microsoft-verify.dev-ely-delva.workers.dev Open in urlscan Pro
2606:4700:3036::6815:ead Public Scan

Go To Rescan
Add Verdict Report

URL:
https://microsoft-verify.dev-ely-delva.workers.dev/
Submission Tags: @phishunt_io
Submission: On February 15 via api (February 15th 2022, 2:07:17 pm UTC) from DE — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::6815:ead, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoft-verify.dev-ely-delva.workers.dev.
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.

This is the only time microsoft-verify.dev-ely-delva.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3036::6815:ead	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3031::ac43:8c45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
27	6

2 2606:4700:3036::6815:ead (United States)

ASN13335 (CLOUDFLARENET, US)

microsoft-verify.dev-ely-delva.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3031::ac43:8c45 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.astroclient.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	astroclient.net cdn.astroclient.net	134 KB
8	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 24175 newassets.hcaptcha.com — Cisco Umbrella Rank: 10830 hcaptcha.com — Cisco Umbrella Rank: 7981	484 KB
4	gstatic.com fonts.gstatic.com	57 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	workers.dev microsoft-verify.dev-ely-delva.workers.dev	7 KB
27	5

	Domain	Requested by
11	cdn.astroclient.net	microsoft-verify.dev-ely-delva.workers.dev cdn.astroclient.net
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
4	fonts.gstatic.com	fonts.googleapis.com
2	hcaptcha.com	newassets.hcaptcha.com
2	fonts.googleapis.com	cdn.astroclient.net
2	microsoft-verify.dev-ely-delva.workers.dev	microsoft-verify.dev-ely-delva.workers.dev
1	js.hcaptcha.com	microsoft-verify.dev-ely-delva.workers.dev
27	7

This site contains no links.

Subject Issuer	Validity	Valid
*.dev-ely-delva.workers.dev R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.astroclient.net E1	`2022-01-13` - `2022-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://microsoft-verify.dev-ely-delva.workers.dev/
Frame ID: 5F6F78C5911E1111E0E49820FDFBA911
Requests: 20 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Frame ID: 32CF79A055E2AB5F9405B3B23B1671BE
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Frame ID: 53EC1AC9051D5CEF2D9A144CCAE3E7A7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Astro Client | Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

683 kB
Transfer

2058 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
microsoft-verify.dev-ely-delva.workers.dev/ 7 KB
2 KB 612ms
494ms Document
text/html 2606:4700:3036::6815:ead
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:ead , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f3dfe00e81b45548065aaacb397a32fa58f3b545b02bcea755a3a45e0372baf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 6ddf19e50835218d-DUS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ln8Npyogz7j7XD1P0UgTPyYnSjS6hETBbsixlpVMvyd5KWxU4CtSFJXhinjZvZTOzH309NLec%2BrWTCwMt69XPzfVBKT5UuGJvE1vxnYV40Zfhh70rFVhM1iNtwrIgo%2BCOaPLoNSYVJKZClj3LZ3OKOmNmROoBsLFO7QH1jxAx99tfBbZb9IvRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.astroclient.net/attachments/app/css/vendor/ 156 KB
25 KB 272ms
200ms Stylesheet
text/css 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/css/vendor/bootstrap.min.css
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:34 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b884a-26f1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgz8dPYd1LEI6HKoLj174C7PxCD8vMKqeA1zdKvjauCcks5%2BSAD%2FEBMMI09ub6d%2FY9Zi%2FJAusukVv67RpsUBKME4eLBu9dsC7e4IlpkfzUju%2FcNMT2jR9oikqUGCCvIrDlGcSRA6qJlY5xAaniNpvMvP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6ddf19e8b87d00ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.min.css
cdn.astroclient.net/attachments/app/css/ 241 KB
34 KB 321ms
249ms Stylesheet
text/css 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/css/styles.min.css
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:33 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b8849-3c456"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAYxPv%2Ftl%2F6oX1fXQKByUV9TmvOT%2B6ns633Q03UBdtbzGBv%2BUTDIBpqRaycFf5HSZy5f620fID0hSu7u35lJCeLnaQj0zhuh70OFtbqxAXInBjV73YJOTRyD7SJl2l3RzG2MB1F1VsFs0iIUP5qUmOdn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6ddf19e8b87f00ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket.png
cdn.astroclient.net/attachments/app/img/landing/ 9 KB
9 KB 218ms
147ms Image
image/png 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.astroclient.net/attachments/app/img/landing/rocket.png
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9328
last-modified: Tue, 15 Feb 2022 11:02:58 GMT
server: cloudflare
etag: "620b8862-2470"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNcZHqzkb5iui0sO1BBfOwMj8Z2IOCL5oEvvC5G3SLmVEMoTKwcAC90KzdPTDflw58t3f%2Bn5WwjJyr8myPQs3gbBLUyUg5R7%2BERl113Rv5vo1MTTH2ywiLRn0djHmNy4ZdqfTCzU56cFtPVsf9u52wlZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ddf19e8d8c100ba-AMS

GET
H2 200 rocket-loader.min.js Show response
microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
23ms Script
application/javascript 2606:4700:3036::6815:ead
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:ead , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:14:10 GMT
server: cloudflare
etag: W/"6206c392-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQcd891aL0P2FAlSmzklzz8ZHn1HTNxP%2BlkNR%2FfTGulg%2FkrmVFN4m6Tkij8yiX5KfP%2FwOn4XXvysjD6klJTyLb%2FqAx1mYUEbEmhHGawzxqhuen7GLOAyrBRBo%2BXRNJwckuYIy7qMxkKCj54mctuHLN4LVioQVn9xrHnTmwbVbG6hRovxVJmnX28%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ddf19e84996218d-DUS
vary: Accept-Encoding
expires: Thu, 17 Feb 2022 14:07:12 GMT

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ 83 KB
27 KB 68ms
35ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js

Requested by

Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: W/"3db78dddb0e62e1c5a4e475fcf6ccf9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: DUS51-P2
cf-ray: 6ddf19e88d98693d-FRA
x-amz-cf-id: tx8-HjpNBZYOM7nAb8xdIaiAoI5AsTPBG7PGGxSDMtHwY4ZI2Ie4Qg==

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.astroclient.net/attachments/app/js/ 87 KB
32 KB 212ms
168ms Script
application/javascript 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/js/jquery-3.6.0.min.js
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:14 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b8836-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TN3CPZdTeXP%2F5SpmYwhRmdm1jCKCYtZEvBTwBPnUh7nM%2FrfqL6GZI8DWA4LTbONvns3ZH9JyyBfttC6SyvLEzYxiFt%2Ffwf%2BAyBhgb%2BsrTgoA5KNJtoCimmLtFAi0SCx0D4kBQi0eTcjUAX2nsYdRSzZM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ddf19e8b88100ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 svg-loader.js Show response
cdn.astroclient.net/attachments/app/js/utils/ 58 KB
18 KB 189ms
145ms Script
application/javascript 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/js/utils/svg-loader.js
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4230f170b63c4429e8c8f629611bb57f91ceb3e91e3548bc7512eec3e416891b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:16 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b8838-e96f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iJm8YFqh%2BrYj8JX7AebcYc%2FLBQcPdtEynKQSFf7m6VuV%2F1p87H17fubdhpP9hWXa7KQkyqOFcXBAXJG65DmTcFWo7rEG9yOJVoH3L3ZlpaEoKRnLNl9%2BvFwIb6QqWSkIrzyXHlEkRmr9dJHS%2BpYpqRh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ddf19e8b88300ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 landing.tabs.js Show response
cdn.astroclient.net/attachments/app/js/landing/ 286 B
811 B 157ms
114ms Script
application/javascript 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/js/landing/landing.tabs.js
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c54107590597a42c09422549cd47e29f8d11c78d8eef7e6822db1e858cae7619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Feb 2022 11:02:15 GMT
server: cloudflare
etag: W/"11e-5d80c77458ed7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv88b9VSzEPKZpXSgy%2FPoTnXOOlDjEOhVFdfkIzP76u5zxI1f0GROWY8RdrbOpHhmMbalg1qNX7gYbQ14O9Gos%2F9G8E5Jt7Er0lcDo816GmEVm8CUAkkE9USYXTjBiu2A26FncODUxARQ6QOjXIhfArr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-accel-version: 0.01
cache-control: max-age=14400
cf-ray: 6ddf19e8b88400ba-AMS

GET
H2 200 form.utils.js Show response
cdn.astroclient.net/attachments/app/js/form/ 5 KB
1 KB 159ms
116ms Script
application/javascript 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/js/form/form.utils.js
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 51a4526ac953de4d01f270406d9b94a0bc543c38b6727409d0ab40e07f451260

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:14 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b8836-121a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFkDPbfklDBEsBgMp0u%2BAy04NtZTH79w%2FLZmIwB5fufgCIlIpexQXPQOYbEydJypQQ16EBzTKjrFtG4p8IqhDV6bnrn5q4vTZjQ5n7%2BXZzMTY3MyeFw8MFBCNmC8Odz8qUfMWqV5VgQOBqc30InTTYTD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ddf19e8b88600ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 xm_plugins.min.js Show response
cdn.astroclient.net/attachments/app/js/vendor/ 46 KB
9 KB 222ms
179ms Script
application/javascript 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/js/vendor/xm_plugins.min.js
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:17 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b8839-b62b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lzSpV0ioK%2BsJMmHxZvYTOG3bHVIkJvnjK9dNANclOT8hlGFYVDCKWjv%2BuFCAgGLX0GmfhFhbo0cGXaVM9S96nE0tpP2pUn2w2wp%2F1aM4t8plkah9LL5FeV1ScUPuibQiTtfAQdyiHkS%2F1FsFyHi8HX2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ddf19e8b88c00ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.js Show response
cdn.astroclient.net/attachments/app/js/utils/ 5 KB
2 KB 170ms
127ms Script
application/javascript 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.astroclient.net/attachments/app/js/utils/app.js
Requested by: Host: microsoft-verify.dev-ely-delva.workers.dev
URL: https://microsoft-verify.dev-ely-delva.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 340db5c8ec2f5c3a20f0620043ce5145b6d2d583e8668733f9aec7a34c289616

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:02:16 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"620b8838-14a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8xFa0fVeXk%2FTA0oLSmnZnkpOPZb7gswi%2BiyGVrI7vNmvAZdqmVA9%2FO%2FISzT8FlgXDnPiaiJ3EuZNMN1xpsoRZu0qliDOLJLG9tCiEgDYj%2BWTyNX9GCQ9fm968ZIAmAwAh%2FPG%2B4xZLl96DKA3NqhS1CA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ddf19e8b88800ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
933 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap

Requested by

Host: cdn.astroclient.net
URL: https://cdn.astroclient.net/attachments/app/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.astroclient.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 13:56:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 14:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 14:07:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
610 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap

Requested by

Host: cdn.astroclient.net
URL: https://cdn.astroclient.net/attachments/app/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.astroclient.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 14:07:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 14:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 14:07:13 GMT

GET
H3 404 landing-background.jpg
cdn.astroclient.net/attachments/app/img/landing/ 0
0 176ms
96ms Image
text/html 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.astroclient.net/attachments/app/img/landing/landing-background.jpg
Requested by: Host: cdn.astroclient.net
URL: https://cdn.astroclient.net/attachments/app/css/styles.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.astroclient.net/attachments/app/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 dot-texture.png
cdn.astroclient.net/attachments/app/img/landing/ 3 KB
3 KB 177ms
98ms Image
image/png 2606:4700:3031::ac43:8c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.astroclient.net/attachments/app/img/landing/dot-texture.png
Requested by: Host: cdn.astroclient.net
URL: https://cdn.astroclient.net/attachments/app/css/styles.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.astroclient.net/attachments/app/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2830
last-modified: Tue, 15 Feb 2022 11:02:57 GMT
server: cloudflare
etag: "620b8861-b0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCAotNgKzNePbJ94QCl0hTtbwHDwjtr8UwGbHXAy3h%2B25IsNLc5aVqrz5Sudvl64P84JGoFn6H4STENwJXfMFAiqUzapbtEOcGVyUVEstzpGIXeDh6ecyw2%2F%2B4w6vA53w5r9UE%2FyzOXB4%2F2Hg%2BjsVzlp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ddf19eb29573316-CDG

GET
H2 200 LDI2apCSOBg7S-QT7pb0EPOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 15 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pb0EPOreec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:02:12 GMT
x-content-type-options: nosniff
age: 497101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15084
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:02:12 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 10 KB
10 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:47:37 GMT
x-content-type-options: nosniff
age: 497976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10444
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:03:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:47:37 GMT

GET
H2 200 LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pa8FvOreec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:02:11 GMT
x-content-type-options: nosniff
age: 497102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:00:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:02:11 GMT

GET
H2 200 LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v14/ 15 KB
15 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v14/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-verify.dev-ely-delva.workers.dev
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:55:26 GMT
x-content-type-options: nosniff
age: 497507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:55:26 GMT

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame 32CF 2 KB
1 KB 48ms
36ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
content-type: text/html
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Iur2OT78CyWM6ZXLEdiTslSQ32Knnot-heZb3UOc-CI8CkQPxjLlXw==
age: 22358
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6ddf19eafb3f693d-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame 53EC 2 KB
1 KB 92ms
82ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-verify.dev-ely-delva.workers.dev/

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
content-type: text/html
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: FCruptqrt_GLFFruiHptHnbN8ct-JrPKaalDF6hU9n86s9mBHk5GCA==
age: 22358
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6ddf19eafb48693d-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame 32CF 208 KB
60 KB 35ms
23ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22360
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60785
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: "3f5cf3f58a9b58a4506ae9dd004186ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ac9a9db2e57fbe7ebe7ee8fc2d557856.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: MXP64-C3
accept-ranges: bytes
cf-ray: 6ddf19eb698d91dd-FRA
x-amz-cf-id: Rj5mEJFk3pKB-lU5X94VgyS5WjhWWtMRdCLceeHISpO_PtPCFZrF1A==

GET
H3 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame 53EC 151 KB
47 KB 29ms
29ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22360
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47886
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: "b88aa12fdb3081df3c3188598478f007"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 8279bca1d4905f7589e8a8f7d09741dc.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: MXP64-C3
accept-ranges: bytes
cf-ray: 6ddf19eb9a2c91dd-FRA
x-amz-cf-id: aLOOYUUxIS6Pof0i3p46xsQ2P21iUGarv3E1_ftf_7Fy2LxbrUSWiQ==

GET
DATA 200
OK truncated
/ Frame 53EC 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 53EC 508 B
860 B 72ms
71ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c70752dc0b1a62794e639cbe89c391f25a7012030f3864759a604cc1fc6ad058

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6ddf19ec3c4a91dd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 checksiteconfig
hcaptcha.com/ Frame 0
0 35ms
18ms Preflight 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=microsoft-verify.dev-ely-delva.workers.dev&sitekey=3fb3ecf4-1ca8-46e5-9296-66bdc2a7364f&sc=1&swa=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6ddf19ec1c008fd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/919a3f58/ Frame 32CF 919 KB
347 KB 28ms
28ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/919a3f58/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:07:13 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77123
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Feb 2022 16:35:39 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
cf-ray: 6ddf19ecbd9091dd-FRA
x-amz-cf-id: oPzwXlrZSDJUKMLveCVQt28wIuF-C8bxZRgtbn9qLmZz1Z6z_pEJwA==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.astroclient.net/attachments/app/img/landing/landing-background.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.astroclient.net
fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
js.hcaptcha.com
microsoft-verify.dev-ely-delva.workers.dev
newassets.hcaptcha.com
104.16.168.131
2606:4700:3031::ac43:8c45
2606:4700:3036::6815:ead
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
1f3dfe00e81b45548065aaacb397a32fa58f3b545b02bcea755a3a45e0372baf
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
340db5c8ec2f5c3a20f0620043ce5145b6d2d583e8668733f9aec7a34c289616
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
4230f170b63c4429e8c8f629611bb57f91ceb3e91e3548bc7512eec3e416891b
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
51a4526ac953de4d01f270406d9b94a0bc543c38b6727409d0ab40e07f451260
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5b3379039c4aaee2dbfae391bf1122c6d7efbc5801cd2dd8766a757a95ae3058
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
62c6c74587c73474bd1be49852129b88ff18560b10d3ea8c2f0327ef661dc78e
7023de19c54d3c70507920078ce7c123ccf3111de0e74f228dc3bfb6a86408b9
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
987c9561406b4a25c277655b0aeae2d91529627c0d4ac37399c3e285a63f8626
ac41782184a6c1f14bdc5c81e222821cb7a1e5a0fcdb4d37dc5bb31cf2d6224d
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
c54107590597a42c09422549cd47e29f8d11c78d8eef7e6822db1e858cae7619
c70752dc0b1a62794e639cbe89c391f25a7012030f3864759a604cc1fc6ad058
c751cf2a0ddbbfdd364ce99bf62f86b37c6f558c6c6ce8743c7be4589f6a7027
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

microsoft-verify.dev-ely-delva.workers.dev Open in urlscan Pro 2606:4700:3036::6815:ead Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

80 %IPv6

5 Domains

7 Subdomains

6 IPs

3 Countries

683 kBTransfer

2058 kBSize

0 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

microsoft-verify.dev-ely-delva.workers.dev Open in urlscan Pro
2606:4700:3036::6815:ead Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

683 kB
Transfer

2058 kB
Size

0
Cookies

27 HTTP transactions
1 data transactions