: X-OWA-RedirectHistory=ArLym14BdpibjfPb3Ag
greatnesdexs2.cloud/ Name: buid
Value: 0.ASgAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYqpIxO-YevJ4sMkSC-DcU-aEcEp2TXHfb8t-QnjhE3bNmSMS0vx5XIX2xzIQMInM9ZEBPshGsjqLcQjrLol1Yxjl6oDluvejdGW8m5odBS18gAA
greatnesdexs2.cloud/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYY3JzXv87Ps2SmQ9YiQ3dDy3TC9pjrd873PouNyqSAaJFxS-ONmVxTnQ0EmTwFYRwS7T1qdciqyPY_GYJyANMsaIgu9KK6lBj6Vs0rL5GxSIGTAPZWd4GfLKFpA557ygXKn7kPVFY_ZcOzwacT2d-WPINDeiBpkKacCbtbNUtJXAgAA
greatnesdexs2.cloud/ Name: esctx-an0Z8dZlHLg
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYPAj8fUa1QGLsokjAKjr7QeBP8X76O8bEaYTD62Udb6BudhvGivYil5WNWO8zFzlWA4xGfrGkLvG9qPYx835HzFaP4oFnoTK8uIZbcIWrbc5F86aFRWAEjK8CZ0cFF4vH1HdrT1ILjnk3UnrVB-VTvSAA
greatnesdexs2.cloud/ Name: fpc
Value: Aq7if0CLwxJPmd8gNvyEqBWerOTJAQAAAJOZg94OAAAA
greatnesdexs2.cloud/ Name: x-ms-gateway-slice
Value: estsfd
greatnesdexs2.cloud/ Name: stsservicecookie
Value: estsfd
greatnesdexs2.cloud/ Name: appdfmd5naosiz309213
Value: bWxld2lzQHNsaWRlaW5zdXJhbmNlLmNvbQ==
.greatnesdexs2.cloud/ Name: brcap
Value: 0
greatnesdexs2.cloud/ Name: uaid
Value: 5334c60f49e84622968c0f7dce42fd75
greatnesdexs2.cloud/ Name: MSPRequ
Value: id=N&lt=1727111828&co=1

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://greatnesdexs2.cloud/66defc8fa2fad3a71308b4ef/om/bWxld2lzfGMyeHBaR1ZwYm5OMWNtRnVZMlV1WTI5dHxrQ1FXdGdtZXFrTFlSVWNJUUdSU2hYS2E%3D
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1;mode=block