jadeleeauthor.com Open in urlscan Pro
192.185.73.94 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://jadeleeauthor.com/wp-admin/js/litt/hotis/
Submission: On March 04 via automatic, source phishtank (March 4th 2017, 2:28:09 am UTC)

Summary HTTP 26 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 26 HTTP transactions. The main IP is 192.185.73.94, located in Houston, United States and belongs to CYRUSONE - CyrusOne LLC, US. The main domain is jadeleeauthor.com.

This is the only time jadeleeauthor.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
16	192.185.73.94 192.185.73.94	20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC)
2	104.111.237.158 104.111.237.158	20940 (AKAMAI-ASN1 ) (AKAMAI-ASN1 )
7	2a02:26f0:78:... 2a02:26f0:78:19f::753	20940 (AKAMAI-ASN1 ) (AKAMAI-ASN1 )
1	2a02:26f0:78:... 2a02:26f0:78:184::753	20940 (AKAMAI-ASN1 ) (AKAMAI-ASN1 )
26	4

16 192.185.73.94 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-73-94.unifiedlayer.com

jadeleeauthor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.237.158 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1 , US)
PTR: a104-111-237-158.deploy.static.akamaitechnologies.com

auth.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:78:19f::753 (European Union)

ASN20940 (AKAMAI-ASN1 , US)

r1.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:78:184::753 (European Union)

ASN20940 (AKAMAI-ASN1 , US)

r1.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	jadeleeauthor.com jadeleeauthor.com	897 KB
8	office365.com r1.res.office365.com	716 KB
2	gfx.ms auth.gfx.ms	57 KB
26	3

	Domain	Requested by
16	jadeleeauthor.com	jadeleeauthor.com
8	r1.res.office365.com	jadeleeauthor.com
2	auth.gfx.ms	jadeleeauthor.com
26	3

This site contains links to these domains. Also see Links.

Domain
signup.live.com
login.live.com

Subject Issuer	Validity	Valid
msagfx.live.com Symantec Class 3 Secure Server CA - G4	`2016-12-14` - `2018-12-15`	2 years	crt.sh
*.res.outlook.com Microsoft IT SSL SHA2	`2016-12-19` - `2018-04-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://jadeleeauthor.com/wp-admin/js/litt/hotis/
Frame ID: 28745.1
Requests: 8 HTTP requests in this frame

Frame: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm
Frame ID: 28745.4
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

26
Requests

38 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1670 kB
Transfer

5917 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.live.com/signup.aspx?wa=wsignin1.0&rpsnv=13&ct=1479716212&rver=6.4.6456.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f&id=292841&cbcxt=out&fl=wld&contextid=10C0D0F7EF45A4AB&bk=1479716215&uiflavor=web&uaid=2419581f135940218028ecd616c02d58&mkt=EN-GB&lc=2057
Title: Create one!

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&mkt=EN-GB&vv=1600
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=MSNPrivacyStatement&mkt=EN-GB&vv=1600
Title: Privacy & Cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response jadeleeauthor.com/wp-admin/js/litt/hotis/	14 KB 5 KB	744ms 629ms	Document text/html	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `4177eda99d21e25398902e247112b2f8da75c82bf1fe0b2470d0d04fbc529b7b` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Pragma no-cache Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Server nginx/1.10.3 Transfer-Encoding chunked Connection keep-alive Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	Default2057.css jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/	74 KB 17 KB	173ms 172ms	Stylesheet text/css	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/Default2057.css Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `ca078e9833f067c6e28abe33c37a8ca9565fd02abe961e2ebc227635b1b03027` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	DefaultLoginPaginatedStrings.js Show response jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/	11 KB 4 KB	272ms 143ms	Script application/javascript	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/DefaultLoginPaginatedStrings.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `39dd8d5743dc3030a5b771a5b30099202bc50ee6beb05fca7754ae8bdcbdac0c` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept / Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	DefaultLogin_PCore.js Show response jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/	190 KB 67 KB	271ms 143ms	Script application/javascript	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/DefaultLogin_PCore.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `8a3aa480509e9e782ec14eb1592d7fc0f68c82b443045751fcdfd051b03029ac` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept / Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	AppCentipede_Microsoft.svg jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/	7 KB 7 KB	136ms 136ms	Image image/svg+xml	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/AppCentipede_Microsoft.svg Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `bde5e27f76f371121f1955806f1b662f323f3793b079455f5bfe83365a393625` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Accept-Ranges bytes Content-Length 7174 Content-Type image/svg+xml
GET H/1.1	200 OK	Microsoft_Logotype_Gray.svg jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/	5 KB 5 KB	131ms 131ms	Image image/svg+xml	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/Microsoft_Logotype_Gray.svg Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Accept-Ranges bytes Content-Length 5435 Content-Type image/svg+xml
GET H/1.1	200 OK	DefaultLogin_PCore.js Show response auth.gfx.ms/16.000.26754.00.1/	190 KB 57 KB	40ms 21ms	Script application/javascript	104.111.237.158 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/16.000.26754.00.1/DefaultLogin_PCore.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.237.158 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS a104-111-237-158.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / Resource Hash `8a3aa480509e9e782ec14eb1592d7fc0f68c82b443045751fcdfd051b03029ac` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host auth.gfx.ms Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Accept / Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Thu, 17 Nov 2016 17:19:22 GMT PPServer PPV: 30 H: BAYIDSPRTS3G001 V: 0 ETag "59fd1ebdf640d21:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=365425 Transfer-Encoding chunked Connection keep-alive Transfer-Encoding Accept-Ranges bytes Server Microsoft-IIS/8.5
GET H/1.1	200 OK	prefetch.htm Show response jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/ Frame 2874	3 KB 1 KB	129ms 129ms	Document text/html	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `e63223af9ffdc9cdb6380e1b0a9ac80bf2f8049f22a487e84d0c6fe17eb842a3` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	boot.js jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	618 KB 202 KB	138ms 137ms	Stylesheet application/javascript	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `1b9c4052e72b504be91681782dabcd07103359c371d0f1cf8dbfb7b82d627f55` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	boot_002.js jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	615 KB 180 KB	135ms 134ms	Stylesheet application/javascript	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot_002.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `54b369574fe1385aafd02034054143c63dbfefe287e66a7c69a895861b7f2664` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	boot_003.js jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	629 KB 195 KB	143ms 142ms	Stylesheet application/javascript	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot_003.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `3a3726e21f4abb5ca82345d4536935b07a00600c01842abc38ae545a4b02b6a3` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:01 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	boot_004.js jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	605 KB 163 KB	264ms 148ms	Stylesheet application/javascript	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot_004.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `5d3b4333b30e02839d5470b057711d87c28ba5e890f5d50552e3ba255eae0d12` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	sprite1.png jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	17 KB 17 KB	257ms 142ms	Stylesheet image/png	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/sprite1.png Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `91c90d8393cba26fd7613d3313f8a13cd09b84682aa88aabba309c2d8c5987f4` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Accept-Ranges bytes Content-Length 16967 Content-Type image/png
GET H/1.1	200 OK	sprite1.css jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	7 KB 1 KB	257ms 141ms	Stylesheet text/css	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/sprite1.css Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `14d4e89d55b1f962a895050b05a52c71c399a59764bbf5649ec09a72cd64fdbe` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	boot.css jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/ Frame 2874	180 KB 32 KB	398ms 140ms	Stylesheet text/css	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot.css Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash `690bdda1858a5dd8cdac7e4f3814e5e4058bee79529fdbb6aa7f030b025dce9c` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Mon, 06 Feb 2017 07:22:38 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	404 Not Found	office365icons.woff jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/fonts/ Frame 2874	0 0	150ms 149ms	Font text/html	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/fonts/office365icons.woff Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash Request headers Pragma no-cache Origin http://jadeleeauthor.com Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept / Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot.css Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot.css Origin http://jadeleeauthor.com Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Tue, 15 Oct 2013 19:06:47 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	office365icons.ttf jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/fonts/ Frame 2874	0 0	131ms 131ms	Font text/html	192.185.73.94 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/fonts/office365icons.ttf Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Server 192.185.73.94 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-73-94.unifiedlayer.com Software nginx/1.10.3 / Resource Hash Request headers Pragma no-cache Origin http://jadeleeauthor.com Accept-Encoding gzip, deflate, sdch Host jadeleeauthor.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept / Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot.css Cookie PHPSESSID=2373ee07196b964a6250589c0f80a84a Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch_data/boot.css Origin http://jadeleeauthor.com Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Tue, 15 Oct 2013 19:06:47 GMT Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	boot.worldwide.0.mouse.js r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/ Frame 2874	618 KB 168 KB	32ms 16ms	Stylesheet application/x-javascript	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/boot.worldwide.0.mouse.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `1b9c4052e72b504be91681782dabcd07103359c371d0f1cf8dbfb7b82d627f55` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2016 04:31:17 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Transfer-Encoding chunked Connection keep-alive Transfer-Encoding Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	office365icons.woff r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/styles/fonts/ Frame 2874	65 KB 65 KB	39ms 24ms	Font application/font-woff	2a02:26f0:78:184::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/styles/fonts/office365icons.woff Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:184::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `908251f476520d80540130d783610fc711a6869b24fd901d472f2738b113a0a0` Request headers Pragma no-cache Origin http://jadeleeauthor.com Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept / Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Origin http://jadeleeauthor.com Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Last-Modified Fri, 11 Nov 2016 04:29:34 GMT Server Apache Content-Type application/font-woff Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 66144
GET H/1.1	200 OK	favicon.ico auth.gfx.ms/16.000.26754.00.1/images/	17 KB 540 B	7ms 7ms	Other image/x-icon	104.111.237.158 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/16.000.26754.00.1/images/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.237.158 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS a104-111-237-158.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / Resource Hash `90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host auth.gfx.ms Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://jadeleeauthor.com/wp-admin/js/litt/hotis/ Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:02 GMT Content-Encoding gzip Last-Modified Wed, 19 Oct 2016 13:11:54 GMT PPServer PPV: 30 H: BAYIDSPRTS3G003 V: 0 ETag "049ac5ca2ad21:0" Vary Accept-Encoding Content-Type image/x-icon Access-Control-Allow-Origin * Cache-Control max-age=365424 Connection keep-alive Accept-Ranges bytes Content-Length 540 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	boot.worldwide.1.mouse.js r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/ Frame 2874	615 KB 151 KB	36ms 35ms	Stylesheet application/x-javascript	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/boot.worldwide.1.mouse.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `54b369574fe1385aafd02034054143c63dbfefe287e66a7c69a895861b7f2664` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:03 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2016 04:31:13 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Transfer-Encoding chunked Connection keep-alive Transfer-Encoding Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	boot.worldwide.2.mouse.js r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/ Frame 2874	629 KB 160 KB	40ms 39ms	Stylesheet application/x-javascript	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/boot.worldwide.2.mouse.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `3a3726e21f4abb5ca82345d4536935b07a00600c01842abc38ae545a4b02b6a3` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:03 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2016 04:31:17 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Transfer-Encoding chunked Connection keep-alive Transfer-Encoding Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	boot.worldwide.3.mouse.js r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/ Frame 2874	605 KB 131 KB	18ms 18ms	Stylesheet application/x-javascript	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/scripts/boot.worldwide.3.mouse.js Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `5d3b4333b30e02839d5470b057711d87c28ba5e890f5d50552e3ba255eae0d12` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:03 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2016 04:31:13 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Transfer-Encoding chunked Connection keep-alive Transfer-Encoding Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	sprite1.mouse.png r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/images/0/ Frame 2874	17 KB 17 KB	7ms 6ms	Stylesheet image/png	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/images/0/sprite1.mouse.png Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `f0d67943f179ca187e126337efb606ae27878dcda4615dc48d976d79160cbc6e` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:03 GMT Last-Modified Fri, 11 Nov 2016 04:29:14 GMT Server Apache Content-Type image/png Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 16967
GET H/1.1	200 OK	sprite1.mouse.css r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/images/0/ Frame 2874	7 KB 1 KB	7ms 6ms	Stylesheet text/css	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/images/0/sprite1.mouse.css Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `14d4e89d55b1f962a895050b05a52c71c399a59764bbf5649ec09a72cd64fdbe` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:03 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2016 04:29:10 GMT Server Apache Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1098
GET H/1.1	200 OK	boot.worldwide.mouse.css r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/styles/0/ Frame 2874	180 KB 24 KB	12ms 12ms	Stylesheet text/css	2a02:26f0:78:19f::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r1.res.office365.com/owa/prem/16.1500.8.2150494/resources/styles/0/boot.worldwide.mouse.css Requested by Host: jadeleeauthor.com URL: http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:78:19f::753 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software Apache / Resource Hash `690bdda1858a5dd8cdac7e4f3814e5e4058bee79529fdbb6aa7f030b025dce9c` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host r1.res.office365.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm Connection keep-alive Cache-Control no-cache Referer http://jadeleeauthor.com/wp-admin/js/litt/hotis/index_files/prefetch.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 04 Mar 2017 02:28:03 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2016 04:29:27 GMT Server Apache Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control public,max-age=630720000, s-maxage=630720000 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 24683

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			jadeleeauthor.com/	1970-01-01 00:00:00	Name: PHPSESSID Value: 2373ee07196b964a6250589c0f80a84a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.gfx.ms
jadeleeauthor.com
r1.res.office365.com
104.111.237.158
192.185.73.94
2a02:26f0:78:184::753
2a02:26f0:78:19f::753
14d4e89d55b1f962a895050b05a52c71c399a59764bbf5649ec09a72cd64fdbe
1b9c4052e72b504be91681782dabcd07103359c371d0f1cf8dbfb7b82d627f55
356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f
39dd8d5743dc3030a5b771a5b30099202bc50ee6beb05fca7754ae8bdcbdac0c
3a3726e21f4abb5ca82345d4536935b07a00600c01842abc38ae545a4b02b6a3
4177eda99d21e25398902e247112b2f8da75c82bf1fe0b2470d0d04fbc529b7b
54b369574fe1385aafd02034054143c63dbfefe287e66a7c69a895861b7f2664
5d3b4333b30e02839d5470b057711d87c28ba5e890f5d50552e3ba255eae0d12
690bdda1858a5dd8cdac7e4f3814e5e4058bee79529fdbb6aa7f030b025dce9c
8a3aa480509e9e782ec14eb1592d7fc0f68c82b443045751fcdfd051b03029ac
908251f476520d80540130d783610fc711a6869b24fd901d472f2738b113a0a0
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
91c90d8393cba26fd7613d3313f8a13cd09b84682aa88aabba309c2d8c5987f4
bde5e27f76f371121f1955806f1b662f323f3793b079455f5bfe83365a393625
ca078e9833f067c6e28abe33c37a8ca9565fd02abe961e2ebc227635b1b03027
e63223af9ffdc9cdb6380e1b0a9ac80bf2f8049f22a487e84d0c6fe17eb842a3
f0d67943f179ca187e126337efb606ae27878dcda4615dc48d976d79160cbc6e

jadeleeauthor.com Open in urlscan Pro 192.185.73.94 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

26 Requests

38 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1670 kBTransfer

5917 kBSize

1 Cookies

3 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

jadeleeauthor.com Open in urlscan Pro
192.185.73.94 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

38 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1670 kB
Transfer

5917 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!