urlscan.io logo urlscan.io
SecurityTrails logo

accounts.certe.mx Open in urlscan Pro
72.52.225.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://llantasdecoatzintla.com/cp/
Effective URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Submission: On August 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 31 HTTP transactions. The main IP is 72.52.225.22, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is accounts.certe.mx.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 22nd 2018. Valid for: 3 months.
This is the only time accounts.certe.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.185.93.209 20013 (CYRUSONE)
7 72.52.225.22 32244 (LIQUIDWEB)
14 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 40.112.64.19 8075 (MICROSOFT...)
3 40.112.64.25 8075 (MICROSOFT...)
1 1 2603:1026:205... 8075 (MICROSOFT...)
1 2a01:111:f100... 8075 (MICROSOFT...)
31 7
1    192.185.93.209 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-93-209.unifiedlayer.com
llantasdecoatzintla.com
7    72.52.225.22 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.alojate3.com
accounts.certe.mx
14    2a02:26f0:6c00:28a::753 (European Union)

ASN20940 (AKAMAI-ASN1, US)
r1.res.office365.com
r4.res.office365.com
1    2a02:26f0:6c00:294::b34 (European Union)

ASN20940 (AKAMAI-ASN1, US)
res.delve.office.com
5    40.112.64.19 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
account.activedirectory.windowsazure.com
3    40.112.64.25 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.microsoftonline.com
1    2603:1026:205:1::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.office365.com
1    2a01:111:f100:a004::bfeb:8aa2 (United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
webshell.suite.office.com
Domain Requested by
13 r1.res.office365.com accounts.certe.mx
7 accounts.certe.mx accounts.certe.mx
5 account.activedirectory.windowsazure.com accounts.certe.mx
3 login.microsoftonline.com accounts.certe.mx
1 webshell.suite.office.com accounts.certe.mx
1 outlook.office365.com 1 redirects
1 r4.res.office365.com accounts.certe.mx
1 res.delve.office.com accounts.certe.mx
1 llantasdecoatzintla.com 1 redirects
31 9

This site contains links to these domains. Also see Links.

Domain
www.office.com
Subject Issuer Validity Valid
accounts.certe.mx
cPanel, Inc. Certification Authority		 2018-08-22 -
2018-11-20		 3 months crt.sh
*.res.outlook.com
Microsoft IT TLS CA 5		 2017-11-27 -
2019-11-27		 2 years crt.sh
*.delve.office.com
Microsoft IT TLS CA 2		 2017-11-17 -
2019-11-17		 2 years crt.sh
account.activedirectory.windowsazure.com
Microsoft IT TLS CA 1		 2017-09-15 -
2019-09-15		 2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 4		 2017-12-28 -
2019-12-28		 2 years crt.sh
webshell.suite.office.com
Microsoft IT TLS CA 1		 2018-02-28 -
2020-02-28		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Frame ID: 1C7762ADEA2C65DA6A38DA004AD7FA9E
Requests: 27 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=ec5a7b1d-f86b-4b1d-9061-13a7f1518ba6&protectedtoken=true&prompt=none&login_hint=darren.martin%40humboldtre.com&nonce=636706127037836280.862f86d3-e008-4f18-b59f-4815302b365a&state=1U9BbsIwEAzlLeEW49jEcQ-oaqFIvbSoiAeYeF0sJTZaOwT6w_6qVrjwBaTd0Wq1MzszybJsmvop9YQmyGrBRU1FyWrKa8kFk5RIwYwUmhdAqSwWppTFoXo2xUKWFafswEWlJon7N537Qc13vY2wAzzbBrboL1eiwunyEu7W-wD4qTpYaoUIjnQKo3X5gh777uBbHRFI47vZPecbYo9uj-3yGOMp5Pw1Z5tUqml87yJRTbRn0BahiR6vZLBO-yGo3_4mlk5XR-V-YKtCGDzq0VbON2-onF55F-ESP9Y5X3-lQDkT2I8DX9_-sYqrBMyMcPIYVUu8McnaTT5t37WNKbKxLZTVqD_Dh7T9Dw
Frame ID: 1C57EE17C19FC0E3AF9CF4451FEE23F0
Requests: 1 HTTP requests in this frame

Frame: https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Faccount.activedirectory.windowsazure.com&shsid=3be16a50-33b9-4d21-9c98-6b6ba329f4d0&cshver=16.00.2528.000&apiver=g2
Frame ID: C1CCE7872EBE5098D3CF6F0ECCB583AF
Requests: 1 HTTP requests in this frame

Frame: https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/MasterStyles.css
Frame ID: 1D2EF51BE674C39B2CCF6280514BEA3A
Requests: 1 HTTP requests in this frame

Frame: https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/O365NavbarStyleOverrides.css
Frame ID: 7C3906998375806BB60FB8D708BF803B
Requests: 1 HTTP requests in this frame

Frame: https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/ChangePassword.css
Frame ID: 0F9107EB769B8590E778FB4F5F7F86C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://llantasdecoatzintla.com/cp/ HTTP 302
    https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

31
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

7
IPs

4
Countries

1300 kB
Transfer

3568 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://llantasdecoatzintla.com/cp/ HTTP 302
    https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://outlook.office365.com/owa/SuiteServiceProxy.aspx?suiteServiceUserName=darren.martin%40humboldtre.com&suiteServiceReturnUrl=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2FChangePassword.aspx%3FBrandContextID%3DO365%26ruO365%3Dhttps%253a%252f%252fportal.office.com%252fEditProfile15.aspx&returnUrl=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2FChangePassword.aspx%3FBrandContextID%3DO365%26ruO365%3Dhttps%253a%252f%252fportal.office.com%252fEditProfile15.aspx HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=ec5a7b1d-f86b-4b1d-9061-13a7f1518ba6&protectedtoken=true&prompt=none&login_hint=darren.martin%40humboldtre.com&nonce=636706127037836280.862f86d3-e008-4f18-b59f-4815302b365a&state=1U9BbsIwEAzlLeEW49jEcQ-oaqFIvbSoiAeYeF0sJTZaOwT6w_6qVrjwBaTd0Wq1MzszybJsmvop9YQmyGrBRU1FyWrKa8kFk5RIwYwUmhdAqSwWppTFoXo2xUKWFafswEWlJon7N537Qc13vY2wAzzbBrboL1eiwunyEu7W-wD4qTpYaoUIjnQKo3X5gh777uBbHRFI47vZPecbYo9uj-3yGOMp5Pw1Z5tUqml87yJRTbRn0BahiR6vZLBO-yGo3_4mlk5XR-V-YKtCGDzq0VbON2-onF55F-ESP9Y5X3-lQDkT2I8DX9_-sYqrBMyMcPIYVUu8McnaTT5t37WNKbKxLZTVqD_Dh7T9Dw

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ChangePassword.php
accounts.certe.mx/d3iB7e/auth/
Redirect Chain
  • https://llantasdecoatzintla.com/cp/?
  • https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
420 KB
421 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash
a0b569d2128bb80f53c57093ddb1cbb47fa2870d1e6983bfb8e86779dcf6f800

Request headers

Host
accounts.certe.mx
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
1C7762ADEA2C65DA6A38DA004AD7FA9E

Response headers

Date
Thu, 23 Aug 2018 09:18:22 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=q707ghe09n3up9erln4vnveb62; path=/
Keep-Alive
timeout=5, max=150
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
nginx/1.14.0
Date
Thu, 23 Aug 2018 09:18:21 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
WebResource.axd
accounts.certe.mx/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.certe.mx/WebResource.axd?d=FDNuHgHi8ScUh6mDnyQ1Kh8HWP5Zf1VHdwRFD20zMtHywaXPMh5HwZA9iBT0m7SAmkpZsW84JearKJcVCPSGwxO6L7ps_KvibZIHYQR3ZkCYEudbHpN-9l73hmWkIidQJV1l2UmDPEZXYi8SI6o67WxmOy0hPsPEsxuLuyFHVBjjgrkNHfRx_zDbDsG16QCHHZMoNLwx5ieVz1yBpHSWBA2&t=635151460000000000
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accounts.certe.mx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Cookie
PHPSESSID=q707ghe09n3up9erln4vnveb62
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 09:18:23 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
12003
Content-Type
text/html
shellbootstrapperg2css_2712f627.css
r1.res.office365.com/o365/versionless/ 		46 B
213 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellbootstrapperg2css_2712f627.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
54cdab7046aac6c817f330d46551671727f0f762b279d71af82876f3e4079cc2

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
last-modified
Wed, 13 Sep 2017 23:30:25 GMT
server
Apache
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
46
shellg2coremincss_8acd0996.css
r1.res.office365.com/o365/versionless/ 		70 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellg2coremincss_8acd0996.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
71e2d24fd60ecb72ac9da6785476ff74eab5f03e1c74cdc535ba32db3b26b979

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Fri, 10 Aug 2018 21:22:43 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
23267
shellg2corecss_371d09.css
r1.res.office365.com/o365/versionless/ 		101 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellg2corecss_371d09.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
f8da4b77b209c12728ef0bcf1945d9cdff3242cef65779ecc1fbe32a55160a63

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Fri, 10 Aug 2018 21:22:41 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
29410
usertheme_mountain_846e9291.css
r1.res.office365.com/o365/versionless/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/usertheme_mountain_846e9291.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
f1f3f7a963a49c6c5e9b54d28af71d629dcb8e3e1cfb0e4f1c221c9dd480ee42

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Sat, 05 May 2018 19:52:08 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
2483
shellg2pluscss_5d7fb438.css
r1.res.office365.com/o365/versionless/ 		163 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellg2pluscss_5d7fb438.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
a14f5f02e90fb6a4ee1f0b34045d21aa68f25843af98fb41e3a56ede1c5b092e

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Wed, 24 Jan 2018 03:51:54 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
36346
profile_photo_picker_1_20180607_11_0_524e5613807382845262.js
res.delve.office.com/lpc/versionless/ 		490 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.delve.office.com/lpc/versionless/profile_photo_picker_1_20180607_11_0_524e5613807382845262.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:294::b34 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
9f238312f9f18b3367cfe22181aa3b542de5b65c1d325afec562662b97c77abd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

Date
Thu, 23 Aug 2018 09:18:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jun 2018 00:12:59 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=630720000, s-maxage=630720000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142160
o365shellarialogger_3cefa9b2.js
r1.res.office365.com/o365/versionless/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/o365shellarialogger_3cefa9b2.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
0a57958dac14aea8ed09167919bdfcf06654870e44aca5b4a8eae2b1bc8ea4cf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Sat, 26 Aug 2017 01:35:52 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
13607
fp.js
r4.res.office365.com/footprint/v2.6/scripts/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/footprint/v2.6/scripts/fp.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
1ea2b476766902a6e1b5a2df29d616ab8afd0d9a8b77b42beee5ba5d51ffe39e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Fri, 08 Jun 2018 19:18:12 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=86400, s-maxage=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
6202
WebResource.axd
accounts.certe.mx/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.certe.mx/WebResource.axd?d=vLEK5hVGho-YhmmEOPnRWqB3RJQ0iQp7g15xO1ALkFUygbPntoWpyoB-1rdhC9Y7W65e9HdnT-lHpl4zPcOmT5-XR4cnto4dToGAirFJ8ws6QQt60y2fZ-xoy9ORCww5QZtlmB_jtoUhvST3mcNr9A2&t=636659234995907889
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accounts.certe.mx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Cookie
PHPSESSID=q707ghe09n3up9erln4vnveb62
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 09:18:23 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=149
Content-Length
12003
Content-Type
text/html
MicrosoftAjaxCombined.js
account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/JSC/ 		221 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/JSC/MicrosoftAjaxCombined.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5ea698b3ac0114a7f7a2c1ab35d3f8d15a3d86cf9820c159ddb80c739f77b623
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-ms-gateway-requestid
6f8981a1-b245-474a-9bc6-8f27b9240cc5
Content-Length
56037
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
x-ms-session-id
34c30e09-a988-4fa8-9919-d267e7c23d78
Last-Modified
Tue, 14 Aug 2018 08:23:44 GMT
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:22 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
application/x-javascript
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000
x-server
NEU
Content-Security-Policy
frame-ancestors 'self';
x-ms-correlation-id
423d0293-90e0-4a44-a437-7526af1ae33e
JSPublicKey.srf
login.microsoftonline.com/ppsecure/ 		804 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ppsecure/JSPublicKey.srf
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c23209943ebd0252d9f9ea1668691a568fb2b4b4de55cc3f7a1f0038f9018a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:22 GMT
Vary
Accept-Encoding
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
9ec9b626-068b-4266-aff0-84b5a6d10f00
Cache-Control
private
Content-Type
application/x-javascript; charset=utf-8
Content-Length
510
PPRSAEnc.js
login.microsoftonline.com/ppsecure/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ppsecure/js/PPRSAEnc.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
81261be300ded216f14a6556a792a6cc735db157de13bb0a6b6b9b842a45ac35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:23 GMT
Vary
Accept-Encoding
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
b20da9e7-c72b-4e8f-98a6-bc176daf0e00
Cache-Control
private
Content-Type
application/x-javascript; charset=utf-8
Content-Length
2173
shellbootstrapperg2_3d2cf9ac.js
r1.res.office365.com/o365/versionless/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellbootstrapperg2_3d2cf9ac.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
2225fabaa4e18a8fb2d51affccb6ad302ad9b16c9ac56e5a81d0ee467318adbf

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:22 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2018 01:53:02 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
2291
ScriptResource.axd
accounts.certe.mx/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.certe.mx/ScriptResource.axd?d=q9NVCD1c4NPkFLIrrDp1_a4V6C0q1jfqPVJAERqBOqMKleyPLAwiCl3ojFKVivGs-2s4-fV3a8dEdE3ZZkLtnIFCKNrbqsGv0hTgaYgudBvc2cW5hQJdTFMfot9sfH6KwkJpWMLAczYdLJ6GIyPurqEvkQ5BTDzoN9i2SKR9xL8-UCaC_4oARg49eVkYt-uzEBGWzNRx6fDowmNEzmtwuA2&t=ffffffff85b84bae
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accounts.certe.mx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Cookie
PHPSESSID=q707ghe09n3up9erln4vnveb62
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 09:18:23 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=148
Content-Length
12003
Content-Type
text/html
WebResource.axd
accounts.certe.mx/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.certe.mx/WebResource.axd?d=ouGVjwoCKimzI8sfbmqHeahzpw6XnL7qDIqX0zcO5itUGBE9yvvuYHnnsOZ25dcJAd_kEIu50NBlb7JMZPAI-do9h002_j2Vb0Al7gXRE0bgzNbxaLztsodI5_iQzTb1eKkq6CnL477J6pcT4s9k3A2&t=636659234995907889
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accounts.certe.mx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Cookie
PHPSESSID=q707ghe09n3up9erln4vnveb62
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 09:18:23 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=147
Content-Length
12003
Content-Type
text/html
=0&size=HR64x64&sc=1534865493956
accounts.certe.mx/d3iB7e/auth/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.certe.mx/d3iB7e/auth/=0&size=HR64x64&sc=1534865493956
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash
65bf7271eedc50a9e0cbbcae45156c1d0a5c1bd2e26028c26b87905e487eed0c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accounts.certe.mx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 09:18:23 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
12003
Content-Type
text/html
spinner_24x24.gif
accounts.certe.mx/webcontrols/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.certe.mx/webcontrols/images/spinner_24x24.gif
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.225.22 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.alojate3.com
Software
Apache /
Resource Hash
65bf7271eedc50a9e0cbbcae45156c1d0a5c1bd2e26028c26b87905e487eed0c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accounts.certe.mx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 09:18:23 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
12003
Content-Type
text/html
webcontrols.png
account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/webcontrols.png
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
295b179d93907f6aa011418544cc7269afebf65769fe95260e0f5a6a40a27bae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-ms-gateway-requestid
5d914916-fe47-4d98-8ef1-6ce2fc4a4b3d
Content-Length
77475
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
x-ms-session-id
04639d4b-5e08-4458-8755-a71a80822271
Last-Modified
Tue, 14 Aug 2018 08:23:44 GMT
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:22 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000
x-server
NEU
Content-Security-Policy
frame-ancestors 'self';
x-ms-correlation-id
ef895a19-6fb2-402d-8e81-6ab2c8eec03d
shellcoreming2m_c8ff6fb5.js
r1.res.office365.com/o365/versionless/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellcoreming2m_c8ff6fb5.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
10264236f17a88a0c78efc1d9a7e31e399280b6a9727cdc706d421ee359c709d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

date
Thu, 23 Aug 2018 09:18:23 GMT
content-encoding
gzip
last-modified
Sat, 11 Aug 2018 22:02:06 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
19642
shellg2strings_99df9cde.js
r1.res.office365.com/o365/versionless/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellg2strings_99df9cde.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
e7fa25bebb1437a60c673b8fda2f39b478074496b8416896fafe87a19b539dc7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

date
Thu, 23 Aug 2018 09:18:23 GMT
content-encoding
gzip
last-modified
Fri, 13 Jul 2018 03:13:28 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
6224
shellcoreprimeg2m_6c1fb3b8.js
r1.res.office365.com/o365/versionless/ 		496 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellcoreprimeg2m_6c1fb3b8.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
25c9c9e04eb82b57f61d23b5edfcd71c7d5e3eab457539eb8fca342e52f93ab1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

date
Thu, 23 Aug 2018 09:18:23 GMT
content-encoding
gzip
last-modified
Sat, 11 Aug 2018 22:01:59 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
shellplusg2m_be028d0d.js
r1.res.office365.com/o365/versionless/ 		1 MB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/shellplusg2m_be028d0d.js
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
875fa553c500b7a96caf93f03027cc14dfb3442100a1d00154ce625174864bef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Origin
https://accounts.certe.mx

Response headers

date
Thu, 23 Aug 2018 09:18:23 GMT
content-encoding
gzip
last-modified
Sat, 11 Aug 2018 22:02:05 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
usertheme_mountain_fc6d3602.jpg
r1.res.office365.com/o365/versionless/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r1.res.office365.com/o365/versionless/usertheme_mountain_fc6d3602.jpg
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
4a78d5625212ddcd466e7aaef784490346e524d95595120bc51354cf9dad3292

Request headers

Referer
https://r1.res.office365.com/o365/versionless/usertheme_mountain_846e9291.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 09:18:23 GMT
last-modified
Fri, 04 May 2018 01:12:43 GMT
server
Apache
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
75921
truncated
/ 		13 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bea9e084d60f8ecc6e2f95707d4f00900be5f5deab155462ca61cab1c42ba2dc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://accounts.certe.mx

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/font-woff
systemnotificationaudio_6ffdee1e.mp3
r1.res.office365.com/o365/versionless/ 		17 KB
17 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1.res.office365.com/o365/versionless/systemnotificationaudio_6ffdee1e.mp3
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
8bc069d4890324ced3ad8db5227fb602b6fa418edbfc737b65176219779d107b

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

date
Thu, 23 Aug 2018 09:18:23 GMT
last-modified
Sat, 05 May 2018 19:52:07 GMT
server
Apache
access-control-allow-origin
*
status
206
content-type
audio/mpeg
Content-Range
bytes 0-17398/17399
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
Content-Length
17399
Cookie set authorize
login.microsoftonline.com/common/oauth2/ Frame 1C57
Redirect Chain
  • https://outlook.office365.com/owa/SuiteServiceProxy.aspx?suiteServiceUserName=darren.martin%40humboldtre.com&suiteServiceReturnUrl=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2FChangePas...
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=ec5a7b1d-f86b-4b1d-9061-13a7f1518ba6&protectedtoken=true&prompt=none&login_hint=darren.martin%40humboldtre.com&nonce=636706127037836280.862f86d3-e008-4f18-b59f-4815302b365a&state=1U9BbsIwEAzlLeEW49jEcQ-oaqFIvbSoiAeYeF0sJTZaOwT6w_6qVrjwBaTd0Wq1MzszybJsmvop9YQmyGrBRU1FyWrKa8kFk5RIwYwUmhdAqSwWppTFoXo2xUKWFafswEWlJon7N537Qc13vY2wAzzbBrboL1eiwunyEu7W-wD4qTpYaoUIjnQKo3X5gh777uBbHRFI47vZPecbYo9uj-3yGOMp5Pw1Z5tUqml87yJRTbRn0BahiR6vZLBO-yGo3_4mlk5XR-V-YKtCGDzq0VbON2-onF55F-ESP9Y5X3-lQDkT2I8DX9_-sYqrBMyMcPIYVUu8McnaTT5t37WNKbKxLZTVqD_Dh7T9Dw
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Host
login.microsoftonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Accept-Encoding
gzip, deflate
Cookie
stsservicecookie=ests; esctx=AQABAAAAAADXzZ3ifr-GRbDT45zNSEFEkqZNT_OhI8xPq12Udx9ypDS2LecYkXkQq5JX_Krl2cvSpnl6D4zpLjMLRLN1rqjxsEZ0eHSDaBtovHVQBFTgvM43kjkXtT00gfMVtRmtiZrdWJ0AwiIOcF7tQ6rVJnTVO6oHujDtvFKZiKV27S9ZcrRd5-de7OwCeLU5te7zZJYgAA; x-ms-gateway-slice=003
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
1C7762ADEA2C65DA6A38DA004AD7FA9E
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
x-ms-request-id
8083b792-20f8-4a0e-b497-caa7ccd70f00
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
buid=AQABAAEAAADXzZ3ifr-GRbDT45zNSEFEzsMWSs-ksUb9BW7F9e9kxGPD5tJVpVsdXc6rL1AbATC0FWbEf6BytUBxkI60J9kL-NiTFiwsLVIH8nq-b7CVQw5NZz7xubNG7lBScsDy7f0gAA; expires=Sat, 22-Sep-2018 09:18:23 GMT; path=/; secure; HttpOnly x-ms-gateway-slice=017; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Date
Thu, 23 Aug 2018 09:18:23 GMT
Content-Length
916

Redirect headers

Content-Length
1003
Content-Type
text/html; charset=utf-8
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=ec5a7b1d-f86b-4b1d-9061-13a7f1518ba6&protectedtoken=true&prompt=none&login_hint=darren.martin%40humboldtre.com&nonce=636706127037836280.862f86d3-e008-4f18-b59f-4815302b365a&state=1U9BbsIwEAzlLeEW49jEcQ-oaqFIvbSoiAeYeF0sJTZaOwT6w_6qVrjwBaTd0Wq1MzszybJsmvop9YQmyGrBRU1FyWrKa8kFk5RIwYwUmhdAqSwWppTFoXo2xUKWFafswEWlJon7N537Qc13vY2wAzzbBrboL1eiwunyEu7W-wD4qTpYaoUIjnQKo3X5gh777uBbHRFI47vZPecbYo9uj-3yGOMp5Pw1Z5tUqml87yJRTbRn0BahiR6vZLBO-yGo3_4mlk5XR-V-YKtCGDzq0VbON2-onF55F-ESP9Y5X3-lQDkT2I8DX9_-sYqrBMyMcPIYVUu8McnaTT5t37WNKbKxLZTVqD_Dh7T9Dw
Server
Microsoft-IIS/10.0
request-id
ec5a7b1d-f86b-4b1d-9061-13a7f1518ba6
X-CalculatedFETarget
AM3PR07CU006.internal.outlook.com
X-BackEndHttpStatus
302 302
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie
ClientId=98C96A7A6873409DABA88CF3773720BA; expires=Fri, 23-Aug-2019 09:18:23 GMT; path=/; secure ClientId=98C96A7A6873409DABA88CF3773720BA; expires=Fri, 23-Aug-2019 09:18:23 GMT; path=/; secure OIDC=1; expires=Sat, 23-Feb-2019 09:18:23 GMT; path=/; secure; HttpOnly OpenIdConnect.token.v1=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.token.v1=; domain=outlook.office365.com; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.id_token.v1=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.code.v1=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.idp_nonce.v1=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.idp_correlation_id=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.tokenPostPath=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.id_token.v1=; domain=outlook.office365.com; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.code.v1=; domain=outlook.office365.com; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.idp_nonce.v1=; domain=outlook.office365.com; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.idp_correlation_id=; domain=outlook.office365.com; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.tokenPostPath=; domain=outlook.office365.com; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OpenIdConnect.nonce.v3.YB62HdR5Vl_tPBppCDHO868P0dW1Gm27t3gsOXQSLaU=636706127037836280.862f86d3-e008-4f18-b59f-4815302b365a; path=/; secure; HttpOnly HostSwitchPrg=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure OptInPrg=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure SuiteServiceProxyKey=; expires=Tue, 23-Aug-1988 09:18:23 GMT; path=/; secure
X-FEProxyInfo
AM3PR07CA0147.EURPRD07.PROD.OUTLOOK.COM
X-CalculatedBETarget
AM3PR04MB1283.EURPRD04.PROD.OUTLOOK.COM
X-RUM-Validated
1
X-Content-Type-Options
nosniff
X-BeSku
Gen8
X-OWA-DiagnosticsInfo
1;0;0
X-BackEnd-Begin
2018-08-23T09:18:23.783
X-BackEnd-End
2018-08-23T09:18:23.783
X-DiagInfo
AM3PR04MB1283
X-BEServer
AM3PR04MB1283
X-UA-Compatible
IE=EmulateIE7
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-FEServer
AM3PR07CA0147 AM5PR04CA0035
X-Powered-By
ASP.NET
Date
Thu, 23 Aug 2018 09:18:23 GMT
TokenFactoryIframe
webshell.suite.office.com/iframe/ Frame C1CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Faccount.activedirectory.windowsazure.com&shsid=3be16a50-33b9-4d21-9c98-6b6ba329f4d0&cshver=16.00.2528.000&apiver=g2
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:a004::bfeb:8aa2 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src *; script-src https://r1.res.office365.com 'nonce-rYsoHcJrlO85aRitOHm0PiBscV4jTuOUirHGH6nFKOE=' 'unsafe-inline'; connect-src *
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
webshell.suite.office.com
:scheme
https
:path
/iframe/TokenFactoryIframe?origin=https%3A%2F%2Faccount.activedirectory.windowsazure.com&shsid=3be16a50-33b9-4d21-9c98-6b6ba329f4d0&cshver=16.00.2528.000&apiver=g2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
1C7762ADEA2C65DA6A38DA004AD7FA9E
Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=

Response headers

status
200
cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
s.SessID=e7a278aa-1ad3-4c1e-bc17-3b1f656858e1; path=/; secure; HttpOnly
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
content-security-policy
default-src 'none'; frame-src *; script-src https://r1.res.office365.com 'nonce-rYsoHcJrlO85aRitOHm0PiBscV4jTuOUirHGH6nFKOE=' 'unsafe-inline'; connect-src *
x-o365suiteuxshell-correlationid
54f25a6f-c549-4ca4-98f7-a0347cc07e0a
x-powered-by
ASP.NET
date
Thu, 23 Aug 2018 09:18:23 GMT
content-length
1086
MasterStyles.css
account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/ Frame 1D2E 		69 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/MasterStyles.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9f2c13389838ba9259a58e8432dc75aed610fd85938ce19a273e3d70fe240c59
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-ms-gateway-requestid
09b408e9-7916-4539-9316-3218de9b2b45
Content-Length
11681
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
x-ms-session-id
04639d4b-5e08-4458-8755-a71a80822271
Last-Modified
Tue, 14 Aug 2018 08:23:44 GMT
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:23 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000
x-server
NEU
Content-Security-Policy
frame-ancestors 'self';
x-ms-correlation-id
6819ce41-f147-462c-8240-60c2eec86e07
O365NavbarStyleOverrides.css
account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/ Frame 7C39 		322 B
993 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/O365NavbarStyleOverrides.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4598b2ffb98d047057df3bca4279b414541f1da5c2549102c1394c880d181a85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-ms-gateway-requestid
a768ef78-83a5-46f6-92ab-1337462bd624
Content-Length
216
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
x-ms-session-id
04639d4b-5e08-4458-8755-a71a80822271
Last-Modified
Tue, 14 Aug 2018 08:23:44 GMT
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:23 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000
x-server
NEU
Content-Security-Policy
frame-ancestors 'self';
x-ms-correlation-id
f29da957-e609-4313-9b79-73c0abac3d60
ChangePassword.css
account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/ Frame 0F91 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.activedirectory.windowsazure.com/1.0.0.2367/Chrome/en-GB/css/ChangePassword.css
Requested by
Host: accounts.certe.mx
URL: https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.64.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f291f9b4f1948542401f533a5ac8ce05807cfb1c3bc80f88ed3b8c5f8ba00d41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.certe.mx/d3iB7e/auth/ChangePassword.php?client_id=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-ms-gateway-requestid
5f28f47a-bb19-48df-8608-3d89c5eecfbd
Content-Length
856
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
x-ms-session-id
04639d4b-5e08-4458-8755-a71a80822271
Last-Modified
Tue, 14 Aug 2018 08:03:01 GMT
Server
Microsoft-IIS/10.0
Date
Thu, 23 Aug 2018 09:18:23 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000
x-server
NEU
Content-Security-Policy
frame-ancestors 'self';
x-ms-correlation-id
25edc752-7f3c-4347-bf05-26f0a3ad7a7b

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| pageCreationTime object| Namespace object| WebTracking object| Hyperlink object| LocalizedMonths object| LocalizedDayNumbers object| LocalizedDays object| Microsoft object| _s function| HtmlEncode object| ClientLogService object| XmlHttpRequestService object| AjaxService function| StringToByteArrayASCII function| StringToByteArrayUnicode function| mapByteToBase64 function| Base64Encode function| ByteArrayToBase64 function| EncryptedProperties function| EncryptOldPassword function| EncryptString number| EncryptionVersion number| FormatVersion number| headerFinishTime object| __core-js_shared__ object| __themeState__ object| __globalSettings__ number| __currentId__ object| __stylesheet__ object| ProfilePhotoPicker object| O365 object| fpconfig object| Footprint function| applyLoginTenantBranding function| bookmarkPage function| RenderShell function| HandleO365ThemeButtonHover undefined| sessionExpiryRemainingTime undefined| timerElementId undefined| timerText undefined| timerCallbackFunctionName undefined| timerInterval function| SetupSessionExpiryTimer function| UpdateSessionExpiryRemainingTime function| formatTwoDigitTimeValue object| theForm function| __doPostBack function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| $common object| CommonToolkitScripts object| $AA object| Sys function| Type function| $removeHandler object| _events function| $find object| TextBox object| passwordStrengthLocalizedTextOptions object| ProgressBar object| Button function| PageLayout function| PasswordStrengthMeter function| ApplyO365Branding string| o365ButtonClass string| o365ButtonHoverClass string| o365BaseClass function| $ function| jQuery string| Key string| randomNum string| SKI function| parseRSAKeyFromString function| RSAencrypt function| JSMPnumber function| duplicateMP function| byteArrayToMP function| mpToByteArray function| modularExp function| modularMultiply function| multiplyMP function| normalizeJSMP function| removeLeadingZeroes function| divideMP function| multiplyAndSubtract function| applyPKCSv2Padding function| MGF function| XORarrays function| SHA1 function| wordToBytes function| PadSHA1Input function| SHA1RoundFunction function| rotateLeft function| hexStringToMP function| O365Shell object| PropertySheet function| __loadCompatLayer function| __supportsCompatLayer object| ImageButton object| BOX function| Debug function| __getNonTextNode function| __getLocation function| navigate function| attachEvent function| detachEvent function| WebForm_OnSubmit object| ChangePassword object| Page_Validators object| ChangePasswordControl_OldPasswordRequiredValidator object| ChangePasswordControl_OldPasswordPropertyValidator object| ChangePasswordControl_AggregationValidatorOldPassword object| ChangePasswordControl_NewPasswordRequiredValidator object| ChangePasswordControl_NewPasswordPropertyValidator object| ChangePasswordControl_NewPasswordMinimumLengthValidator object| ChangePasswordControl_NewPasswordMaximumLengthValidator object| ChangePasswordControl_NewPasswordCharacterExpressionValidator object| ChangePasswordControl_PasswordStrengthValidator object| ChangePasswordControl_OldAndNewPasswordsAreDifferentCustomValidator object| ChangePasswordControl_AggregationValidatorNewPassword object| ChangePasswordControl_ConfirmNewPasswordRequiredValidator object| ChangePasswordControl_ConfirmNewPasswordMinimumLengthValidator object| ChangePasswordControl_ConfirmNewPasswordMaximumLengthValidator object| ChangePasswordControl_ConfirmNewPasswordCharacterExpressionValidator object| ChangePasswordControl_PasswordMatchValidator object| ChangePasswordControl_AggregationValidatorConfirmNewPassword string| antiCsrfTokenElement string| token object| DialogManager boolean| Page_ValidationActive function| ValidatorOnSubmit function| DebugUtils object| scriptsLoaded object| scriptProcessStart object| _o365su object| _o365cl object| _o365sg2cm object| _o365sg2c object| scriptProcessEnd object| _s1 function| ComponentTypeRecord function| SourceFileRecord function| StyleFileRecord function| _dh function| _dtl function| JsonParser function| $a function| IMeFlexPaneHeaderButtonViewModel object| _j object| _ff object| _fm object| _fc object| _fce object| _fb function| timeEnd function| time function| timeStamp function| endMeasure function| startMeasure object| _o365cp object| O365Shell_Shim function| IPendingGetManager string| msrCryptoVersion object| msrCrypto function| MsrCryptoUtils function| _requestExecutorNative object| _o365SuiteServiceProxy function| SuiteApiInstanceManager object| _no object| _jc object| O365SuiteServiceProxy function| MejQuery object| _o365sa object| _sk object| _o365sg2p string| groupName

3 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: OpenIdConnect.nonce.v3.YB62HdR5Vl_tPBppCDHO868P0dW1Gm27t3gsOXQSLaU
Value: 636706127037836280.862f86d3-e008-4f18-b59f-4815302b365a
outlook.office365.com/ Name: OIDC
Value: 1
outlook.office365.com/ Name: ClientId
Value: 98C96A7A6873409DABA88CF3773720BA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.activedirectory.windowsazure.com
accounts.certe.mx
llantasdecoatzintla.com
login.microsoftonline.com
outlook.office365.com
r1.res.office365.com
r4.res.office365.com
res.delve.office.com
webshell.suite.office.com
192.185.93.209
2603:1026:205:1::2
2a01:111:f100:a004::bfeb:8aa2
2a02:26f0:6c00:28a::753
2a02:26f0:6c00:294::b34
40.112.64.19
40.112.64.25
72.52.225.22
0a57958dac14aea8ed09167919bdfcf06654870e44aca5b4a8eae2b1bc8ea4cf
10264236f17a88a0c78efc1d9a7e31e399280b6a9727cdc706d421ee359c709d
1ea2b476766902a6e1b5a2df29d616ab8afd0d9a8b77b42beee5ba5d51ffe39e
2225fabaa4e18a8fb2d51affccb6ad302ad9b16c9ac56e5a81d0ee467318adbf
25c9c9e04eb82b57f61d23b5edfcd71c7d5e3eab457539eb8fca342e52f93ab1
295b179d93907f6aa011418544cc7269afebf65769fe95260e0f5a6a40a27bae
4598b2ffb98d047057df3bca4279b414541f1da5c2549102c1394c880d181a85
4a78d5625212ddcd466e7aaef784490346e524d95595120bc51354cf9dad3292
54cdab7046aac6c817f330d46551671727f0f762b279d71af82876f3e4079cc2
5ea698b3ac0114a7f7a2c1ab35d3f8d15a3d86cf9820c159ddb80c739f77b623
65bf7271eedc50a9e0cbbcae45156c1d0a5c1bd2e26028c26b87905e487eed0c
71e2d24fd60ecb72ac9da6785476ff74eab5f03e1c74cdc535ba32db3b26b979
81261be300ded216f14a6556a792a6cc735db157de13bb0a6b6b9b842a45ac35
875fa553c500b7a96caf93f03027cc14dfb3442100a1d00154ce625174864bef
8bc069d4890324ced3ad8db5227fb602b6fa418edbfc737b65176219779d107b
9f238312f9f18b3367cfe22181aa3b542de5b65c1d325afec562662b97c77abd
9f2c13389838ba9259a58e8432dc75aed610fd85938ce19a273e3d70fe240c59
a0b569d2128bb80f53c57093ddb1cbb47fa2870d1e6983bfb8e86779dcf6f800
a14f5f02e90fb6a4ee1f0b34045d21aa68f25843af98fb41e3a56ede1c5b092e
bea9e084d60f8ecc6e2f95707d4f00900be5f5deab155462ca61cab1c42ba2dc
c23209943ebd0252d9f9ea1668691a568fb2b4b4de55cc3f7a1f0038f9018a39
e7fa25bebb1437a60c673b8fda2f39b478074496b8416896fafe87a19b539dc7
f1f3f7a963a49c6c5e9b54d28af71d629dcb8e3e1cfb0e4f1c221c9dd480ee42
f291f9b4f1948542401f533a5ac8ce05807cfb1c3bc80f88ed3b8c5f8ba00d41
f8da4b77b209c12728ef0bcf1945d9cdff3242cef65779ecc1fbe32a55160a63