urlscan.io logo urlscan.io
SecurityTrails logo

www.miamivalleygolf.org Open in urlscan Pro
65.17.207.36  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Submission: On October 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 10 HTTP transactions. The main IP is 65.17.207.36, located in United States and belongs to DATAPIPE, US. The main domain is www.miamivalleygolf.org.
TLS certificate: Issued by R11 on September 12th 2024. Valid for: 3 months.
This is the only time www.miamivalleygolf.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 65.17.207.36 14492 (DATAPIPE)
1 2a04:4e42:200... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 2620:1ec:a92:... 8068 (MICROSOFT...)
3 2603:1026:300... 8075 (MICROSOFT...)
1 2620:1ec:bdf::64 8075 (MICROSOFT...)
1 131.153.147.106 19437 (SS-ASH)
10 6
2    65.17.207.36 (United States)

ASN14492 (DATAPIPE, US)
www.miamivalleygolf.org
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2620:1ec:a92::156 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.office.com
3    2603:1026:3000:150::a (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    131.153.147.106 (Ashburn, United States)

ASN19437 (SS-ASH, US)
PTR: wghp6.wghservers.com
colorchart.chromax-mcr.com
Apex Domain
Subdomains		 Transfer
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9
2 office.com
www.office.com — Cisco Umbrella Rank: 3340
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
23 KB
2 miamivalleygolf.org
www.miamivalleygolf.org
32 KB
1 chromax-mcr.com
colorchart.chromax-mcr.com
28 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 860
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
30 KB
10 7
Domain Requested by
3 login.microsoftonline.com www.miamivalleygolf.org
2 www.office.com 2 redirects
2 cdn.jsdelivr.net www.miamivalleygolf.org
2 www.miamivalleygolf.org
1 colorchart.chromax-mcr.com www.miamivalleygolf.org
1 aadcdn.msauth.net www.miamivalleygolf.org
1 code.jquery.com www.miamivalleygolf.org
10 7

This site contains no links.

Subject Issuer Validity Valid
www.miamivalleygolf.org
R11		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-09-03 -
2025-03-03		 6 months crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-07-30 -
2025-07-30		 a year crt.sh
colorchart.chromax-mcr.com
R11		 2024-10-02 -
2024-12-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Frame ID: 65CD40060C34753C70758F25835E9D31
Requests: 7 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=QICmYelYVSV_qkipUTFvqfrm5ndbSDzaCC8UFXTog4gqY1rSbETKZtit1chtfeABmLNZ5LUNwFGQ_0S85JUNhGQCKocr2YPCEDUhXyZd9ChH60dChY9tqC3RVS-IiJKI&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Frame ID: C3F8460266324940969325890B5AC455
Requests: 1 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=2Sfj20OQSTXFuN-OiezXWKGgMbPPyoZEWzUoi-yzOY1_FsanmioTXAozq9xLwdYK07ktNbXZU_GgTEYS4alKP4U8QPsFltRNqqg1s9IulWgpYlTLoLl_jGE3CPzzLCda&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Frame ID: 9A47FB14AD7A86FD50A02DBB2A45B148
Requests: 1 HTTP requests in this frame

Frame: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: A72F077D3993DEA9649FFAD459CC0A54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your Microsoft account

Detected technologies

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

10
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

114 kB
Transfer

319 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.office.com/estslogout?ru=/ HTTP 302
  • https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=QICmYelYVSV_qkipUTFvqfrm5ndbSDzaCC8UFXTog4gqY1rSbETKZtit1chtfeABmLNZ5LUNwFGQ_0S85JUNhGQCKocr2YPCEDUhXyZd9ChH60dChY9tqC3RVS-IiJKI&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Request Chain 4
  • https://www.office.com/estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F HTTP 302
  • https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=2Sfj20OQSTXFuN-OiezXWKGgMbPPyoZEWzUoi-yzOY1_FsanmioTXAozq9xLwdYK07ktNbXZU_GgTEYS4alKP4U8QPsFltRNqqg1s9IulWgpYlTLoLl_jGE3CPzzLCda&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request final.html
www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/ 		109 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
65.17.207.36 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
/
Resource Hash
424851554781bc429cfbeb126d3876971d43dc36ebfa2cd4d46dd0839f1595fd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
27976
Content-Type
text/html
Date
Thu, 17 Oct 2024 19:09:37 GMT
ETag
"eecd62544220db1:0"
Last-Modified
Thu, 17 Oct 2024 03:11:59 GMT
Server
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.miamivalleygolf.org/

Response headers

content-encoding
gzip
etag
W/"28feccc0-152b5"
age
3311893
x-cache
HIT, HIT
date
Thu, 17 Oct 2024 19:09:38 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
93, 50838
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230082-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729192178.248897,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30070
server
nginx
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@11/dist/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4e0d4f8500b542ee49d15641769a2d23add3f66a2f9c5b5ff39b5327f65132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.miamivalleygolf.org/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"5d90-fbybk4pRRt1JVTJHUdqueFNTZwg"
age
37233
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=osbUp7uI8yL8d9bflMcnB7o2fu4e7HY0o4Q2c%2FekAnduYcUcJ44tFOae%2FKEzc8BTdl8F8BbL5OZMCiUEgYe8w3E1PEo54yPX9S%2B2U495ItA0oAcQqyCp96LhqwKkt8XwZIZn%2BUxC%2FoN9NKJ3pCI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, MISS
date
Thu, 17 Oct 2024 19:09:38 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230038-FRA, cache-lga21959-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d42958a0b06dc4f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4039
server
cloudflare
x-jsd-version
11.14.2
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@11/dist/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e36e8ecb15119ebb0680316d36d7781eaddb6057cdd0032db7c4c77dccd91b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.miamivalleygolf.org/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"114dc-6hWvqfNdTC65MPYgCPMkMQb0wJQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPpaVD4gTzkGJkuD1DORRXDbW3kKU5mO%2B49tAwKM7W27cmLL4CWaHEYJI6u3eGAQYUfjx0KsD1lSi2wZzRovnW01PY%2BdgWkbB6xeZUjgeGzh5FCWG5HdRGfHEpx61YhmFfLdUSdSoLiNQz0uwq8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 17 Oct 2024 19:09:38 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-lga21981-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d42958a0b0bdc4f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18338
server
cloudflare
x-jsd-version
11.14.3
logout
login.microsoftonline.com/common/oauth2/ Frame C3F8
Redirect Chain
  • https://www.office.com/estslogout?ru=/
  • https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=QICmYelYVSV_qkipUTFvqfrm5ndbSDzaCC8UFXTog4gqY1rSbETKZtit1chtfeABmLNZ5LUNwFGQ_0S...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=QICmYelYVSV_qkipUTFvqfrm5ndbSDzaCC8UFXTog4gqY1rSbETKZtit1chtfeABmLNZ5LUNwFGQ_0S85JUNhGQCKocr2YPCEDUhXyZd9ChH60dChY9tqC3RVS-IiJKI&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.miamivalleygolf.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
11571
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 19:09:37 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.19131.5 - WEULR1 ProdSlices
x-ms-request-id
f0fb8ec4-54d7-4483-8146-5fb3e4e88a00
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

cache-control
no-cache
content-encoding
gzip
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 19:09:37 GMT
location
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=QICmYelYVSV_qkipUTFvqfrm5ndbSDzaCC8UFXTog4gqY1rSbETKZtit1chtfeABmLNZ5LUNwFGQ_0S85JUNhGQCKocr2YPCEDUhXyZd9ChH60dChY9tqC3RVS-IiJKI&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
request-context
appId=
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: CD97DD3F3BE24912BF8E781495C1669A Ref B: AMS231032602031 Ref C: 2024-10-17T19:09:38Z
x-ua-compatible
IE=edge,chrome=1
x-xss-protection
1; mode=block
logout
login.microsoftonline.com/common/oauth2/ Frame 9A47
Redirect Chain
  • https://www.office.com/estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F
  • https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=2Sfj20OQSTXFuN-OiezXWKGgMbPPyoZEWzUoi-yzOY1_FsanmioTXAozq9xLwdYK07ktNbXZU_GgTEY...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=2Sfj20OQSTXFuN-OiezXWKGgMbPPyoZEWzUoi-yzOY1_FsanmioTXAozq9xLwdYK07ktNbXZU_GgTEYS4alKP4U8QPsFltRNqqg1s9IulWgpYlTLoLl_jGE3CPzzLCda&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.miamivalleygolf.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
11575
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 19:09:37 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.19131.5 - FRC ProdSlices
x-ms-request-id
a2fa7e90-b77d-403f-9b3e-9377e39e1c00
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

cache-control
no-cache
content-encoding
gzip
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 19:09:37 GMT
location
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=2Sfj20OQSTXFuN-OiezXWKGgMbPPyoZEWzUoi-yzOY1_FsanmioTXAozq9xLwdYK07ktNbXZU_GgTEYS4alKP4U8QPsFltRNqqg1s9IulWgpYlTLoLl_jGE3CPzzLCda&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
request-context
appId=
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: AC0F9314F37B4561B195D211E2F8DFB6 Ref B: AMS231032602031 Ref C: 2024-10-17T19:09:38Z
x-ua-compatible
IE=edge,chrome=1
x-xss-protection
1; mode=block
logout.srf
login.microsoftonline.com/ Frame A72F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.miamivalleygolf.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
11163
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 19:09:37 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-ms-ests-server
2.1.19184.6 - NEULR1 ProdSlices
x-ms-request-id
b73fcd16-2d7d-4d0b-b99e-800827ec3600
x-ms-srs
1.P
x-xss-protection
0
microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png
aadcdn.msauth.net/ests/2.1/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.miamivalleygolf.org/

Response headers

x-cache-info
L1_T2
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D641015620C409
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Thu, 17 Oct 2024 19:09:38 GMT
content-type
image/png
last-modified
Fri, 02 Nov 2018 20:25:31 GMT
cache-control
public, max-age=604800
x-ms-request-id
43f146af-a01e-004d-63a7-200cba000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
1057
x-azure-ref
20241017T190938Z-17d475c956frn9dve38uwrntk800000005ng000000016rrn
x-ms-blob-type
BlockBlob
lighter_blurred_onedrive_screenshot.jpeg
colorchart.chromax-mcr.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colorchart.chromax-mcr.com/lighter_blurred_onedrive_screenshot.jpeg
Requested by
Host: www.miamivalleygolf.org
URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.147.106 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
wghp6.wghservers.com
Software
Apache /
Resource Hash
7cb7b65e4dccfaf2bda178588c73bcc6cd120c5bea1dd69c725632c163b729ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.miamivalleygolf.org/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
28251
Keep-Alive
timeout=5, max=100
Date
Thu, 17 Oct 2024 19:09:38 GMT
Last-Modified
Wed, 16 Oct 2024 23:42:10 GMT
Content-Type
image/jpeg
Server
Apache
favicon.ico
www.miamivalleygolf.org/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.miamivalleygolf.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
65.17.207.36 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
/
Resource Hash
b3e066d05ae18a4c0d4a9fadd8bdcfc6f591e045958ffe80ce0845b2be1cf3fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html

Response headers

ETag
"0f7c1cfda6fda1:0"
Accept-Ranges
bytes
Content-Length
4286
Date
Thu, 17 Oct 2024 19:09:38 GMT
Content-Type
image/x-icon
Last-Modified
Wed, 06 Mar 2024 15:27:34 GMT
Server
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal

14 Cookies

Domain/Path Name / Value
www.office.com/ Name: OH.DCAffinity
Value: OH-weu
www.office.com/ Name: OH.SID
Value: 760c99e3-7266-4118-a7da-a1b043465c4a
www.office.com/ Name: OH.FLID
Value: 540409e6-c62a-4fe5-94a0-7fc4d036e510
login.microsoftonline.com/ Name: ESTSSSOTILES
Value: 1
login.microsoftonline.com/ Name: AADSSOTILES
Value: 1
login.microsoftonline.com/ Name: ESTSAUTHLIGHT
Value: +
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: SignInStateCookie
Value: CAgABFgIAAADW6jl31mB3T7ugrWTT8pFeAwDs_wUA9P8LQvGyQdq_YwZje6f1ydmJ4zdu5OZIT5nyCzOmo3PXkWQeDSAXDk9E8u9a5n6h75hnvtL_RBF_9A
.login.microsoftonline.com/ Name: ESTSAUTHPERSISTENT
Value: AgABFwQAAADW6jl31mB3T7ugrWTT8pFeAwDs_wUA9P9S2mzfrlQuNgrqvjpZ84-RxhOnsqFAK4bwJA07Zar2RIA2NMJfZGUw7hUG8k_4NUFB4SAzkKjv6g
.login.microsoftonline.com/ Name: ESTSAUTH
Value: AgABFwQAAADW6jl31mB3T7ugrWTT8pFeAwDs_wUA9P_IbNWWC3n5WBoRk2tXyoqURQ6dxHOojf731za5ZoEA074BM9frl9WAuQ8g49X9_ubiU-AIVeOkTQ
login.microsoftonline.com/ Name: buid
Value: AQABGgEAAADW6jl31mB3T7ugrWTT8pFe1mSFo40T5_nH29f9Z6KLr5cqKgTNiFOCpayAylwDENyIe1X_u4ckECzScX5eFavsWsua7W4u3YRdEgLmWFmpumEexbkPHOBmc9U1J5E84yUgAA
login.microsoftonline.com/ Name: fpc
Value: AjoJQojc8KBLqPWf4Ihyn0k
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe65Aa72V3Heu2Gqhx_cgmQwBprqWc_xSq-0k-w86QZLHTgPvdl716acADWIhJamoEJWvpxZr02ywb1MoMtIjtUGu-DQRy_C7rgTljElk9bDSvTCokgNkM8X7wHxPNOVq6kEBHNAWMdT8DLCitMMDj16T72IPZ5yucmn5KGLZe5OogAA

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.miamivalleygolf.org/_filelib/FileCabinet/__All_Files_2013_Foward/ERTYUIO/final.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN