giveaway-dylandpros-garena.duckdns.org Open in urlscan Pro
13.75.65.160  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response giveaway-dylandpros-garena.duckdns.org/	977 B 3 KB	807ms 212ms	Document text/html	13.75.65.160 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://giveaway-dylandpros-garena.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.75.65.160 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 0b1220af8dbd4d29ad3477338bc4bb948e3643d4e0d645c819de321591e1a19b Security Headers Name Value Content-Security-Policy base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode = block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control private, no-store, no-cache, max-age=0, s-maxage=0 content-security-policy base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri content-security-policy-report-only base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri content-type text/html date Thu, 12 Oct 2023 14:25:25 GMT etag "1d9d42d03697691" expires 0 last-modified Mon, 21 Aug 2023 12:42:58 GMT pragma no-cache request-context appId= server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-rate-limit-limit 10m x-rate-limit-remaining 9999 x-rate-limit-reset 2023-10-12T14:35:25.1931066Z x-server-correlation-id 4000653d-0001-f000-b63f-84710c7967bb x-xss-protection 1; mode = block
GET H2	200	runtime.354351b69ca5f53d7806.bundle.js Show response res-1.cdn.office.net/onedrivelti/	4 KB 3 KB	277ms 42ms	Script application/javascript	2a02:26f0:480:25::1726:620d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://res-1.cdn.office.net/onedrivelti/runtime.354351b69ca5f53d7806.bundle.js Requested by Host: giveaway-dylandpros-garena.duckdns.org URL: https://giveaway-dylandpros-garena.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:620d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 60e697b457dc61f24c4b6b981a7423e27a2364ed1a80fe13d242979c11070111 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://giveaway-dylandpros-garena.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 14:25:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} alt-svc h3=":443"; ma=93600 content-length 2298 last-modified Wed, 07 Jun 2023 17:09:39 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.4d632617.1697120725.215f369c"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id 0cfdb767-201e-0034-7a9d-9ccc5f000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 timing-allow-origin *
GET H2	200	vendors.aa96dd4366ebfd95df6d.bundle.js Show response res-1.cdn.office.net/onedrivelti/	1 MB 320 KB	268ms 32ms	Script application/javascript	2a02:26f0:480:25::1726:620d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js Requested by Host: giveaway-dylandpros-garena.duckdns.org URL: https://giveaway-dylandpros-garena.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:620d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e7126f0fd85f3753b57a7cd4098c611a7626719f7b06e08c08610c4b698fa04e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://giveaway-dylandpros-garena.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 14:25:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} content-length 327320 last-modified Wed, 07 Jun 2023 17:09:42 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.4d632617.1697120725.215f369d"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id dc8eac8a-d01e-0030-0679-994158000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 timing-allow-origin *
GET H2	200	main.3a3d3b69eaa00c445b63.bundle.js Show response res-1.cdn.office.net/onedrivelti/	244 KB 49 KB	250ms 15ms	Script application/javascript	2a02:26f0:480:25::1726:620d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://res-1.cdn.office.net/onedrivelti/main.3a3d3b69eaa00c445b63.bundle.js Requested by Host: giveaway-dylandpros-garena.duckdns.org URL: https://giveaway-dylandpros-garena.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:620d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 45ef0b526142e695530e2a6accef236ae1977de330e5bc8f21300aca5a7b056c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://giveaway-dylandpros-garena.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 14:25:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains nel {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} content-length 49708 last-modified Wed, 07 Jun 2023 17:09:39 GMT x-cdn-provider Akamai vary Accept-Encoding report-to {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.4d632617.1697120725.215f369e"}],"include_subdomains ":true} content-type application/javascript access-control-allow-origin * x-ms-request-id 1aeb0006-b01e-0054-39fb-99b0c0000000 access-control-expose-headers date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id cache-control max-age=630720000 timing-allow-origin *
OPTIONS H2	200	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	575ms 212ms	Preflight	20.189.173.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://giveaway-dylandpros-garena.duckdns.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-max-age 3600 cache-control public, 3600 content-length 0 date Thu, 12 Oct 2023 14:25:26 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	153 B 437 B	489ms 164ms	XHR application/json	20.189.173.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: res-1.cdn.office.net URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash b59d98e4d7f426885e39b03ea334c4d34b0980476468f6df80b2e32592b80694 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1697120726795 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 time-delta-to-apply-millis use-collector-delta content-type application/x-json-stream cache-control no-cache, no-store Referer https://giveaway-dylandpros-garena.duckdns.org/ apikey fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387 Client-Id NO_AUTH Response headers strict-transport-security max-age=31536000 date Thu, 12 Oct 2023 14:25:27 GMT server Microsoft-HTTPAPI/2.0 time-delta-millis 981 access-control-allow-methods POST content-type application/json access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-expose-headers time-delta-millis access-control-allow-credentials true access-control-allow-headers time-delta-millis content-length 153
POST H2	200	/ Show response eu-mobile.events.data.microsoft.com/OneCollector/1.0/	153 B 774 B	93ms 31ms	XHR application/json	13.69.239.77 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: res-1.cdn.office.net URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.239.77 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash b59d98e4d7f426885e39b03ea334c4d34b0980476468f6df80b2e32592b80694 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1697120726801 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 time-delta-to-apply-millis use-collector-delta content-type application/x-json-stream cache-control no-cache, no-store Referer https://giveaway-dylandpros-garena.duckdns.org/ apikey fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387 Client-Id NO_AUTH Response headers strict-transport-security max-age=31536000 date Thu, 12 Oct 2023 14:25:26 GMT server Microsoft-HTTPAPI/2.0 time-delta-millis 212 access-control-allow-methods POST p3p CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" content-type application/json access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-expose-headers time-delta-millis access-control-allow-credentials true access-control-allow-headers P3P,Set-Cookie,time-delta-millis content-length 153
OPTIONS H2	200	/ eu-mobile.events.data.microsoft.com/OneCollector/1.0/	0 0	144ms 42ms	Preflight	13.69.239.77 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.239.77 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://giveaway-dylandpros-garena.duckdns.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-max-age 3600 cache-control public, 3600 content-length 0 date Thu, 12 Oct 2023 14:25:26 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
OPTIONS H2	200	/ eu-mobile.events.data.microsoft.com/OneCollector/1.0/	0 0	31ms 31ms	Preflight	13.69.239.77 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.239.77 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://giveaway-dylandpros-garena.duckdns.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-max-age 3600 cache-control public, 3600 content-length 0 date Thu, 12 Oct 2023 14:25:27 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	/ Show response eu-mobile.events.data.microsoft.com/OneCollector/1.0/	153 B 210 B	31ms 31ms	XHR application/json	13.69.239.77 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: res-1.cdn.office.net URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.239.77 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash e3457867a398f5f045ec742cdf02e714c2c33f0dc561bdaa1ff4fd776251fd62 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1697120727806 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 time-delta-to-apply-millis 212 content-type application/x-json-stream cache-control no-cache, no-store Referer https://giveaway-dylandpros-garena.duckdns.org/ apikey fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387 Client-Id NO_AUTH Response headers strict-transport-security max-age=31536000 date Thu, 12 Oct 2023 14:25:26 GMT server Microsoft-HTTPAPI/2.0 time-delta-millis 35 access-control-allow-methods POST content-type application/json access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-expose-headers time-delta-millis access-control-allow-credentials true access-control-allow-headers time-delta-millis content-length 153
OPTIONS H2	200	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	235ms 235ms	Preflight	20.189.173.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://giveaway-dylandpros-garena.duckdns.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-max-age 3600 cache-control public, 3600 content-length 0 date Thu, 12 Oct 2023 14:25:27 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	153 B 197 B	173ms 172ms	XHR application/json	20.189.173.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: res-1.cdn.office.net URL: https://res-1.cdn.office.net/onedrivelti/vendors.aa96dd4366ebfd95df6d.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.189.173.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash bf639339754a97f2e7e0cd28ae16575cb0ff5c0ff4f6eee377dc44e49970a762 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1697120727869 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 time-delta-to-apply-millis 981 content-type application/x-json-stream cache-control no-cache, no-store Referer https://giveaway-dylandpros-garena.duckdns.org/ apikey fef2a5fd44104eb18e359a69eaaf56d8-c23cf8b8-767d-416d-ae67-e0e2c17be636-7387 Client-Id NO_AUTH Response headers strict-transport-security max-age=31536000 date Thu, 12 Oct 2023 14:25:27 GMT server Microsoft-HTTPAPI/2.0 time-delta-millis 313 access-control-allow-methods POST content-type application/json access-control-allow-origin https://giveaway-dylandpros-garena.duckdns.org access-control-expose-headers time-delta-millis access-control-allow-credentials true access-control-allow-headers time-delta-millis content-length 153

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __CSP_NONCE object| webpackJsonp object| FabricConfig object| CSPSettings object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl number| __currentId__

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			giveaway-dylandpros-garena.duckdns.org/	1970-01-21 00:10:56	Name: MicrosoftApplicationsTelemetryDeviceId Value: 37a63747-592b-4c26-8478-f57a06fe6e8f
			giveaway-dylandpros-garena.duckdns.org/	1970-01-20 15:25:22	Name: ai_session Value: t0Ir/caCzMPEVkVTXcExBS|1697120725789|1697120725801
			.microsoft.com/	1970-01-21 00:10:56	Name: MC1 Value: GUID=1565c91b5ae8449a93b5005bab1dfd92&HASH=1565&LV=202310&V=4&LU=1697120727013
			.microsoft.com/	1970-01-20 15:25:22	Name: MS0 Value: f0f8eee935174271903383527236b3e9
			giveaway-dylandpros-garena.duckdns.org/	1970-01-21 00:10:56	Name: MSFPC Value: GUID=1565c91b5ae8449a93b5005bab1dfd92&HASH=1565&LV=202310&V=4&LU=1697120727013

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self' https://res-1.cdn.office.net; object-src 'none'; script-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; style-src 'self' 'report-sample' https://res-1.cdn.office.net 'nonce-4KhHzXNy5rhQ8rxNxcjqeAGoFuEhoOcEDmN+P7fEVto='; default-src 'none'; block-all-mixed-content; connect-src 'self' data: https://login.microsoftonline.com https://graph.microsoft.com https://*.sharepoint.com https://*.pipe.aria.microsoft.com https://eu-mobile.events.data.microsoft.com https://browser.events.data.microsoft.com; font-src https://static2.sharepointonline.com https://spoprod-a.akamaihd.net https://spoppe-b.azureedge.net; frame-src 'self' https://login.microsoftonline.com https://login.windows.net https://onedrive.live.com https://login.live.com https://*.sharepoint.com; img-src 'self' https://res-1.cdn.office.net; manifest-src 'self' https://res-1.cdn.office.net; report-uri
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode = block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
eu-mobile.events.data.microsoft.com
giveaway-dylandpros-garena.duckdns.org
res-1.cdn.office.net
13.69.239.77
13.75.65.160
20.189.173.1
2a02:26f0:480:25::1726:620d
0b1220af8dbd4d29ad3477338bc4bb948e3643d4e0d645c819de321591e1a19b
45ef0b526142e695530e2a6accef236ae1977de330e5bc8f21300aca5a7b056c
60e697b457dc61f24c4b6b981a7423e27a2364ed1a80fe13d242979c11070111
b59d98e4d7f426885e39b03ea334c4d34b0980476468f6df80b2e32592b80694
bf639339754a97f2e7e0cd28ae16575cb0ff5c0ff4f6eee377dc44e49970a762
e3457867a398f5f045ec742cdf02e714c2c33f0dc561bdaa1ff4fd776251fd62
e7126f0fd85f3753b57a7cd4098c611a7626719f7b06e08c08610c4b698fa04e