urlscan.io logo urlscan.io
SecurityTrails logo

fra1.digitaloceanspaces.com Open in urlscan Pro
5.101.109.44  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u22036286.ct.sendgrid.net/ls/click?upn=jyAdlTWXP6VE2WS5GowUtITiTxe63Y4h0Fg5fkvcADjPUnG9zzJ5ZFWNvuWqjgWlCqypwGjMlXBcPPbtrOR...
Effective URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Submission: On June 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 32 HTTP transactions. The main IP is 5.101.109.44, located in United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fra1.digitaloceanspaces.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 17th 2021. Valid for: a year.
This is the only time fra1.digitaloceanspaces.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
2 3 199.188.201.122 22612 (NAMECHEAP...)
1 199.188.200.47 22612 (NAMECHEAP...)
3 5.101.109.44 14061 (DIGITALOC...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2 50.87.150.0 46606 (UNIFIEDLA...)
2 192.229.221.185 15133 (EDGECAST)
15 2620:1ec:29::42 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 40.126.31.137 8075 (MICROSOFT...)
32 12
1    167.89.123.16 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u22036286.ct.sendgrid.net
3    199.188.201.122 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server281-2.web-hosting.com
qghmpmuk.pj3nre4rffwe.currentuioeu.xyz
1    199.188.200.47 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server239-2.web-hosting.com
dax-ossupportinteract.work
3    5.101.109.44 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)
fra1.digitaloceanspaces.com
4    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
2    50.87.150.0 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.petrodealkw.com
dancevida.com
2    192.229.221.185 (United States)

ASN15133 (EDGECAST, US)
logincdn.msauth.net
15    2620:1ec:29::42 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    40.126.31.137 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
Domain Requested by
15 aadcdn.msauth.net fra1.digitaloceanspaces.com
login.microsoftonline.com
4 stackpath.bootstrapcdn.com fra1.digitaloceanspaces.com
3 fra1.digitaloceanspaces.com dax-ossupportinteract.work
fra1.digitaloceanspaces.com
3 qghmpmuk.pj3nre4rffwe.currentuioeu.xyz 2 redirects
2 ajax.googleapis.com fra1.digitaloceanspaces.com
2 logincdn.msauth.net fra1.digitaloceanspaces.com
2 dancevida.com 1 redirects fra1.digitaloceanspaces.com
1 login.microsoftonline.com fra1.digitaloceanspaces.com
1 cdnjs.cloudflare.com fra1.digitaloceanspaces.com
1 use.fontawesome.com fra1.digitaloceanspaces.com
1 dax-ossupportinteract.work qghmpmuk.pj3nre4rffwe.currentuioeu.xyz
1 u22036286.ct.sendgrid.net 1 redirects
32 12

This site contains no links.

Subject Issuer Validity Valid
dax-ossupportinteract.work
Sectigo RSA Domain Validation Secure Server CA		 2021-05-11 -
2022-05-11		 a year crt.sh
*.fra1.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-17 -
2022-04-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.dancevida.com
R3		 2021-06-03 -
2021-09-01		 3 months crt.sh
identitycdn.msauth.net
DigiCert SHA2 Secure Server CA		 2021-05-13 -
2022-05-13		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2021-04-07 -
2022-04-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-24 -
2021-08-16		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2021-06-04 -
2022-06-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Frame ID: 0B5042D4B42711686A078C64E5D89863
Requests: 18 HTTP requests in this frame

Frame: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: D14FA0AB7BAFC5DBDC6DEF6B76064791
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u22036286.ct.sendgrid.net/ls/click?upn=jyAdlTWXP6VE2WS5GowUtITiTxe63Y4h0Fg5fkvcADjPUnG9zzJ5ZFWNvuWqjgW... HTTP 302
    http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz//mimioqmq. HTTP 301
    http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq Page URL
  2. http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq?en=aHR0cHM6Ly9kYXgtb3NzdXBwb3J0aW50ZXJhY3Qud29yay90eXdqaC5rc3VxLyNj... HTTP 302
    https://dax-ossupportinteract.work/tywjh.ksuq/ Page URL
  3. https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Page Statistics

32
Requests

97 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

819 kB
Transfer

1806 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u22036286.ct.sendgrid.net/ls/click?upn=jyAdlTWXP6VE2WS5GowUtITiTxe63Y4h0Fg5fkvcADjPUnG9zzJ5ZFWNvuWqjgWlCqypwGjMlXBcPPbtrORYOXbOKOO4MyHYE-2F8J989mZNNwHEvuHMix9n4K5pXwsmfjAdNZeWQqtgf04Vo6WRN-2Bow1mf8HP2t1pobPsbNSquQK9TX8MVINUry27zCjIlOh2lg-2FOO0K-2Bie-2FQ98x6EC4ESQBrGn9iUeLBrh1dLk7G6Uo-3DQlVR_MiY8LvWduXB5E-2FXMqHkJku2aeZQLOhQEk8FxRhS1WtrOVrNmHBF-2FzFkOSUiX-2BYpqIrvMoGsUPhpPqc-2BIXGm0gaBnmIY3HsKR-2FmWa4-2F7ERLKA4O1wztiSanrDrw9kz9z6M-2BbDv4NGsXbWDFIkmPSlRk368kGW-2FcEF3zQVvtt478YyJdFeakbC5SoCQCSMD9Xq8JVCV-2F5cbgPqVyqMez3wY47NzGJkjXgfst0n44G-2FGJo-3D HTTP 302
    http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz//mimioqmq. HTTP 301
    http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq Page URL
  2. http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq?en=aHR0cHM6Ly9kYXgtb3NzdXBwb3J0aW50ZXJhY3Qud29yay90eXdqaC5rc3VxLyNjb25yYWRfbWlja2xleUBqYWJpbC5jb20= HTTP 302
    https://dax-ossupportinteract.work/tywjh.ksuq/ Page URL
  3. https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u22036286.ct.sendgrid.net/ls/click?upn=jyAdlTWXP6VE2WS5GowUtITiTxe63Y4h0Fg5fkvcADjPUnG9zzJ5ZFWNvuWqjgWlCqypwGjMlXBcPPbtrORYOXbOKOO4MyHYE-2F8J989mZNNwHEvuHMix9n4K5pXwsmfjAdNZeWQqtgf04Vo6WRN-2Bow1mf8HP2t1pobPsbNSquQK9TX8MVINUry27zCjIlOh2lg-2FOO0K-2Bie-2FQ98x6EC4ESQBrGn9iUeLBrh1dLk7G6Uo-3DQlVR_MiY8LvWduXB5E-2FXMqHkJku2aeZQLOhQEk8FxRhS1WtrOVrNmHBF-2FzFkOSUiX-2BYpqIrvMoGsUPhpPqc-2BIXGm0gaBnmIY3HsKR-2FmWa4-2F7ERLKA4O1wztiSanrDrw9kz9z6M-2BbDv4NGsXbWDFIkmPSlRk368kGW-2FcEF3zQVvtt478YyJdFeakbC5SoCQCSMD9Xq8JVCV-2F5cbgPqVyqMez3wY47NzGJkjXgfst0n44G-2FGJo-3D HTTP 302
  • http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz//mimioqmq. HTTP 301
  • http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq
Request Chain 1
  • http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq?en=aHR0cHM6Ly9kYXgtb3NzdXBwb3J0aW50ZXJhY3Qud29yay90eXdqaC5rc3VxLyNjb25yYWRfbWlja2xleUBqYWJpbC5jb20= HTTP 302
  • https://dax-ossupportinteract.work/tywjh.ksuq/
Request Chain 4
  • https://dancevida.com/css/app.css HTTP 302
  • https://dancevida.com/cgi-sys/suspendedpage.cgi

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mimioqmq
qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/
Redirect Chain
  • https://u22036286.ct.sendgrid.net/ls/click?upn=jyAdlTWXP6VE2WS5GowUtITiTxe63Y4h0Fg5fkvcADjPUnG9zzJ5ZFWNvuWqjgWlCqypwGjMlXBcPPbtrORYOXbOKOO4MyHYE-2F8J989mZNNwHEvuHMix9n4K5pXwsmfjAdNZeWQqtgf04Vo6WRN-...
  • http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz//mimioqmq.
  • http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq
631 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq
Protocol
HTTP/1.1
Server
199.188.201.122 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server281-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
25b3c558bd8aa5520d20d866dc651cbc943e6a87c73de2ee865216662c543c53

Request headers

Host
qghmpmuk.pj3nre4rffwe.currentuioeu.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<http://currentuioeu.xyz/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache
miss
content-length
371
content-encoding
gzip
vary
Accept-Encoding
date
Thu, 17 Jun 2021 18:32:31 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Redirect headers

content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-redirect-by
WordPress
location
http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq
x-litespeed-cache
miss
content-length
0
date
Thu, 17 Jun 2021 18:32:31 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
/
dax-ossupportinteract.work/tywjh.ksuq/
Redirect Chain
  • http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq?en=aHR0cHM6Ly9kYXgtb3NzdXBwb3J0aW50ZXJhY3Qud29yay90eXdqaC5rc3VxLyNjb25yYWRfbWlja2xleUBqYWJpbC5jb20=
  • https://dax-ossupportinteract.work/tywjh.ksuq/
739 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dax-ossupportinteract.work/tywjh.ksuq/
Requested by
Host: qghmpmuk.pj3nre4rffwe.currentuioeu.xyz
URL: http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.47 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server239-2.web-hosting.com
Software
Apache /
Resource Hash
686cce3b90277d02e375c997c8c9d371c3913599dcf17c84b6b14999a1fff129

Request headers

:method
GET
:authority
dax-ossupportinteract.work
:scheme
https
:path
/tywjh.ksuq/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qghmpmuk.pj3nre4rffwe.currentuioeu.xyz/mimioqmq#aHR0cHM6Ly9kYXgtb3NzdXBwb3J0aW50ZXJhY3Qud29yay90eXdqaC5rc3VxLyNjb25yYWRfbWlja2xleUBqYWJpbC5jb20=

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
server
Apache
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://dax-ossupportinteract.work/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8

Redirect headers

content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
link
<http://currentuioeu.xyz/wp-json/>; rel="https://api.w.org/"
location
https://dax-ossupportinteract.work/tywjh.ksuq/#conrad_mickley@jabil.com
x-litespeed-cache
miss
content-length
371
content-encoding
gzip
vary
Accept-Encoding
date
Thu, 17 Jun 2021 18:32:31 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
Primary Request mine.html
fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Requested by
Host: dax-ossupportinteract.work
URL: https://dax-ossupportinteract.work/tywjh.ksuq/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.109.44 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
9f42db7a0ffb92d9302cea38e569c801bc64839dff3fb5b69642996ef5e2a141
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
fra1.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://dax-ossupportinteract.work/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dax-ossupportinteract.work/

Response headers

content-length
19789
accept-ranges
bytes
last-modified
Wed, 16 Jun 2021 07:32:23 GMT
x-rgw-object-type
Normal
etag
"83e56d314f13773a5dc4ed0000ebe210"
x-amz-request-id
tx00000000000000017ad52-0060cb9540-15045084-fra1b
content-type
text/html
date
Thu, 17 Jun 2021 18:32:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617, 617, 617, 718
age
7507627
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abcd81af600000eaf60093000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
36625b6181d7cc595cfbeb084ba09421
cf-ray
660e5c718e4c0eaf-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.6.1/css/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 17:44:03 GMT
server
NetDNA-cache/2.2
etag
W/"b8085bf2c839791244bd95f56fb93c01"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
suspendedpage.cgi
dancevida.com/cgi-sys/
Redirect Chain
  • https://dancevida.com/css/app.css
  • https://dancevida.com/cgi-sys/suspendedpage.cgi
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dancevida.com/cgi-sys/suspendedpage.cgi
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.150.0 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.petrodealkw.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location
https://dancevida.com/cgi-sys/suspendedpage.cgi
date
Thu, 17 Jun 2021 18:32:32 GMT
server
Apache
content-length
231
content-type
text/html; charset=iso-8859-1
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
logincdn.msauth.net/16.000.28543.10/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/16.000.28543.10/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6B) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
1690797
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Thu, 02 Apr 2020 02:39:29 GMT
server
ECAcc (frc/8F6B)
etag
0x8D7D6AF114B65DE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8b3f02e4-001e-004e-5546-54e3c9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
aadcdn.msauth.net/ests/2.1/content/images/ 		513 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
gzip
content-md5
TjUQkZ0p0Y7rbj6LJofS9Q==
x-cache
TCP_HIT
content-length
276
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D64101494758DF
x-azure-ref
0QJXLYAAAAACfKoDu7/iaQ66XrAKoDd63TE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
85379f5d-c01e-0067-559d-63a45f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jun 2022 18:14:53 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617
age
7507627
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abcd81afc00000eaf3db6c000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c09643fe5f66f0f81b285d0c584892e6
cf-ray
660e5c718e4f0eaf-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
5979181
cdn-cachedat
2021-04-07 13:21:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abcd81af600000eaf6a9cc000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c90ac78648583f1cd8a1ef5170e3799b
cf-ray
660e5c718e540eaf-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7507213
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27433
cf-request-id
0abcd81af6000018e5988d9000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fLBeQEY2R5DZmpZO03GkdZkkkSC8UWVOuwfkt1yHCmUvL0OMumNizOz2TW5eTvDtDGlqOft%2F%2BJDzfCVkNaVRaGOUq14SlUV%2FdKBV6ur20tcFxCE%2B4qV91nzWIKLAO1OaZFU%2FmvQHTalAmkJFOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
660e5c718ec018e5-FRA
expires
Tue, 07 Jun 2022 18:32:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jun 2022 18:18:40 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 718
age
7507469
cdn-cachedat
2021-03-11 11:57:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abcd81af700000eaf3b35d000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
48f4598378fe1b699fcee6ac68d6cc25
cf-ray
660e5c718e580eaf-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.session.min.js
fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/jquery.session.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.109.44 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
fra1.digitaloceanspaces.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Connection
keep-alive
Referer
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:32 GMT
content-length
274
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
x-amz-request-id
tx00000000000000014445f-0060cb9540-1504662d-fra1b
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/xml
Cookie set logout.srf
login.microsoftonline.com/ Frame D14F 		442 KB
122 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.137 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48816ebba08a67e2d1ee9d8be4981c050e183dc821d3c1e51e6bf73b116bed68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Host
login.microsoftonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fra1.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fra1.digitaloceanspaces.com/

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Length
122455
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control
on
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
2dfc2082-5fec-4694-8c1f-b3e01c534a00
x-ms-ests-server
2.1.11829.4 - WEULR2 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Set-Cookie
SignInStateCookie=CAgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-ufzIFPfVKZiH8W7q8hzy5e8aX84Iimsr8oLqW4qUa7sjdRJL819XenAMNkUpnjUVfPuy7igrIDQ; path=/; secure; HttpOnly; SameSite=None ESTSSSOTILES=1; expires=Tue, 17-Jun-2031 18:32:32 GMT; path=/; secure; SameSite=None AADSSOTILES=1; expires=Tue, 17-Jun-2031 18:32:32 GMT; path=/; secure; HttpOnly; SameSite=None ESTSAUTHPERSISTENT=AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-_7Uzjkn8U6d17jeZWcvmvSvIXcs6-uubim5TK-G3lGHVLtFMB34pvyUTw49B582PlC7T8QhAT-A; domain=.login.microsoftonline.com; expires=Wed, 15-Sep-2021 18:32:32 GMT; path=/; secure; HttpOnly; SameSite=None ESTSAUTH=AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P_NCHWJEKsRUkywpL6FxY1XgYgp3grhHiXVOrffOJLi8Vdcr3_oBnVIofxbeKWfaNdc5NgF9ALVBg; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None ESTSAUTHLIGHT=+; path=/; secure; SameSite=None ch=gRKnoWfkjgv4o3d3Xc0iAa4VHEMi_ZK2YpyYCnKAt-Q; domain=.login.microsoftonline.com; expires=Wed, 15-Sep-2021 18:32:32 GMT; path=/; secure; SameSite=None ESTSSC=00; path=/; secure; HttpOnly; SameSite=None buid=AQABAAEAAAD--DLA3VO7QrddgJg7WevrpqUVuNNlJAieHZ69ktb3qdKZOVvRMEmBWINrgRK-J9AaTj7VsjwbXpGsKjA_tVMD2NuTniZcihsV3d_7d-00vsBKE7wVl8W9jxaLWxnUCLggAA; expires=Sat, 17-Jul-2021 18:32:32 GMT; path=/; secure; HttpOnly; SameSite=None fpc=AhMhsc8P2mlAilfmlc-b5Bc; expires=Sat, 17-Jul-2021 18:32:32 GMT; path=/; secure; HttpOnly; SameSite=None esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrprRIiRf9yZHXdo25BxUMMI-GkQHZWv2gPoCFb8e1cb7kx6yqy7sHE8-2UKGobWgW0w_BVsOqV9-He4qQ84io7Dt0l_6TmBsCS32AM6sSBaUriLCeFXQGZn2KDX65IAfjiC9EJOrSMuMsveEMfA4U2izjaZBy3dBgAv7Ku0hj7C8gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Referrer-Policy
strict-origin-when-cross-origin
Date
Thu, 17 Jun 2021 18:32:32 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9abab0b217d4a65f16b3a0ecc5b0dd87595ef96fda07c4746f0dc5e52785060d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
logincdn.msauth.net/16.000.28543.10/content/images/backgrounds/ 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/16.000.28543.10/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FEA) /
Resource Hash
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

Referer
https://fra1.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-md5
pdvUOT/2pyXH5ith335y8A==
age
6558058
x-cache
HIT
content-length
283351
x-ms-lease-status
unlocked
last-modified
Thu, 02 Apr 2020 02:39:23 GMT
server
ECAcc (frc/8FEA)
etag
0x8D7D6AF0DADBF37
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
82c5dec2-601e-0058-2e01-28ba20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
jquery.session.min.js
fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/jquery.session.min.js
Requested by
Host: fra1.digitaloceanspaces.com
URL: https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.109.44 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
fra1.digitaloceanspaces.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
Connection
keep-alive
Referer
https://fra1.digitaloceanspaces.com/ahr0chm6ly9hbgzyzwridxjnzxnzlm9yzy93cc1pbmnsdwrlcy9ulnboca/mine.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:32:33 GMT
content-length
274
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
x-amz-request-id
tx000000000000000162a9a-0060cb9541-150434c6-fra1b
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/xml
truncated
/ Frame D14F 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame D14F 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-md5
E4vO5iT6BO+bdehiEan+DQ==
x-cache
TCP_HIT
content-length
3006
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8371EEEF67
x-azure-ref
0QZXLYAAAAABJ+jPDsPAkRrmsq5q5CT9OTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f3d5336a-601e-0015-0d8e-63005b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo.png
aadcdn.msauth.net/ests/2.1/content/images/ Frame D14F 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-md5
7ZyesNzhfXUr7eprWs2m2Q==
x-cache
TCP_HIT
content-length
1057
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6410154FDA7D4
x-azure-ref
0QZXLYAAAAAC8HVlQcTfFS6tGNoqXOVTCTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a1f02c83-f01e-0014-586f-632b59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame D14F 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-md5
GWPGsZJrdzmG9T+ETOTDLg==
x-cache
TCP_HIT
content-length
1487
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B837521207F
x-azure-ref
0QZXLYAAAAADdq3ARwHO5S5MeYvTWbwdjTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1c02745e-801e-004f-7976-636d7d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame D14F 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-md5
D3K1lQYA8k5/mmBLGG85RQ==
x-cache
TCP_HIT
content-length
1335
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373FBB9F9
x-azure-ref
0QZXLYAAAAAD+hPGEElJDTbczVEfUH/qmTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
e4f93c90-301e-0060-13a0-637551000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_3zlkpclf4l68eyz7vju1hg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame D14F 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_3zlkpclf4l68eyz7vju1hg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-encoding
gzip
content-md5
zQmm8Vi1m2yItGui5AtwPg==
x-cache
TCP_HIT
content-length
19743
x-ms-lease-status
unlocked
last-modified
Wed, 26 May 2021 00:48:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D91FDFF47AAE1D
x-azure-ref
0QZXLYAAAAAADTx4Y5kMjRKAQ6nAHUoXYTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
eb071ca4-801e-0063-1c2b-620857000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame D14F 		0
40 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-encoding
gzip
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:12:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D70FBDD97
x-azure-ref
0QZXLYAAAAABNyCWzLuAiQ7oNIBBKI7hxTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
178ddd14-601e-0039-5b93-636571000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
aad.login.min_7qwvysvxexrf4y0kjqhznw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame D14F 		0
44 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_7qwvysvxexrf4y0kjqhznw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:33 GMT
content-encoding
gzip
content-md5
dHBclXou2thhI7SDX9CaYQ==
x-cache
TCP_HIT
content-length
44648
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 22:57:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8E4E111A5CE5C
x-azure-ref
0QZXLYAAAAADvKNqbIoYORKPnYhJR6UjiTE9OMjFFREdFMTUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f889508d-901e-0046-68a8-621e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame D14F 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-md5
E4vO5iT6BO+bdehiEan+DQ==
x-cache
TCP_HIT
content-length
3006
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8371EEEF67
x-azure-ref
0RpXLYAAAAACHIYHl9AZqQZ8HJnmBELsKTE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f3d5336a-601e-0015-0d8e-63005b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo.png
aadcdn.msauth.net/ests/2.1/content/images/ Frame D14F 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-md5
7ZyesNzhfXUr7eprWs2m2Q==
x-cache
TCP_HIT
content-length
1057
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6410154FDA7D4
x-azure-ref
0RpXLYAAAAABpcuAHggafT6inWPP7uDFxTE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a1f02c83-f01e-0014-586f-632b59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame D14F 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-md5
GWPGsZJrdzmG9T+ETOTDLg==
x-cache
TCP_HIT
content-length
1487
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B837521207F
x-azure-ref
0RpXLYAAAAADl0E62ul4BT7dtYqgUcCbnTE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1c02745e-801e-004f-7976-636d7d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame D14F 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-md5
D3K1lQYA8k5/mmBLGG85RQ==
x-cache
TCP_HIT
content-length
1335
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373FBB9F9
x-azure-ref
0RpXLYAAAAAAY/ezoDVZpTpoVV6ptXXDRTE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
e983deae-101e-008e-64a2-63c23b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_3zlkpclf4l68eyz7vju1hg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame D14F 		106 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_3zlkpclf4l68eyz7vju1hg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b069d7c6785364c39c38fc7e92c949c466aa7fd3986fd7d7e9d35cc280dbac82

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-encoding
gzip
content-md5
zQmm8Vi1m2yItGui5AtwPg==
x-cache
TCP_HIT
content-length
19743
x-ms-lease-status
unlocked
last-modified
Wed, 26 May 2021 00:48:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D91FDFF47AAE1D
x-azure-ref
0RpXLYAAAAADPejpY6lnaSZuffLNPlztPTE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
40d9e908-101e-0026-4aa3-635c4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame D14F 		117 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-encoding
gzip
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:12:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D70FBDD97
x-azure-ref
0RpXLYAAAAABcnwQ/9E9IRrxtkbPsTuU3TE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
178ddd14-601e-0039-5b93-636571000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
aad.login.min_7qwvysvxexrf4y0kjqhznw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame D14F 		178 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_7qwvysvxexrf4y0kjqhznw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dde7c3dbbba5f1aaf66b1efa158fe5a71d09ef8a771dd8ba5e9ba1ab2f91cf71

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 17 Jun 2021 18:32:38 GMT
content-encoding
gzip
content-md5
dHBclXou2thhI7SDX9CaYQ==
x-cache
TCP_HIT
content-length
44648
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 22:57:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8E4E111A5CE5C
x-azure-ref
0RpXLYAAAAABcs/5lJKtpS49QfEb89oFGTE9OMjFFREdFMDExOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f889508d-901e-0046-68a8-621e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap object| jQuery1124003912475855595754 function| redirectCU function| redirectKK string| email object| PASS object| PASSX object| PASSY object| displayName object| Tombol1 object| Tombol2 object| Tombol3

13 Cookies

Domain/Path Name / Value
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: buid
Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrpqUVuNNlJAieHZ69ktb3qdKZOVvRMEmBWINrgRK-J9AaTj7VsjwbXpGsKjA_tVMD2NuTniZcihsV3d_7d-00vsBKE7wVl8W9jxaLWxnUCLggAA
login.microsoftonline.com/ Name: AADSSOTILES
Value: 1
login.microsoftonline.com/ Name: ESTSSC
Value: 00
.login.microsoftonline.com/ Name: ch
Value: gRKnoWfkjgv4o3d3Xc0iAa4VHEMi_ZK2YpyYCnKAt-Q
login.microsoftonline.com/ Name: ESTSAUTHLIGHT
Value: +
.login.microsoftonline.com/ Name: ESTSAUTH
Value: AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P_NCHWJEKsRUkywpL6FxY1XgYgp3grhHiXVOrffOJLi8Vdcr3_oBnVIofxbeKWfaNdc5NgF9ALVBg
.login.microsoftonline.com/ Name: ESTSAUTHPERSISTENT
Value: AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-_7Uzjkn8U6d17jeZWcvmvSvIXcs6-uubim5TK-G3lGHVLtFMB34pvyUTw49B582PlC7T8QhAT-A
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrprRIiRf9yZHXdo25BxUMMI-GkQHZWv2gPoCFb8e1cb7kx6yqy7sHE8-2UKGobWgW0w_BVsOqV9-He4qQ84io7Dt0l_6TmBsCS32AM6sSBaUriLCeFXQGZn2KDX65IAfjiC9EJOrSMuMsveEMfA4U2izjaZBy3dBgAv7Ku0hj7C8gAA
login.microsoftonline.com/ Name: fpc
Value: AhMhsc8P2mlAilfmlc-b5Bc
login.microsoftonline.com/ Name: ESTSSSOTILES
Value: 1
login.microsoftonline.com/ Name: SignInStateCookie
Value: CAgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-ufzIFPfVKZiH8W7q8hzy5e8aX84Iimsr8oLqW4qUa7sjdRJL819XenAMNkUpnjUVfPuy7igrIDQ

2 Console Messages

Source Level URL
Text
console-api log URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392(Line 121)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392(Line 124)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
ajax.googleapis.com
cdnjs.cloudflare.com
dancevida.com
dax-ossupportinteract.work
fra1.digitaloceanspaces.com
login.microsoftonline.com
logincdn.msauth.net
qghmpmuk.pj3nre4rffwe.currentuioeu.xyz
stackpath.bootstrapcdn.com
u22036286.ct.sendgrid.net
use.fontawesome.com
167.89.123.16
192.229.221.185
199.188.200.47
199.188.201.122
23.111.9.35
2606:4700::6810:135e
2606:4700::6812:acf
2620:1ec:29::42
2a00:1450:4001:803::200a
40.126.31.137
5.101.109.44
50.87.150.0
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
25b3c558bd8aa5520d20d866dc651cbc943e6a87c73de2ee865216662c543c53
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
48816ebba08a67e2d1ee9d8be4981c050e183dc821d3c1e51e6bf73b116bed68
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
686cce3b90277d02e375c997c8c9d371c3913599dcf17c84b6b14999a1fff129
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
9abab0b217d4a65f16b3a0ecc5b0dd87595ef96fda07c4746f0dc5e52785060d
9f42db7a0ffb92d9302cea38e569c801bc64839dff3fb5b69642996ef5e2a141
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e
b069d7c6785364c39c38fc7e92c949c466aa7fd3986fd7d7e9d35cc280dbac82
dde7c3dbbba5f1aaf66b1efa158fe5a71d09ef8a771dd8ba5e9ba1ab2f91cf71
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea