ms-servers.drreddyss.com
Open in
urlscan Pro
172.67.128.22
Public Scan
Submitted URL: https://url.za.m.mimecastprotect.com/s/6id0CpgVyghxBrpBiPf7CG38uN?domain=u24957986.ct.sendgrid.net
Effective URL: https://ms-servers.drreddyss.com/
Submission: On September 18 via manual from IN — Scanned from DE
Effective URL: https://ms-servers.drreddyss.com/
Submission: On September 18 via manual from IN — Scanned from DE
Summary
This website contacted 6 IPs
in 4 countries
across 7 domains to perform 17 HTTP transactions.
The main IP is 172.67.128.22, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is ms-servers.drreddyss.com.
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.
This is the only time ms-servers.drreddyss.com was scanned on urlscan.io!
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.
This is the only time ms-servers.drreddyss.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 4 4 | 41.74.192.103 41.74.192.103 | 37235 (MimecastSA) (MimecastSA) | |
| 2 2 | 167.89.118.126 167.89.118.126 | 11377 (SENDGRID) (SENDGRID) | |
| 10 | 185.64.213.245 185.64.213.245 | 50152 (IMED) (IMED) | |
| 1 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
| 3 | 172.67.128.22 172.67.128.22 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
| 1 2 | 104.18.95.41 104.18.95.41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 104.18.94.41 104.18.94.41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 17 | 6 |
2
167.89.118.126
(Las Vegas, United States)
ASN11377 (SENDGRID, US)
PTR: o16789118x126.outbound-mail.sendgrid.net
ASN11377 (SENDGRID, US)
PTR: o16789118x126.outbound-mail.sendgrid.net
| u24957986.ct.sendgrid.net |
10
185.64.213.245
(United Kingdom)
ASN50152 (IMED, GB)
PTR: url.emailprotection.link
ASN50152 (IMED, GB)
PTR: url.emailprotection.link
| url.emailprotection.link |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
emailprotection.link
url.emailprotection.link — Cisco Umbrella Rank: 158892 |
400 KB |
| 4 |
mimecastprotect.com
4 redirects
url.za.m.mimecastprotect.com — Cisco Umbrella Rank: 654795 |
7 KB |
| 3 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 3407 |
16 KB |
| 3 |
drreddyss.com
ms-servers.drreddyss.com |
5 KB |
| 2 |
sendgrid.net
2 redirects
u24957986.ct.sendgrid.net |
565 B |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 808 |
31 KB |
| 1 |
web.app
servers90-ms365-docs-vs-encrypt.web.app |
770 B |
| 17 | 7 |
| Domain | Requested by | |
|---|---|---|
| 10 | url.emailprotection.link |
url.emailprotection.link
|
| 4 | url.za.m.mimecastprotect.com | 4 redirects |
| 3 | challenges.cloudflare.com |
1 redirects
ms-servers.drreddyss.com
challenges.cloudflare.com |
| 3 | ms-servers.drreddyss.com |
servers90-ms365-docs-vs-encrypt.web.app
ms-servers.drreddyss.com |
| 2 | u24957986.ct.sendgrid.net | 2 redirects |
| 1 | code.jquery.com |
ms-servers.drreddyss.com
|
| 1 | servers90-ms365-docs-vs-encrypt.web.app |
url.emailprotection.link
|
| 17 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.emailprotection.link GeoTrust TLS RSA CA G1 |
2024-07-11 - 2025-08-11 |
a year | crt.sh |
| web.app WR4 |
2024-07-26 - 2024-10-24 |
3 months | crt.sh |
| drreddyss.com WE1 |
2024-09-15 - 2024-12-14 |
3 months | crt.sh |
| *.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
| challenges.cloudflare.com WE1 |
2024-09-05 - 2024-12-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://ms-servers.drreddyss.com/
Frame ID: D84045C106348544AD790C463A5B0BCF
Requests: 16 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fjm72/0x4AAAAAAAj_rt2m65PC-idf/auto/fbE/normal/auto/
Frame ID: 1254B5D303E677DFE09FF3CCB40D3133
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
7ff0cabbdc4da0aceccb1d067540846b66ea8e4ee7c3fPage URL History Show full URLs
-
https://url.za.m.mimecastprotect.com/s/6id0CpgVyghxBrpBiPf7CG38uN?domain=u24957986.ct.sendgrid.net
HTTP 307
https://url.za.m.mimecastprotect.com/r/3tAGvb4BzMBHTqvXsDRrvcpd-Yb2kZ98w-1Bb3wiO2P6BN3-bjD-BHotExgkleguBjb2817JKg... HTTP 307
https://u24957986.ct.sendgrid.net/ls/click?upn=u001.aIUv4xIBfk3jkN5v2eEW3JgBYB0tFa3ahXM5kkk6hVRF0cC-2FCgwvW6px... HTTP 302
https://url.za.m.mimecastprotect.com/s/g2oICGZK3ZcLQrJjf7hwCBAZjY?domain=url.emailprotection.link HTTP 307
https://url.za.m.mimecastprotect.com/r/wGoZg9IA0HSZkOj-N3kG_53lP8xbbMaVPllPWEffN5yhhmguRfBnH5N48yC93n7pp1_jDvDdGk... HTTP 307
https://url.emailprotection.link/?bwen5nT6tVMn5XO-Z1kowGSzpsEfd9L2ZhhfOaAUCaj-1xF-rgOVuORZagzqCPoQLH4a3bPQSvw... Page URL
-
https://u24957986.ct.sendgrid.net/ls/click?upn=u001.aIUv4xIBfk3jkN5v2eEW3PO38xTrw7WdCZ9daVGOTxfgCmyDK3-2Bua9Rq...
HTTP 302
https://servers90-ms365-docs-vs-encrypt.web.app/sharedservers Page URL
- https://ms-servers.drreddyss.com/ Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://url.za.m.mimecastprotect.com/s/6id0CpgVyghxBrpBiPf7CG38uN?domain=u24957986.ct.sendgrid.net
HTTP 307
https://url.za.m.mimecastprotect.com/r/3tAGvb4BzMBHTqvXsDRrvcpd-Yb2kZ98w-1Bb3wiO2P6BN3-bjD-BHotExgkleguBjb2817JKgFvRe6h3c0SM_BDDQ5VaP120u6Yidm9zG-Ruf34x4b2PDnUq_kw4EGnmprow1xTJb2safEVKH8B658Ac9tO8HeGow_fuLjs4wDQl3ao1Bbtyr8k0h7axU30rQyeCmfPjoqR7GSh1qwmt3GsapM4sSexHKAjfnFw8KAWmDR5M-sDg4QY3PV-sisPE6GJWoEZpYRpmj8_XuN1-dD6PfMu4448ChEu4biGg00JgxeShjyqqN1KeNGz395023tSoHqARsZcv7AbacHNZDNRqR2gzPCN44jj13DOtCq3IkCQ53r8yO_-xb66o1xIpObaeL1PonAVlIMSmgpy7Y88i_Xkj94s_DoKIh47vgC6-MHZ4141mfF9xwB_ZJ9b-qcthaeW0J6S8PnTZskD2ayIzZCsBiQdz-P3q1gsHvYO9uCsvTWbMEkm1vQDTaw5orbq63WIX4UgWDz4hOtbSvlCDbMnuYqgi8jWs-gZ8QdHBVQ_O-RLYyeN1wowHU1DlhA7UOGuLlbXfUthD4BNyvizCsCFWgtwhavIUKWw6_-rXfsoNgzsEcnWpAKtdXnBOIvNSe6CAgmlC5sPXwHzjHN7OxfUYljLaMbgs_M1pmmsInOLVhLXgYVhwQ3JJByWrMmsHtdsNVXBRWtpIFyYnR9S0eBrNW4RdA_LcPlr4a71Rvxtt4dw9XYdP2YzCJf-YOabizWrpl-eQ_8RJB3xUc8-ZbIu1nhtcNG1FnDS-0NyRUjUoGkwr5JhaOVFzc4-ahbkQnY3u-y54MDFuwtn4XVUY5ZovgfuSe8IFbBEqisvifOgBpegxY0Yd685W6ncLG6BHz72Y1Ttp2bPTlSkn4ZmB2RDUvWK1CDOicOoV-rkqAFt6qGas6GRI_mQ3JH007B6fL3UcSICMpKPM25doHj9m__5l5-BwnWoQs9yBnE7xbV5SzccV6QuRBZSH_75FJiAwhJVKfpZWTp2LF8o7ss4ddnfW3FxvdkmgVjY_uuvqMEzZbDD6J-KBDOXp5jpdKXilznrF0FwzbQqbI2g5wFRwAWVF7rndu90Y1g3hvOCzMAAHjXiKRq1thi_6Ucm3-Cc5pHy7CEX9wcTdOboiXkelJxUzIjzQAvu0fLEV5RN04R2vvJJs4Sr4T-6oo4XsHxq1pJaf90THvBME_OjSMEOVtxjiycWyRBo2d4ms8Pt550WpqpV9diO9wEMrxa6xGXmJsJqfnOQaWf1ViTgxoLBnW6beTGOpjzhqd9C8iVp5GoU7kNgrapX7tdujUM1ZZ1t3fNxp4v-5-Ul1FIu-EKtyH64usljAGZCVJbBi721ASXtgEIjT7L6GX9VlKyScKkmU3rLv6lEw9JFGa20lzvDPfoGU00RTJrf5Wv1ZV9XgC5ShpqLNlqbBOExNREpT9cx9lRZP5XQy1CUnJ4Xw7-G7LrmibvHay0PdmDqI4K6DYWg4cHFbXbgZqK_LGO7_tYEMZ6NHecPKVlohA55KhVVsRR5-Qc8w4MK-UXyZh-BGDeOdzpL4p0cRYJo0gq8wlDV6ywtQ0ZKDEeJNQqwE1zxhI5ETyeDTHChgK-s_cZAnhjp4A8kZFxPced13mPkXKNH7xLRAGLCF3T7sghbZFlvjnNK6n2RvP1BKVJBAKsPT_VzIMgSppGexaH3UyotcV2BN1POw0DfDj0ESRLeu5seMCHf-k4q3nQDj2k2qNojZyBR5vPTBuyHSHh1rFnbYDcm258z2Y4rreW7ij1_21Xa8RpJ84yu_AGH5nf1v1mohmWgGP5UX7CPPRYXGqRWdqEdisZexvBXAaI5RnyC3xiJeHkw2GnHC-0_Y2bkxERyXMLUXVTuCVfzDxolbCldjlZZ4uohajccJEOdCTNHanvzJI-YWMNKzKqAfPq1xHqZ3ppKjdKIG22ttncCb6ej3LLuw6gURgwH2EL558klcSjsWA0mLq7KdTGqAcm_CFQgrusx8k2pj7IOi_SoXEf-sWUY-nXq9VGeHlNr5JyojOPG7_Zv4S8S5BuwEiPpBOU9LTA021m3IMXoDGwDhlgC9JBBCqftblK099K8EQZyRpTy70XwKROmbGSIPKSOniUj-azhxjKRnyd0UC_Q39-ov4Efuuj0Lrxux71wBvTl4zYIiezodotBiKATTcHxeb0rqgEzab_ebIefXNKvjuVu_KJXsYWxz5FQ9RQCKYXaMDYptDhar9bSfnHEHEG8aUqwQ1iq3HwRWI0HMtEgG0zUvi26RRSSmVCxx8WoTSXCmJLoNEj98WxP6s10yuyC7mFwne-xEIk6tg1m1YqjjQffHFkesh9Sxlcu7iJNxFMD9R53BNE5oImVr8_2meajLRqA2iLmNjvFJq-ILXwLtkc- HTTP 307
https://u24957986.ct.sendgrid.net/ls/click?upn=u001.aIUv4xIBfk3jkN5v2eEW3JgBYB0tFa3ahXM5kkk6hVRF0cC-2FCgwvW6pxq-2FLVlbNOlFeUReiBC3U6t11i0xSzmnDNcellmR808McL23IffyuOXD2Qg3xEyfk8ooAE3O3Q2RWq-2FDpwOdTLaUTa974QpA-3D-3Dx2PB_1c-2Bdm6xFAz1WX-2F6s41F6EF84pW5BwP9Xg65ahEhMwzjwNifn6hgDybhY-2BeECB06KfeT2XZKtaOds55oHTqxNk-2FXopmnf1UyyJ6ZDgT1VGjFagsceXjU2eEpPLx944-2BPF5wfWM2TKFK3gWy88sPNfZtJU0V1owYgjzKJ7gsRrxfL2Eo0CjY-2B6W3F8hoO1wIX-2FvG1BGZaVOLkHeDNmGmyY-2F33m1VtGuswM01d7W2UFub8-3D HTTP 302
https://url.za.m.mimecastprotect.com/s/g2oICGZK3ZcLQrJjf7hwCBAZjY?domain=url.emailprotection.link HTTP 307
https://url.za.m.mimecastprotect.com/r/wGoZg9IA0HSZkOj-N3kG_53lP8xbbMaVPllPWEffN5yhhmguRfBnH5N48yC93n7pp1_jDvDdGkEkIiQaBlOLgiCgIcE0SlbIqlljSWO7K8OmhxpvDoN48DCkaXljQwD_gFJVeUEqm6uny_0dBOpuI59gXc6n2L5Cr7i7IIrAbnwekw5it3pr5NK8sBcE65wedB6zq1ek72BJSLwSFQB4PzHwkoKXBOZbITDyChNO1RrgQcprtgMdWBJgKXe2ch6I9WC2tKfnBIlyY6ROzBntARA0DAElywsMkQlLcq231zmbryja1Orr6PntsjkZm_MG-Zg8_K9fW8zLszPOUiMEhNG15TbzMitmYlATmFVUZ2rVh3y5ngVrMI8K1HDDsQ8AbaEdj0OwXoDg_qfBLaf4S9ZdkE3r4r0z0l8nLGOFwq5NNktD6cWSIp_DNBrU65w5hKckB1Y5AIFydcH0__BBFCHtMXq6XOxArbfgIeVnQB1_GD3EZQlh90BcTFftfAeeJg62NVfa3lwLTwVOlgERDkTuMkw-s4vxGGPThQVFXvRpF-nDDpX53RX8JlmDX7kMBn9FQ3C11QumwSS-Z6isRAR1SvxO9fagDQxjaXhdje_WZ8VbS3kIrLit63i8i5cJAcobsCjfvKdWhxBEpdbTyIcAkmdvjtC10uOxRijM-OMZ0eFFFrrqYLdxy9OrFLBd7hdWK6KGHC2c4MFxSwHYdp56qZg9Sf-eBwXmbHJ5pfGSHvg1g3OuxZeNfu5Z1svCc8-Hcxbs8rkd3W4R8Xkw7SZ7LES9xeQkrxV91bXk2Jugl5r3rKG_81MrZnX0dJ_btYGmDaaUqkWwEvl1ZD8jD9_UsXTcYG7TJYuXSB66XMn6XkOJAcvstsu1RKXQEXJYJVXiiPaLG6JnGdc3vBW53HwMsc5JvrkCU4BZNStGttui7ECzkjSiZxIAygx3qza2ZeYVuPGFlcEAauGcHQDjcrSWsfFiQleziW9M8Vf0sb--EZHpXNDtztNVyoI_lAEP0O_0bcphunIgw99Y8D4swAyh1M8XGYlQZ_o2WBQ6OqWOVyfmRNRB2nBhXgYO0VhDbiscaCp6f3SXxJtD4GOYYNNWwAUX7zUuP6FkbpOjWlWjfmVR3VLS3fDGGZtLWAhq8LFVEkYe_Z30jV03akSjWjukdmaCeYYLPDr_q5pJB5vtWd3JsmgjVwen-fyy_o2uAKfef16nl9paPCGwpfFe3fZH2ebVNhX-Airjl1YkRpS8DIQNS2JnpBqQYsSwxJw1Jcw9z25nvMeCW5X6SRKFeAcy8cpz67wMaR1iG9oO8lb2gHynL1Ud4skiFQdEpiJU3FoPkM2Dx8_gB669DHKYnRYhAhKifwvqQsTM74fyILGYJlpWmeafdnTMMBEzWz3mg7JYrssk1P-zrnA8vsVZwmzep2L5l_NxpFGKyuvvkWLA4xBCLIq3lm91D7jm1q6JOsXdiEfVydBdEIzNtHttFsrqAtX-HzlIr_DbnZKCKFe6UPr6QPRA9ZFuHVDRuZmp0qtl8S_6qYrKMbbFZyE9jMgWSSBvIj5SfajyrdEzsnoeAiQruAq8QG2Yjd_LF07l4qeTU2okZogUBM10QI7WFfzUyuYn3kIVu4aqPMEEdFVaap7GQcgInCyGSZds9cfK54UTfyLrZDq3DNaa25O9rXX710G7t0Ub7hzxo8p_qSbDNmHX_LyQSJ201UcL5GY4tmMlanSbuUSrDfs3BHMvmI6SeuodZBBk3nhgXFm6dZLpvz8FVuXw9R5gNdi8pp4tRvwZw1uyUXdNJtimrigmVk-PxwN-M-oFWDutSTlGwvZC2En-EKELnsQMXDaz4L1CWGJXe3TiXQRlm75jg3WrNJUD1zKfDAOs7cB_v02rwOzdnayDv71szonkdbzfiLURlwU6kO-kNRTqLZJCSY018ybOe_jbPrj-zX79_6ibY5r3gAoxaOrEUTxVT90Dsyf67eo41Q_UZNdzkoglq9BXUV4MEawSlA1mVi3lm-xsd5GLLs3bwG1NPb04zQv6MuPYORA2vCvwC342EO2j0VvFi9U7GFc4ybbNXCpnrFLRkXhR6Yfb0aGvI5oSvl_0cA7Px1TbARrPNycgdFbpeBQdZeQ6iCI2it1QWb2zrPt60J7erQwDCRJ2aAzHuc0OR3PIElcLXbeJPWq35u2G3YuFOE2CLnxgeayXKymAV4Pqtcqb7O_W30CwtUYsDGCgE9Wm32iP1qaA7BAuxtAhbq4StNW72Unm-YUN1wP89J7lBhZ1k6YGsI1t3jZRD8nvXwfq9dn7Ss2E3BG50LVkNECn7Tof7V-0ae9LKvBAmZjz3kIbKAPos5ZSt6wD4oK3yvA_E3UHjdnYjEmOy-Hv9Ki0jVC2hSjGwr3g0Uhj2-PtaGJeTZRbNgIjCivHIhD7TZtnLiBTvBMU2Xj37xCzK0mbRTjYfR9_1xl6futVcUD8af_nQxwO228vdODKiGxrhyCoyoy6T5Ghupe2NtNaH3pI-acsJEhW5yxIHrXtYrSCE6IzNWMdq3JUFkxib782GRYqh6D9dUfsxT-Phsna_zYlG5knnYKXoOApVHidvnI7xWxpDuNHF_eyBHF7E_vIRg_25xrCJW_g-v4V8jMzAmHrCUAwpKI7_ACmc7RPHtPRYJOOaLMH66A1pl-s4dA5l2JI3QksQJgKIU7CaStvKbKbUwrgW6oMSlH8f4Rq_LzkvzFgx71RZrWwOV1X3YyiLujL HTTP 307
https://url.emailprotection.link/?bwen5nT6tVMn5XO-Z1kowGSzpsEfd9L2ZhhfOaAUCaj-1xF-rgOVuORZagzqCPoQLH4a3bPQSvwe7Da8cfAq6XNFhAkZZ_bNM1YZALp_DlPfI3H000A50kpx8Me8qsXE14zJFZEdA_R_vw9_2Le-GkM0EUQHDocObEEfCXTJ6Z57_xwZ_X4CoPpdadpRuEpf9hn-fT22oedZ7gUIGEHG2Nhtb--R5AYgxpUOcvqENQc5W5sUoeLihN3u-hGV9k2wlcVDB2bJmeuAs41h_rkzr1bZu1JyvUXLhMOzCRu3zHPLzOjo2BS7HgpCiUcnlTROhJNnkMCJlcEVJJd5yuvr3b3IJD5o17Y-5SyHzJE83q93CwurFSoxVk5JXDl-5tcE8oOf7qDzsQ8uvAz5MfnAPXkuy6HmjKTFvCQvcwdTqoP6_iCcKfzSyETHw3bWJzTq8MgJkYNfsb6IrtW8KLlh4UTWAo7LgazkG7SwNT_DSdgqwiD8sBoYYzP3c5m5ZDJ_K Page URL
-
https://u24957986.ct.sendgrid.net/ls/click?upn=u001.aIUv4xIBfk3jkN5v2eEW3PO38xTrw7WdCZ9daVGOTxfgCmyDK3-2Bua9RqiLmBVM84s5TPklTrQKh5-2FjX2I2m2xXVdyzXc1-2B4iztADEj6dcEs-3DnOVr_TgT0qvCz4ksRfNOaJekXkV2hZrgSP997R-2FO9nbwskYh8NG3Q1-2F-2B6jt9hoGi7VCrQgUpYfC2SbQlzytsY-2FmcitbwHqMoo54lJBNn8lWYvHbslwIxNl5AvlP-2BL442RkDU-2BRFaNN4pW0COjhMzYyM9WzvhJueDWjMowJwUptuC55eha-2F5Zj6jrAx4fa7wHjuZCXWufbnU6hdM5Dij3GEhk1Fw-3D-3D
HTTP 302
https://servers90-ms365-docs-vs-encrypt.web.app/sharedservers Page URL
- https://ms-servers.drreddyss.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://url.za.m.mimecastprotect.com/s/6id0CpgVyghxBrpBiPf7CG38uN?domain=u24957986.ct.sendgrid.net HTTP 307
- https://url.za.m.mimecastprotect.com/r/3tAGvb4BzMBHTqvXsDRrvcpd-Yb2kZ98w-1Bb3wiO2P6BN3-bjD-BHotExgkleguBjb2817JKgFvRe6h3c0SM_BDDQ5VaP120u6Yidm9zG-Ruf34x4b2PDnUq_kw4EGnmprow1xTJb2safEVKH8B658Ac9tO8HeGow_fuLjs4wDQl3ao1Bbtyr8k0h7axU30rQyeCmfPjoqR7GSh1qwmt3GsapM4sSexHKAjfnFw8KAWmDR5M-sDg4QY3PV-sisPE6GJWoEZpYRpmj8_XuN1-dD6PfMu4448ChEu4biGg00JgxeShjyqqN1KeNGz395023tSoHqARsZcv7AbacHNZDNRqR2gzPCN44jj13DOtCq3IkCQ53r8yO_-xb66o1xIpObaeL1PonAVlIMSmgpy7Y88i_Xkj94s_DoKIh47vgC6-MHZ4141mfF9xwB_ZJ9b-qcthaeW0J6S8PnTZskD2ayIzZCsBiQdz-P3q1gsHvYO9uCsvTWbMEkm1vQDTaw5orbq63WIX4UgWDz4hOtbSvlCDbMnuYqgi8jWs-gZ8QdHBVQ_O-RLYyeN1wowHU1DlhA7UOGuLlbXfUthD4BNyvizCsCFWgtwhavIUKWw6_-rXfsoNgzsEcnWpAKtdXnBOIvNSe6CAgmlC5sPXwHzjHN7OxfUYljLaMbgs_M1pmmsInOLVhLXgYVhwQ3JJByWrMmsHtdsNVXBRWtpIFyYnR9S0eBrNW4RdA_LcPlr4a71Rvxtt4dw9XYdP2YzCJf-YOabizWrpl-eQ_8RJB3xUc8-ZbIu1nhtcNG1FnDS-0NyRUjUoGkwr5JhaOVFzc4-ahbkQnY3u-y54MDFuwtn4XVUY5ZovgfuSe8IFbBEqisvifOgBpegxY0Yd685W6ncLG6BHz72Y1Ttp2bPTlSkn4ZmB2RDUvWK1CDOicOoV-rkqAFt6qGas6GRI_mQ3JH007B6fL3UcSICMpKPM25doHj9m__5l5-BwnWoQs9yBnE7xbV5SzccV6QuRBZSH_75FJiAwhJVKfpZWTp2LF8o7ss4ddnfW3FxvdkmgVjY_uuvqMEzZbDD6J-KBDOXp5jpdKXilznrF0FwzbQqbI2g5wFRwAWVF7rndu90Y1g3hvOCzMAAHjXiKRq1thi_6Ucm3-Cc5pHy7CEX9wcTdOboiXkelJxUzIjzQAvu0fLEV5RN04R2vvJJs4Sr4T-6oo4XsHxq1pJaf90THvBME_OjSMEOVtxjiycWyRBo2d4ms8Pt550WpqpV9diO9wEMrxa6xGXmJsJqfnOQaWf1ViTgxoLBnW6beTGOpjzhqd9C8iVp5GoU7kNgrapX7tdujUM1ZZ1t3fNxp4v-5-Ul1FIu-EKtyH64usljAGZCVJbBi721ASXtgEIjT7L6GX9VlKyScKkmU3rLv6lEw9JFGa20lzvDPfoGU00RTJrf5Wv1ZV9XgC5ShpqLNlqbBOExNREpT9cx9lRZP5XQy1CUnJ4Xw7-G7LrmibvHay0PdmDqI4K6DYWg4cHFbXbgZqK_LGO7_tYEMZ6NHecPKVlohA55KhVVsRR5-Qc8w4MK-UXyZh-BGDeOdzpL4p0cRYJo0gq8wlDV6ywtQ0ZKDEeJNQqwE1zxhI5ETyeDTHChgK-s_cZAnhjp4A8kZFxPced13mPkXKNH7xLRAGLCF3T7sghbZFlvjnNK6n2RvP1BKVJBAKsPT_VzIMgSppGexaH3UyotcV2BN1POw0DfDj0ESRLeu5seMCHf-k4q3nQDj2k2qNojZyBR5vPTBuyHSHh1rFnbYDcm258z2Y4rreW7ij1_21Xa8RpJ84yu_AGH5nf1v1mohmWgGP5UX7CPPRYXGqRWdqEdisZexvBXAaI5RnyC3xiJeHkw2GnHC-0_Y2bkxERyXMLUXVTuCVfzDxolbCldjlZZ4uohajccJEOdCTNHanvzJI-YWMNKzKqAfPq1xHqZ3ppKjdKIG22ttncCb6ej3LLuw6gURgwH2EL558klcSjsWA0mLq7KdTGqAcm_CFQgrusx8k2pj7IOi_SoXEf-sWUY-nXq9VGeHlNr5JyojOPG7_Zv4S8S5BuwEiPpBOU9LTA021m3IMXoDGwDhlgC9JBBCqftblK099K8EQZyRpTy70XwKROmbGSIPKSOniUj-azhxjKRnyd0UC_Q39-ov4Efuuj0Lrxux71wBvTl4zYIiezodotBiKATTcHxeb0rqgEzab_ebIefXNKvjuVu_KJXsYWxz5FQ9RQCKYXaMDYptDhar9bSfnHEHEG8aUqwQ1iq3HwRWI0HMtEgG0zUvi26RRSSmVCxx8WoTSXCmJLoNEj98WxP6s10yuyC7mFwne-xEIk6tg1m1YqjjQffHFkesh9Sxlcu7iJNxFMD9R53BNE5oImVr8_2meajLRqA2iLmNjvFJq-ILXwLtkc- HTTP 307
- https://u24957986.ct.sendgrid.net/ls/click?upn=u001.aIUv4xIBfk3jkN5v2eEW3JgBYB0tFa3ahXM5kkk6hVRF0cC-2FCgwvW6pxq-2FLVlbNOlFeUReiBC3U6t11i0xSzmnDNcellmR808McL23IffyuOXD2Qg3xEyfk8ooAE3O3Q2RWq-2FDpwOdTLaUTa974QpA-3D-3Dx2PB_1c-2Bdm6xFAz1WX-2F6s41F6EF84pW5BwP9Xg65ahEhMwzjwNifn6hgDybhY-2BeECB06KfeT2XZKtaOds55oHTqxNk-2FXopmnf1UyyJ6ZDgT1VGjFagsceXjU2eEpPLx944-2BPF5wfWM2TKFK3gWy88sPNfZtJU0V1owYgjzKJ7gsRrxfL2Eo0CjY-2B6W3F8hoO1wIX-2FvG1BGZaVOLkHeDNmGmyY-2F33m1VtGuswM01d7W2UFub8-3D HTTP 302
- https://url.za.m.mimecastprotect.com/s/g2oICGZK3ZcLQrJjf7hwCBAZjY?domain=url.emailprotection.link HTTP 307
- https://url.za.m.mimecastprotect.com/r/wGoZg9IA0HSZkOj-N3kG_53lP8xbbMaVPllPWEffN5yhhmguRfBnH5N48yC93n7pp1_jDvDdGkEkIiQaBlOLgiCgIcE0SlbIqlljSWO7K8OmhxpvDoN48DCkaXljQwD_gFJVeUEqm6uny_0dBOpuI59gXc6n2L5Cr7i7IIrAbnwekw5it3pr5NK8sBcE65wedB6zq1ek72BJSLwSFQB4PzHwkoKXBOZbITDyChNO1RrgQcprtgMdWBJgKXe2ch6I9WC2tKfnBIlyY6ROzBntARA0DAElywsMkQlLcq231zmbryja1Orr6PntsjkZm_MG-Zg8_K9fW8zLszPOUiMEhNG15TbzMitmYlATmFVUZ2rVh3y5ngVrMI8K1HDDsQ8AbaEdj0OwXoDg_qfBLaf4S9ZdkE3r4r0z0l8nLGOFwq5NNktD6cWSIp_DNBrU65w5hKckB1Y5AIFydcH0__BBFCHtMXq6XOxArbfgIeVnQB1_GD3EZQlh90BcTFftfAeeJg62NVfa3lwLTwVOlgERDkTuMkw-s4vxGGPThQVFXvRpF-nDDpX53RX8JlmDX7kMBn9FQ3C11QumwSS-Z6isRAR1SvxO9fagDQxjaXhdje_WZ8VbS3kIrLit63i8i5cJAcobsCjfvKdWhxBEpdbTyIcAkmdvjtC10uOxRijM-OMZ0eFFFrrqYLdxy9OrFLBd7hdWK6KGHC2c4MFxSwHYdp56qZg9Sf-eBwXmbHJ5pfGSHvg1g3OuxZeNfu5Z1svCc8-Hcxbs8rkd3W4R8Xkw7SZ7LES9xeQkrxV91bXk2Jugl5r3rKG_81MrZnX0dJ_btYGmDaaUqkWwEvl1ZD8jD9_UsXTcYG7TJYuXSB66XMn6XkOJAcvstsu1RKXQEXJYJVXiiPaLG6JnGdc3vBW53HwMsc5JvrkCU4BZNStGttui7ECzkjSiZxIAygx3qza2ZeYVuPGFlcEAauGcHQDjcrSWsfFiQleziW9M8Vf0sb--EZHpXNDtztNVyoI_lAEP0O_0bcphunIgw99Y8D4swAyh1M8XGYlQZ_o2WBQ6OqWOVyfmRNRB2nBhXgYO0VhDbiscaCp6f3SXxJtD4GOYYNNWwAUX7zUuP6FkbpOjWlWjfmVR3VLS3fDGGZtLWAhq8LFVEkYe_Z30jV03akSjWjukdmaCeYYLPDr_q5pJB5vtWd3JsmgjVwen-fyy_o2uAKfef16nl9paPCGwpfFe3fZH2ebVNhX-Airjl1YkRpS8DIQNS2JnpBqQYsSwxJw1Jcw9z25nvMeCW5X6SRKFeAcy8cpz67wMaR1iG9oO8lb2gHynL1Ud4skiFQdEpiJU3FoPkM2Dx8_gB669DHKYnRYhAhKifwvqQsTM74fyILGYJlpWmeafdnTMMBEzWz3mg7JYrssk1P-zrnA8vsVZwmzep2L5l_NxpFGKyuvvkWLA4xBCLIq3lm91D7jm1q6JOsXdiEfVydBdEIzNtHttFsrqAtX-HzlIr_DbnZKCKFe6UPr6QPRA9ZFuHVDRuZmp0qtl8S_6qYrKMbbFZyE9jMgWSSBvIj5SfajyrdEzsnoeAiQruAq8QG2Yjd_LF07l4qeTU2okZogUBM10QI7WFfzUyuYn3kIVu4aqPMEEdFVaap7GQcgInCyGSZds9cfK54UTfyLrZDq3DNaa25O9rXX710G7t0Ub7hzxo8p_qSbDNmHX_LyQSJ201UcL5GY4tmMlanSbuUSrDfs3BHMvmI6SeuodZBBk3nhgXFm6dZLpvz8FVuXw9R5gNdi8pp4tRvwZw1uyUXdNJtimrigmVk-PxwN-M-oFWDutSTlGwvZC2En-EKELnsQMXDaz4L1CWGJXe3TiXQRlm75jg3WrNJUD1zKfDAOs7cB_v02rwOzdnayDv71szonkdbzfiLURlwU6kO-kNRTqLZJCSY018ybOe_jbPrj-zX79_6ibY5r3gAoxaOrEUTxVT90Dsyf67eo41Q_UZNdzkoglq9BXUV4MEawSlA1mVi3lm-xsd5GLLs3bwG1NPb04zQv6MuPYORA2vCvwC342EO2j0VvFi9U7GFc4ybbNXCpnrFLRkXhR6Yfb0aGvI5oSvl_0cA7Px1TbARrPNycgdFbpeBQdZeQ6iCI2it1QWb2zrPt60J7erQwDCRJ2aAzHuc0OR3PIElcLXbeJPWq35u2G3YuFOE2CLnxgeayXKymAV4Pqtcqb7O_W30CwtUYsDGCgE9Wm32iP1qaA7BAuxtAhbq4StNW72Unm-YUN1wP89J7lBhZ1k6YGsI1t3jZRD8nvXwfq9dn7Ss2E3BG50LVkNECn7Tof7V-0ae9LKvBAmZjz3kIbKAPos5ZSt6wD4oK3yvA_E3UHjdnYjEmOy-Hv9Ki0jVC2hSjGwr3g0Uhj2-PtaGJeTZRbNgIjCivHIhD7TZtnLiBTvBMU2Xj37xCzK0mbRTjYfR9_1xl6futVcUD8af_nQxwO228vdODKiGxrhyCoyoy6T5Ghupe2NtNaH3pI-acsJEhW5yxIHrXtYrSCE6IzNWMdq3JUFkxib782GRYqh6D9dUfsxT-Phsna_zYlG5knnYKXoOApVHidvnI7xWxpDuNHF_eyBHF7E_vIRg_25xrCJW_g-v4V8jMzAmHrCUAwpKI7_ACmc7RPHtPRYJOOaLMH66A1pl-s4dA5l2JI3QksQJgKIU7CaStvKbKbUwrgW6oMSlH8f4Rq_LzkvzFgx71RZrWwOV1X3YyiLujL HTTP 307
- https://url.emailprotection.link/?bwen5nT6tVMn5XO-Z1kowGSzpsEfd9L2ZhhfOaAUCaj-1xF-rgOVuORZagzqCPoQLH4a3bPQSvwe7Da8cfAq6XNFhAkZZ_bNM1YZALp_DlPfI3H000A50kpx8Me8qsXE14zJFZEdA_R_vw9_2Le-GkM0EUQHDocObEEfCXTJ6Z57_xwZ_X4CoPpdadpRuEpf9hn-fT22oedZ7gUIGEHG2Nhtb--R5AYgxpUOcvqENQc5W5sUoeLihN3u-hGV9k2wlcVDB2bJmeuAs41h_rkzr1bZu1JyvUXLhMOzCRu3zHPLzOjo2BS7HgpCiUcnlTROhJNnkMCJlcEVJJd5yuvr3b3IJD5o17Y-5SyHzJE83q93CwurFSoxVk5JXDl-5tcE8oOf7qDzsQ8uvAz5MfnAPXkuy6HmjKTFvCQvcwdTqoP6_iCcKfzSyETHw3bWJzTq8MgJkYNfsb6IrtW8KLlh4UTWAo7LgazkG7SwNT_DSdgqwiD8sBoYYzP3c5m5ZDJ_K
- https://u24957986.ct.sendgrid.net/ls/click?upn=u001.aIUv4xIBfk3jkN5v2eEW3PO38xTrw7WdCZ9daVGOTxfgCmyDK3-2Bua9RqiLmBVM84s5TPklTrQKh5-2FjX2I2m2xXVdyzXc1-2B4iztADEj6dcEs-3DnOVr_TgT0qvCz4ksRfNOaJekXkV2hZrgSP997R-2FO9nbwskYh8NG3Q1-2F-2B6jt9hoGi7VCrQgUpYfC2SbQlzytsY-2FmcitbwHqMoo54lJBNn8lWYvHbslwIxNl5AvlP-2BL442RkDU-2BRFaNN4pW0COjhMzYyM9WzvhJueDWjMowJwUptuC55eha-2F5Zj6jrAx4fa7wHjuZCXWufbnU6hdM5Dij3GEhk1Fw-3D-3D HTTP 302
- https://servers90-ms365-docs-vs-encrypt.web.app/sharedservers
- https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
url.emailprotection.link/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_style.css
url.emailprotection.link/new/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_screenshot.js
url.emailprotection.link/new/js/ |
1 KB 979 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tooltipster.css
url.emailprotection.link/new/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.9.1.js
url.emailprotection.link/new/js/libs/ |
142 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.tooltipster.min.js
url.emailprotection.link/new/js/libs/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_scanning.js
url.emailprotection.link/new/js/ |
947 B 758 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scanning_70.gif
url.emailprotection.link/new/images/ |
30 KB 30 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
notosans-regular.ttf
url.emailprotection.link/new/fonts/ |
306 KB 306 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
url.emailprotection.link/new/images/ |
77 B 332 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sharedservers
servers90-ms365-docs-vs-encrypt.web.app/ Redirect Chain
|
894 B 770 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Primary Request
/
ms-servers.drreddyss.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/ Redirect Chain
|
46 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
style.css
ms-servers.drreddyss.com/captcha/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo.svg
ms-servers.drreddyss.com/captcha/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fjm72/0x4AAAAAAAj_rt2m65PC-idf/auto/fbE/normal/auto/ Frame 1254 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| turnstile function| lnzPMRciyX function| IPMKNhzQuU1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| ms-servers.drreddyss.com/ | Name: PHPSESSID Value: a42117f4413c7284cea7e8bc1e0f8eb9 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
code.jquery.com
ms-servers.drreddyss.com
servers90-ms365-docs-vs-encrypt.web.app
u24957986.ct.sendgrid.net
url.emailprotection.link
url.za.m.mimecastprotect.com
104.18.94.41
104.18.95.41
167.89.118.126
172.67.128.22
185.64.213.245
2620:0:890::100
2a04:4e42:200::649
41.74.192.103
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
50e4ac723b25eb3b6a7342348138dc2221a93305087794debaf559d897e43cec
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
8eae5159c56bf66c17e0cb002b25fc2e343f3e009dc2a39a7e230f08b7b8c672
9ecb7cd6dc04796751c9dc711bd1be31b2f29f75a850855af49268248309f7a9
a4726c17da1e23c8afa26371cda377460db886588d02acb168afbc7c85e0ecd0
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
e0e3fb0fe5ca541950cf8dd213fbe9e8957a3db0010b515ad01adff6ca908a3e
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
ebb7b2c4e6e9d740d05890d16ac488bba7b9488fea29b8d25028a73c82fba697
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e