urlscan.io logo urlscan.io
SecurityTrails logo

aadinternals.com Open in urlscan Pro
185.199.109.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://o365blog.com/post/phishing//
Effective URL: https://aadinternals.com/post/phishing/
Submission: On April 13 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 31 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is aadinternals.com. The Cisco Umbrella rank of the primary domain is 989985.
TLS certificate: Issued by R3 on March 9th 2024. Valid for: 3 months.
This is the only time aadinternals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.50.2.26 8075 (MICROSOFT...)
22 185.199.109.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
31 7
1    20.50.2.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o365blog.com
22    185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
aadinternals.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
22 aadinternals.com
aadinternals.com — Cisco Umbrella Rank: 989985
1 MB
2 gstatic.com
fonts.gstatic.com
67 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1153
72 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
96 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 o365blog.com
o365blog.com
480 B
31 8
Domain Requested by
22 aadinternals.com aadinternals.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.youtube.com aadinternals.com
2 maxcdn.bootstrapcdn.com aadinternals.com
maxcdn.bootstrapcdn.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com aadinternals.com
1 fonts.googleapis.com aadinternals.com
1 o365blog.com 1 redirects
31 8
Subject Issuer Validity Valid
aadinternals.com
R3		 2024-03-09 -
2024-06-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://aadinternals.com/post/phishing/
Frame ID: 616B5620A5EA95A2520DCCA45CE72EB3
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Yz4zjD3EUUg
Frame ID: 347DB04FC18FFED77FA73D29B0F4DD6E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FX20qa58TEQ
Frame ID: B699CF25C52AE598AA830F207084B977
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Introducing a new phishing technique for compromising Office 365 accounts

Page URL History Show full URLs

  1. https://o365blog.com/post/phishing// HTTP 301
    https://aadinternals.com/post/phishing/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

1414 kB
Transfer

1688 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://o365blog.com/post/phishing// HTTP 301
    https://aadinternals.com/post/phishing/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aadinternals.com/post/phishing/
Redirect Chain
  • https://o365blog.com/post/phishing//
  • https://aadinternals.com/post/phishing/
48 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
4bb087e28a17243cf561d3a414901612d42d5a5633d738688969dbdfd24173db
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
12196
content-type
text/html; charset=utf-8
date
Sat, 13 Apr 2024 06:02:14 GMT
etag
W/"65b34dce-be27"
expires
Sat, 13 Apr 2024 06:12:14 GMT
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
be71126ddad78ca20ea0dcd1c0be345cac5b63f3
x-github-request-id
EC5C:21BD59:84C89C:87FEF1:661A1FE4
x-proxy-cache
MISS
x-served-by
cache-mad22054-MAD
x-timer
S1712988135.635725,VS0,VE146

Redirect headers

Content-Length
0
Date
Sat, 13 Apr 2024 06:02:14 GMT
Location
https://aadinternals.com/post/phishing/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b7fe828decc07f24ab19c7e017da0dedb2c71e1647594f3ddeb6072d743147f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 06:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 06:02:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 06:02:14 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:02:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1047
age
2630470
cdn-cachedat
10/31/2023 18:58:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
636c547408716b12e0429001e52d27d0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
87393f02c80a1c7e-AMS
cdn-requestpullsuccess
True
style.css
aadinternals.com/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadinternals.com/css/style.css
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
77c55f475d59cc954e035ab86d4b47c236ef23fdd880ef57723c162347558d22
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
753e200e31ede22136cf7d6206b0558bd1617d4d
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Apr 2024 06:02:14 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
5250
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
54B2:2ADBDE:4E51540:4FE3DB7:661A1FE6
x-timer
S1712988135.835402,VS0,VE120
etag
W/"65b34dce-550c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:14 GMT
scripts.js
aadinternals.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadinternals.com/js/scripts.js
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
9300c5d77122bc84923ec654e3ff94c0e49e7ce0a983da5f4ef46ffb1a76db21
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
6963f061882973ed22ddd18cbd2942687984a8ce
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Apr 2024 06:02:14 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
2350
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
69E8:2EABCE:5E64FCC:603870F:661A1FE5
x-timer
S1712988135.835374,VS0,VE150
etag
W/"65b34dce-19af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:14 GMT
tools.js
aadinternals.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadinternals.com/js/tools.js
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
6b30e196a75dc7b156cfb0b4900924699955157428fd3102dff6a650cc0d9cb4
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
71c7282bd84b75fbb86f78a9d3f4ca84d3602f17
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Apr 2024 06:02:14 GMT
age
0
x-cache
MISS
x-cache-hits
0
x-proxy-cache
MISS
content-length
2344
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
E28C:2E1AC4:73E241A:761362B:661A1FE5
x-timer
S1712988135.835350,VS0,VE131
etag
W/"65b34dce-1a2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:14 GMT
js
www.googletagmanager.com/gtag/ 		281 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3XCVLYZKDW
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a6d116f0054a04f35c1730b8f3276e57d11e6d705899491678c70e3548a958d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:02:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97469
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Apr 2024 06:02:15 GMT
favicon-128.png
aadinternals.com/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/favicon-128.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
6d46ff5ced4d9818c7fbc2df3902efb87335c9a4931bd9a0461f2aca9a5f0571
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
a4d695364c59aa15b149ea43b871fc8aef3a60a0
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:14 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
16568
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
98CC:2F31DB:6431DBA:6628306:661A1FE6
x-timer
S1712988135.835331,VS0,VE143
etag
"65b34dce-40b8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:14 GMT
phishing.png
aadinternals.com/images/posts/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
027a19b2a6dbaf1ab44ff33b22cf99be3e3ec88ac2e6a384f749a1a4dc42380e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
2d4407e9658ffb5c925a91b3880f1acfde9e18a6
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:14 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
28672
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
3D5E:28FCD1:20A7B39:215339A:661A1FE5
x-timer
S1712988135.835318,VS0,VE127
etag
"65b34dce-7000"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:14 GMT
phishing_4.png
aadinternals.com/images/posts/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_4.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
e341a7359373d2630ac7c7d636f34b011be8ef1de55178645053ca0d6ebb0410
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
b4efc3752705d3356133d4ba87fd7b9ce69274a6
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
57932
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
7AC8:2F31DB:6431DDB:6628339:661A1FE6
x-timer
S1712988135.031182,VS0,VE143
etag
"65b34dce-e24c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_2.png
aadinternals.com/images/posts/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_2.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
b60014f66d676ed727b3736abc7ae0d313e332e59edbc47c7b840234ee4cbc34
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
3ff3a3f6cd7331d7dc16381fd56ef23d136efdb6
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
80232
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
4946:2E1AC4:73E2448:761365C:661A1FE5
x-timer
S1712988135.063939,VS0,VE166
etag
"65b34dce-13968"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_3.png
aadinternals.com/images/posts/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_3.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
ba053b2cdb5e7b3c58b7aa13f50dd2472281716ba3a189277fe5585937c5c5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
582dfbdd86548a2866a9164205227dc5fc67e19b
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
64450
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
54B2:2ADBDE:4E5156B:4FE3DEB:661A1FE6
x-timer
S1712988135.066414,VS0,VE135
etag
"65b34dce-fbc2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_5.png
aadinternals.com/images/posts/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_5.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
9f4612a9ac9bff520a8f55b7ee5c80e22b664574432c5d20a54e26c01037bc3e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
66ede26a5866eafbd68cdb1328aaf712e036dc19
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
10659
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
E488:2ADBDE:4E5156B:4FE3DEC:661A1FE4
x-timer
S1712988135.066869,VS0,VE166
etag
"65b34dce-29a3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_6.png
aadinternals.com/images/posts/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_6.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
428bb03e9258bbd2e978bbab13d2ebf16485eb75c733f36a91d63c9f0d9a3058
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
289511c07b2f12e6c03fdef13a8bc7795d7359a5
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
15674
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
E798:20EFDC:4549942:46B35DA:661A1FE5
x-timer
S1712988135.066832,VS0,VE139
etag
"65b34dce-3d3a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_7.png
aadinternals.com/images/posts/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_7.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
df66ad6feb32a053765a77839866980024aace3a09f302ac00341782d7dc9b3b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
18dbd68745e8175239760b650ae4d704b339cdf8
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
110790
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
E566:353B0D:22D4445:238827D:661A1FE4
x-timer
S1712988135.067148,VS0,VE137
etag
"65b34dce-1b0c6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_8.png
aadinternals.com/images/posts/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_8.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
c8621d6c1e831bf4c043a362ebe48fb78c6d4595295a3091bd43471dae57b7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
898ea406d3c663dff1d901e52ce20b1c9d0f5979
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
120214
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
DFC4:20EFDC:4549943:46B35DD:661A1FE4
x-timer
S1712988135.067150,VS0,VE153
etag
"65b34dce-1d596"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_9.png
aadinternals.com/images/posts/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_9.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
c22a570a4e8af27bebe79cce8f3c5ef8b5d97be36c29b8aedf12a247cec8a490
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
7fe0f476a2fc75b1f63caeb70e9491eee24c9fbe
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
122595
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
484A:2D5720:99DE019:9C86522:661A1FE6
x-timer
S1712988135.067121,VS0,VE125
etag
"65b34dce-1dee3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_11.png
aadinternals.com/images/posts/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_11.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
7bbb03b771ea226309b4f45f358cf8043bef439f1b5ff10c35a0de1cb1d52cdf
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
2484ad2b512d602fc0806722f97f04850c5a0d1a
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
32757
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
BD9E:2D5720:99DE019:9C86523:661A1FE5
x-timer
S1712988135.067107,VS0,VE131
etag
"65b34dce-7ff5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_12.png
aadinternals.com/images/posts/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_12.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
c0da08b4bb82a82c234f63d4b79ef6cafbcf8a1a18dfdaca9c9a42c5159e2848
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
0f7657611df936a319cefebbb94fbc793d4b2677
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
12843
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
6566:3299C2:9FC9B68:A27D707:661A1FE5
x-timer
S1712988135.067088,VS0,VE165
etag
"65b34dce-322b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_13.png
aadinternals.com/images/posts/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_13.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
45e8f92a78fd9981bfd79b205cbd582cd090e16cafd65cddbdbc86da7b907b76
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
32ded490c86e5d9fa3c5e9a2ea315175a1338303
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
9069
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
AF50:2E1AC4:73E244E:7613663:661A1FE6
x-timer
S1712988135.080246,VS0,VE175
etag
"65b34dce-236d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
phishing_10.png
aadinternals.com/images/posts/ 		456 KB
456 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/posts/phishing_10.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
33bfcf5ae5547312debe2d2589048daed49b9c312ca710ae0c1f2e79eaad44da
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
fe2f7943b82e75a209b505af02e9830519eca0c3
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
466839
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
EC5C:21BD59:84C8FA:87FF5F:661A1FE6
x-timer
S1712988135.080233,VS0,VE172
etag
"65b34dce-71f97"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:15 GMT
tags.png
aadinternals.com/images/ 		497 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/tags.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
c3131355e1eeb5e99fe72db43a3831db3062b1e247e767b340f73fa3194f8675
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
dad8387583586c940207316d57dfc783cf92ff46
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
497
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
3D5E:28FCD1:20A7B6E:21533DA:661A1FE6
x-timer
S1712988135.080199,VS0,VE150
etag
"65b34dce-1f1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
nestori.jpg
aadinternals.com/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/nestori.jpg
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
61586cbbcc687dd7ce79c4ea7e8c8beaae47def1ab2f1fec360a321152968d75
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
84272be95477f3e2c36bbcfd95db560d22f36861
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
24850
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
9F48:2D5720:99DE01C:9C86528:661A1FE5
x-timer
S1712988135.080190,VS0,VE167
etag
"65b34dce-6112"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 13 Apr 2024 06:12:15 GMT
CC-BY.png
aadinternals.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadinternals.com/images/CC-BY.png
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
018dc4838bd15f1536b0eda139f51e9ff3f9bc5d
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
1283
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
194A:3058D7:8A705F3:8CF3CA6:661A1FE6
x-timer
S1712988135.080168,VS0,VE130
etag
"65b34dce-503"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:15 GMT
Yz4zjD3EUUg
www.youtube.com/embed/ Frame 347D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Yz4zjD3EUUg
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://aadinternals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 06:02:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
FX20qa58TEQ
www.youtube.com/embed/ Frame B699 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/FX20qa58TEQ
Requested by
Host: aadinternals.com
URL: https://aadinternals.com/post/phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://aadinternals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 06:02:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://aadinternals.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 00:50:53 GMT
x-content-type-options
nosniff
age
364282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 00:50:53 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://aadinternals.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
1781225
cdn-cachedat
10/31/2023 18:48:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
81c84065739a96db754ceb5e78b2d1d8
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
87393f04588d96ec-AMS
cdn-requestpullsuccess
True
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://aadinternals.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 22:36:25 GMT
x-content-type-options
nosniff
age
26750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19280
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 22:36:25 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3XCVLYZKDW&gtm=45je44a0v896809897za200&_p=1712988135034&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=969218564.1712988135&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712988135&sct=1&seg=0&dl=https%3A%2F%2Faadinternals.com%2Fpost%2Fphishing%2F&dt=Introducing%20a%20new%20phishing%20technique%20for%20compromising%20Office%20365%20accounts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=844
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3XCVLYZKDW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 06:02:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aadinternals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-32x32.png
aadinternals.com/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadinternals.com/images/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
0578b8280e95d1b295e22cbd550e73e88ec9389b390a220ab877846c044da149
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aadinternals.com/post/phishing/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
836cdf0e68fbdbce9170ce468cf73c7c23708017
strict-transport-security
max-age=31556952
date
Sat, 13 Apr 2024 06:02:15 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
2103
x-served-by
cache-mad22054-MAD
last-modified
Fri, 26 Jan 2024 06:14:38 GMT
server
GitHub.com
x-github-request-id
8402:2D6D5F:4E631DF:4FEBA92:661A1FE5
x-timer
S1712988136.653991,VS0,VE119
etag
"65b34dce-837"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Sat, 13 Apr 2024 06:12:15 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| responsiveNav function| showMessage function| hideMessage function| getRealm function| createSmartLink function| byteArrayToBase64 function| parseByte function| parseGuid function| Base64ToByteArray function| parseHex function| parseBase64 function| isGuid function| guidToB64 function| b64ToGuid function| addDomain function| addTenantInfo function| updateTenantInfo function| clearTenantInfo function| clickTenantInfo function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
.o365blog.com/ Name: ARRAffinity
Value: b6777da42b95278e8e369f881d7917d2f8f38da1a536b17839030d7a0abc079b
.o365blog.com/ Name: ARRAffinitySameSite
Value: b6777da42b95278e8e369f881d7917d2f8f38da1a536b17839030d7a0abc079b
.youtube.com/ Name: YSC
Value: 1mOZT7BkRW0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 7ykxvzPgnz8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJOTBIIEgQSAgsMIGU%3D
.aadinternals.com/ Name: _ga_3XCVLYZKDW
Value: GS1.1.1712988135.1.0.1712988135.0.0.0
.aadinternals.com/ Name: _ga
Value: GA1.1.969218564.1712988135

33 Console Messages

Source Level URL
Text
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aadinternals.com/post/phishing/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadinternals.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
o365blog.com
region1.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.18.11.207
185.199.109.153
20.50.2.26
2001:4860:4802:32::36
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
027a19b2a6dbaf1ab44ff33b22cf99be3e3ec88ac2e6a384f749a1a4dc42380e
0578b8280e95d1b295e22cbd550e73e88ec9389b390a220ab877846c044da149
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
33bfcf5ae5547312debe2d2589048daed49b9c312ca710ae0c1f2e79eaad44da
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
428bb03e9258bbd2e978bbab13d2ebf16485eb75c733f36a91d63c9f0d9a3058
45e8f92a78fd9981bfd79b205cbd582cd090e16cafd65cddbdbc86da7b907b76
4bb087e28a17243cf561d3a414901612d42d5a5633d738688969dbdfd24173db
5b7fe828decc07f24ab19c7e017da0dedb2c71e1647594f3ddeb6072d743147f
61586cbbcc687dd7ce79c4ea7e8c8beaae47def1ab2f1fec360a321152968d75
6a6d116f0054a04f35c1730b8f3276e57d11e6d705899491678c70e3548a958d
6b30e196a75dc7b156cfb0b4900924699955157428fd3102dff6a650cc0d9cb4
6d46ff5ced4d9818c7fbc2df3902efb87335c9a4931bd9a0461f2aca9a5f0571
77c55f475d59cc954e035ab86d4b47c236ef23fdd880ef57723c162347558d22
7bbb03b771ea226309b4f45f358cf8043bef439f1b5ff10c35a0de1cb1d52cdf
9300c5d77122bc84923ec654e3ff94c0e49e7ce0a983da5f4ef46ffb1a76db21
9f4612a9ac9bff520a8f55b7ee5c80e22b664574432c5d20a54e26c01037bc3e
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
b60014f66d676ed727b3736abc7ae0d313e332e59edbc47c7b840234ee4cbc34
ba053b2cdb5e7b3c58b7aa13f50dd2472281716ba3a189277fe5585937c5c5e5
c0da08b4bb82a82c234f63d4b79ef6cafbcf8a1a18dfdaca9c9a42c5159e2848
c22a570a4e8af27bebe79cce8f3c5ef8b5d97be36c29b8aedf12a247cec8a490
c3131355e1eeb5e99fe72db43a3831db3062b1e247e767b340f73fa3194f8675
c8621d6c1e831bf4c043a362ebe48fb78c6d4595295a3091bd43471dae57b7b3
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df66ad6feb32a053765a77839866980024aace3a09f302ac00341782d7dc9b3b
e341a7359373d2630ac7c7d636f34b011be8ef1de55178645053ca0d6ebb0410
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995