urlscan.io logo urlscan.io
SecurityTrails logo

utilizingjobshandy.vibratedlessions2.fun Open in urlscan Pro
179.43.163.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/YS0nCOYRZYIYrWEyhEE4U9?domain=zeer.com
Effective URL: https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On February 10 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 179.43.163.120, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is utilizingjobshandy.vibratedlessions2.fun.
TLS certificate: Issued by R3 on February 6th 2023. Valid for: 3 months.
This is the only time utilizingjobshandy.vibratedlessions2.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 207.211.31.113 14135 (NAVISITE-...)
1 193.3.19.111 50340 (SELECTEL-MSK)
2 5 179.43.163.120 51852 (PLI-AS)
4 2
Apex Domain
Subdomains		 Transfer
5 vibratedlessions2.fun
utilizingjobshandy.vibratedlessions2.fun
wwwofc.vibratedlessions2.fun
41 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 8568
2 KB
1 zeer.com
zeer.com
371 B
4 3
Domain Requested by
4 utilizingjobshandy.vibratedlessions2.fun 1 redirects zeer.com
utilizingjobshandy.vibratedlessions2.fun
2 protect-us.mimecast.com 2 redirects
1 wwwofc.vibratedlessions2.fun 1 redirects
1 zeer.com
4 4

This site contains no links.

Subject Issuer Validity Valid
zeer.com
R3		 2023-02-09 -
2023-05-10		 3 months crt.sh
vibratedlessions2.fun
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638116194233918818.MTQxNzY3NjEtM2FlNC00Zjk4LWEzNDAtZDUxMWJiYmJkOTMzYTU1MjJmYmQtMzdkOC00N2U4LTkwNmUtYTQ5YTdhZGRiMzQy&ui_locales=en-US&mkt=en-US&state=2m7gkzpJGauzggw-4HA0BMMgH4IGmlPufz0_X8WgvLKUd1epGJ6o7StI1Xs_RyhiNwvyFodBhGy0LU-6gDbRvC8yOl3mGu0o2A6d0dO3_szf0szQR7E4XZQrn9u4Yz6eugIzErKeQbwncmxTzmR6uk96bFyFXNkoHU4JYy2WlOMe43Txphp8sB3Q2Ik16pc41PhG14QWaqKIhsPW7_GILURRsWicPIz7Z_w1v2AFF20PLGQ9l82ADupeTPU754yJaiHgh4o2Q1dX1gbbLSIorA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Frame ID: 0D7952663C2338C3ACA8D6D8FDB3213B
Requests: 3 HTTP requests in this frame

Frame: https://utilizingjobshandy.vibratedlessions2.fun/
Frame ID: 5837E53ED75180AC923101693BE27C2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/YS0nCOYRZYIYrWEyhEE4U9?domain=zeer.com HTTP 307
    https://protect-us.mimecast.com/r/SoxbtY0e1MVHh0BLuMlAtlWbsxCWaW6LThfYZ1htI_8aEkumYY3MaMGDizXyTCaPd13Aj93HQJ... HTTP 307
    https://zeer.com/bfw0v Page URL
  2. https://utilizingjobshandy.vibratedlessions2.fun/ Page URL
  3. https://utilizingjobshandy.vibratedlessions2.fun/ HTTP 302
    https://wwwofc.vibratedlessions2.fun/login HTTP 302
    https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

3
Countries

39 kB
Transfer

293 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/YS0nCOYRZYIYrWEyhEE4U9?domain=zeer.com HTTP 307
    https://protect-us.mimecast.com/r/SoxbtY0e1MVHh0BLuMlAtlWbsxCWaW6LThfYZ1htI_8aEkumYY3MaMGDizXyTCaPd13Aj93HQJxID4WIrKh0xiXRuNh_34uTJ5eeDmVNorIBOeHOAP12phyo5DibzxOiKMm6V03sZsI982Rikb2yHpHdc77Qv0oy1WfvM2NzhL24gFdJsbXhFouHUPO96mXnhj0TYv3ArOJLb6-bAxXxOCutsa3gAontHPvLQt3SFXPhmLF-GI7UieGTQMnuaZYh5KmEA5yd51m1KzJWFP4kqstJCKPXdl6bhK8Wy4CQiCIxD68UXhFr0S3b75gfO2D8sa1onX1QNSUFRtZm-kffzhpVZrvfXyU0pr-MlJz45oWE3qielirg4KnplcRTaSYizcBjkgAH_LNngfYYsUVc7HDtkbb_AqnILj0QOWfI5FL3qPsZvni8yFFMCaoCqqUdPrytCEvqalsrAQv2NoDXdXA3orxwziXcfsW0lZlVUKgBdXI1GFjLpaX4LlG1aNPedgpQCqXljSMgGaJiIQ8m8nFVMu4076av--lVZUq1RibCt-mI4fp0FxiOg-MGb-zHAYuvZ70gIjFn8_IAWHFtlOR366pZdwRMR01U_ZP1Sii6B0DesVw0I9VWNih9sDhBQkODt5dMvii_7Hu_yrfUFl-4cJ4H7_ZXzt78Km9BZhuhwfylZZ0wIRISy0kELQyqdvkd8mdh6HBjAmTjfXhfkQ5o1omkPcgWOLafvAJ_xNKRiGTV6l2P84dD8scK08z6UFMv8Mce3x4B3TjpJvi5fonJPPYPgdDaH3-nTXV5PVYVlaCp0OEK1xsnpBoY2uEwtjfnhcTv9-TMnUThjJnIGKeH-tzWZwOiMvQas07w29KGqrYNE_w-SWzgET5KUHB5XDt3Sym66egLcU5fKd8Ch0tutnhinMhyfphzrSuBoBcfm2utiS583yLDeL4naoNsQXLk9c8fvWQY2Sd36AEVltACug_gqcbFkQSzu7Bxq0yPs9eHDNQCKenSuEGhdVU8JFPM7ZOyFHqNE5rxAVx1EYpp7hRAElOfDpx3Mr_RSZ7jheyor1QrhrvCctGdGcDGv_UfRQ8kIoFFXJehMxoaMXCxzHhpD5RZ7gEM1V5PbuMbC4_8eOYGfCmsvvKruiXMADeMe66OzmKyvkE8zcgyHzkKHprNJx5S9hixTHYiLL6Axv78Jly9Qq9BHPm-CdseUPss_iWovyCt134pjv1yAVj3s1kOdTuT1FEiHtRVwkTswnJYo9iaBNZWF9VCkcqYZA2NvblwiX-KxkYDiFGRRmiSuIZQGGxJQokAujVEC2Yr4y0dloW6Xj7m7_Tz4gSQcNnybYA0BYDF6X_7Zp8WE3uxdCpBroMhB0mNuEbP2W5tMykXkCu7BdRh9besdS3Pq3anQ3bXLlskahXBIt3pvLEIeuWRvjKTMR__GNUjD_J_VB0-jUaOb_mD9M_lPyJMUT7rtwCXrZWz_-0JIte4T_TOWx-nSB2knfRIPBgrnAjHh9N7koxZz5VSoc1iLRiPAOv3PckLM6VrEg7a0g18F31AZJI2mozMLqiR-SNTzUeB6WvlY8yMTnfU6-9aMoRNqe1v3NDpRmhE91eKIxsZKuTFOEGiV0qWZKJGiGs88qzhkkEpnPVm267jgTYEmgIJKL1kidoIk2-fSc0mpEF0pctFs-cp2nxy4NHzPCyAzgqaePGUQizKQ7oV4Z2lVMBij1TtKYR-TwLFyfN1wGmmhxZ6JuTMZezLylGfPx2Av5SP5_bYntyOxquksy1b8Oc_Ruzmn2r4w7tEWmomDbYKjay_rkjL8CAniXTDuUCoBd6RJwUjztjHHxF_OynyrhES_6_Qv50zlBCdFVmeuGpQbcBY6CoYp3-ANmuN8WCOuv_vKeBpk_e5efOt6OQXCWmSChiHOOVkstF2eQ8AdPixaQ HTTP 307
    https://zeer.com/bfw0v Page URL
  2. https://utilizingjobshandy.vibratedlessions2.fun/ Page URL
  3. https://utilizingjobshandy.vibratedlessions2.fun/ HTTP 302
    https://wwwofc.vibratedlessions2.fun/login HTTP 302
    https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638116194233918818.MTQxNzY3NjEtM2FlNC00Zjk4LWEzNDAtZDUxMWJiYmJkOTMzYTU1MjJmYmQtMzdkOC00N2U4LTkwNmUtYTQ5YTdhZGRiMzQy&ui_locales=en-US&mkt=en-US&state=2m7gkzpJGauzggw-4HA0BMMgH4IGmlPufz0_X8WgvLKUd1epGJ6o7StI1Xs_RyhiNwvyFodBhGy0LU-6gDbRvC8yOl3mGu0o2A6d0dO3_szf0szQR7E4XZQrn9u4Yz6eugIzErKeQbwncmxTzmR6uk96bFyFXNkoHU4JYy2WlOMe43Txphp8sB3Q2Ik16pc41PhG14QWaqKIhsPW7_GILURRsWicPIz7Z_w1v2AFF20PLGQ9l82ADupeTPU754yJaiHgh4o2Q1dX1gbbLSIorA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-us.mimecast.com/s/YS0nCOYRZYIYrWEyhEE4U9?domain=zeer.com HTTP 307
  • https://protect-us.mimecast.com/r/SoxbtY0e1MVHh0BLuMlAtlWbsxCWaW6LThfYZ1htI_8aEkumYY3MaMGDizXyTCaPd13Aj93HQJxID4WIrKh0xiXRuNh_34uTJ5eeDmVNorIBOeHOAP12phyo5DibzxOiKMm6V03sZsI982Rikb2yHpHdc77Qv0oy1WfvM2NzhL24gFdJsbXhFouHUPO96mXnhj0TYv3ArOJLb6-bAxXxOCutsa3gAontHPvLQt3SFXPhmLF-GI7UieGTQMnuaZYh5KmEA5yd51m1KzJWFP4kqstJCKPXdl6bhK8Wy4CQiCIxD68UXhFr0S3b75gfO2D8sa1onX1QNSUFRtZm-kffzhpVZrvfXyU0pr-MlJz45oWE3qielirg4KnplcRTaSYizcBjkgAH_LNngfYYsUVc7HDtkbb_AqnILj0QOWfI5FL3qPsZvni8yFFMCaoCqqUdPrytCEvqalsrAQv2NoDXdXA3orxwziXcfsW0lZlVUKgBdXI1GFjLpaX4LlG1aNPedgpQCqXljSMgGaJiIQ8m8nFVMu4076av--lVZUq1RibCt-mI4fp0FxiOg-MGb-zHAYuvZ70gIjFn8_IAWHFtlOR366pZdwRMR01U_ZP1Sii6B0DesVw0I9VWNih9sDhBQkODt5dMvii_7Hu_yrfUFl-4cJ4H7_ZXzt78Km9BZhuhwfylZZ0wIRISy0kELQyqdvkd8mdh6HBjAmTjfXhfkQ5o1omkPcgWOLafvAJ_xNKRiGTV6l2P84dD8scK08z6UFMv8Mce3x4B3TjpJvi5fonJPPYPgdDaH3-nTXV5PVYVlaCp0OEK1xsnpBoY2uEwtjfnhcTv9-TMnUThjJnIGKeH-tzWZwOiMvQas07w29KGqrYNE_w-SWzgET5KUHB5XDt3Sym66egLcU5fKd8Ch0tutnhinMhyfphzrSuBoBcfm2utiS583yLDeL4naoNsQXLk9c8fvWQY2Sd36AEVltACug_gqcbFkQSzu7Bxq0yPs9eHDNQCKenSuEGhdVU8JFPM7ZOyFHqNE5rxAVx1EYpp7hRAElOfDpx3Mr_RSZ7jheyor1QrhrvCctGdGcDGv_UfRQ8kIoFFXJehMxoaMXCxzHhpD5RZ7gEM1V5PbuMbC4_8eOYGfCmsvvKruiXMADeMe66OzmKyvkE8zcgyHzkKHprNJx5S9hixTHYiLL6Axv78Jly9Qq9BHPm-CdseUPss_iWovyCt134pjv1yAVj3s1kOdTuT1FEiHtRVwkTswnJYo9iaBNZWF9VCkcqYZA2NvblwiX-KxkYDiFGRRmiSuIZQGGxJQokAujVEC2Yr4y0dloW6Xj7m7_Tz4gSQcNnybYA0BYDF6X_7Zp8WE3uxdCpBroMhB0mNuEbP2W5tMykXkCu7BdRh9besdS3Pq3anQ3bXLlskahXBIt3pvLEIeuWRvjKTMR__GNUjD_J_VB0-jUaOb_mD9M_lPyJMUT7rtwCXrZWz_-0JIte4T_TOWx-nSB2knfRIPBgrnAjHh9N7koxZz5VSoc1iLRiPAOv3PckLM6VrEg7a0g18F31AZJI2mozMLqiR-SNTzUeB6WvlY8yMTnfU6-9aMoRNqe1v3NDpRmhE91eKIxsZKuTFOEGiV0qWZKJGiGs88qzhkkEpnPVm267jgTYEmgIJKL1kidoIk2-fSc0mpEF0pctFs-cp2nxy4NHzPCyAzgqaePGUQizKQ7oV4Z2lVMBij1TtKYR-TwLFyfN1wGmmhxZ6JuTMZezLylGfPx2Av5SP5_bYntyOxquksy1b8Oc_Ruzmn2r4w7tEWmomDbYKjay_rkjL8CAniXTDuUCoBd6RJwUjztjHHxF_OynyrhES_6_Qv50zlBCdFVmeuGpQbcBY6CoYp3-ANmuN8WCOuv_vKeBpk_e5efOt6OQXCWmSChiHOOVkstF2eQ8AdPixaQ HTTP 307
  • https://zeer.com/bfw0v

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bfw0v
zeer.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/YS0nCOYRZYIYrWEyhEE4U9?domain=zeer.com
  • https://protect-us.mimecast.com/r/SoxbtY0e1MVHh0BLuMlAtlWbsxCWaW6LThfYZ1htI_8aEkumYY3MaMGDizXyTCaPd13Aj93HQJxID4WIrKh0xiXRuNh_34uTJ5eeDmVNorIBOeHOAP12phyo5DibzxOiKMm6V03sZsI982Rikb2yHpHdc77Qv0oy1Wf...
  • https://zeer.com/bfw0v
91 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zeer.com/bfw0v
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.3.19.111 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
91
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Feb 2023 09:50:19 GMT
ETag
"5b-5f450730e1e2d"
Keep-Alive
timeout=60
Last-Modified
Fri, 10 Feb 2023 03:54:08 GMT
Server
nginx

Redirect headers

Cache-control
no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 10 Feb 2023 09:50:19 GMT
Location
https://zeer.com/bfw0v
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, nofollow
/
utilizingjobshandy.vibratedlessions2.fun/ 		92 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://utilizingjobshandy.vibratedlessions2.fun/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.163.120 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatealps.net
Software
nginx /
Resource Hash
0c3f59707529b5ef75bd5432211f9c67bf537b84cb71e06cbec742e434c89a0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://zeer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 10 Feb 2023 09:50:20 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
utilizingjobshandy.vibratedlessions2.fun/ Frame 5837 		208 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://utilizingjobshandy.vibratedlessions2.fun/
Requested by
Host: zeer.com
URL: https://zeer.com/bfw0v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.163.120 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatealps.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Feb 2023 09:50:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
Primary Request authorize
utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/
Redirect Chain
  • https://utilizingjobshandy.vibratedlessions2.fun/?
  • https://wwwofc.vibratedlessions2.fun/login
  • https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Flandingv2&resp...
201 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638116194233918818.MTQxNzY3NjEtM2FlNC00Zjk4LWEzNDAtZDUxMWJiYmJkOTMzYTU1MjJmYmQtMzdkOC00N2U4LTkwNmUtYTQ5YTdhZGRiMzQy&ui_locales=en-US&mkt=en-US&state=2m7gkzpJGauzggw-4HA0BMMgH4IGmlPufz0_X8WgvLKUd1epGJ6o7StI1Xs_RyhiNwvyFodBhGy0LU-6gDbRvC8yOl3mGu0o2A6d0dO3_szf0szQR7E4XZQrn9u4Yz6eugIzErKeQbwncmxTzmR6uk96bFyFXNkoHU4JYy2WlOMe43Txphp8sB3Q2Ik16pc41PhG14QWaqKIhsPW7_GILURRsWicPIz7Z_w1v2AFF20PLGQ9l82ADupeTPU754yJaiHgh4o2Q1dX1gbbLSIorA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Requested by
Host: utilizingjobshandy.vibratedlessions2.fun
URL: https://utilizingjobshandy.vibratedlessions2.fun/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.163.120 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatealps.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://utilizingjobshandy.vibratedlessions2.fun/?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 10 Feb 2023 09:50:24 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4d219710-5996f5be.vibratedlessions2.fun/api/report?catId=GW+estsfd+dub1"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14526.6 - WEULR2 ProdSlices
x-ms-request-id
acbc4dd9-bff7-4cc8-872f-e4ba3db4f300

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
content-type
text/html; charset=utf-8
date
Fri, 10 Feb 2023 09:50:23 GMT
location
https://utilizingjobshandy.vibratedlessions2.fun/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.vibratedlessions2.fun%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638116194233918818.MTQxNzY3NjEtM2FlNC00Zjk4LWEzNDAtZDUxMWJiYmJkOTMzYTU1MjJmYmQtMzdkOC00N2U4LTkwNmUtYTQ5YTdhZGRiMzQy&ui_locales=en-US&mkt=en-US&state=2m7gkzpJGauzggw-4HA0BMMgH4IGmlPufz0_X8WgvLKUd1epGJ6o7StI1Xs_RyhiNwvyFodBhGy0LU-6gDbRvC8yOl3mGu0o2A6d0dO3_szf0szQR7E4XZQrn9u4Yz6eugIzErKeQbwncmxTzmR6uk96bFyFXNkoHU4JYy2WlOMe43Txphp8sB3Q2Ik16pc41PhG14QWaqKIhsPW7_GILURRsWicPIz7Z_w1v2AFF20PLGQ9l82ADupeTPU754yJaiHgh4o2Q1dX1gbbLSIorA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
referrer-policy
strict-origin-when-cross-origin
request-context
appId=
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: E58CDBADCF864A3DA681D9EE1DCC3C59 Ref B: AMS231032608049 Ref C: 2023-02-10T09:50:23Z
x-ua-compatible
IE=edge,chrome=1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

6 Cookies

Domain/Path Name / Value
.vibratedlessions2.fun/ Name: bekEZX
Value: NTk5NmY1YmUtYjdkMy00MzUzLTlhZDQtNzMwMTQ2YWNkOWRlOjg5MmZiOTQ4LTI4ZDAtNGQxOS05OTU1LWMyNTk3NDZmZGYyNQ==
wwwofc.vibratedlessions2.fun/ Name: OH.DCAffinity
Value: OH-weu
wwwofc.vibratedlessions2.fun/ Name: OH.FLID
Value: 80646e8d-b207-478a-a84a-65ec349962b7
wwwofc.vibratedlessions2.fun/ Name: .AspNetCore.OpenIdConnect.Nonce.3oM8oVZ03OK3OCt_jTr9EYyHECVLxEIygTvxvDUo3spSsLZ9A2CDbrINf8SWjIBLuf9FE1H3pfcCOzsoH8rhCldeJM2IgU-96xO8FKAhA4hqlkjTkYaFyOSN4eKCThZI0BLDoT2RL5iJMbNdUIsG5uUC4qctP0MXZHH0KQz7JHwR78MMGr7Cd_EXZiVo46lorZs8jlHipSUv2grM2gu4A2_u-FynipkOtuS48EwlwtAzgTe9Sxds1HHFURVjtgrE
Value: N
wwwofc.vibratedlessions2.fun/ Name: .AspNetCore.Correlation.BpTYFhv16nesVlKDEgGHW3uLfQU8zW1U56ttacyCiOo
Value: N
.vibratedlessions2.fun/ Name: MUID
Value: 1BAFA771AC6E687E2F94B5C5AD4C6945

1 Console Messages

Source Level URL
Text
network error URL: https://zeer.com/bfw0v
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

protect-us.mimecast.com
utilizingjobshandy.vibratedlessions2.fun
wwwofc.vibratedlessions2.fun
zeer.com
179.43.163.120
193.3.19.111
207.211.31.113
0c3f59707529b5ef75bd5432211f9c67bf537b84cb71e06cbec742e434c89a0a