urlscan.io logo urlscan.io
SecurityTrails logo

ocprq.striscia.org Open in urlscan Pro
199.192.27.192  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://meheff.striscia.org/gtEXtUaI
Effective URL: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On August 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 199.192.27.192, located in United States and belongs to NAMECHEAP-NET, US. The main domain is ocprq.striscia.org.
TLS certificate: Issued by R10 on July 22nd 2024. Valid for: 3 months.
This is the only time ocprq.striscia.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 16 199.192.27.192 22612 (NAMECHEAP...)
7 2a02:26f0:710... 20940 (AKAMAI-ASN1)
22 3
Domain Requested by
10 jrhte.striscia.org ocprq.striscia.org
jrhte.striscia.org
7 r4.res.office365.com mejeff.striscia.org
2 mejeff.striscia.org 1 redirects jrhte.striscia.org
1 htejre.striscia.org jrhte.striscia.org
1 hrvetbr.striscia.org ocprq.striscia.org
1 ocprq.striscia.org
1 meheff.striscia.org 1 redirects
22 7

This site contains links to these domains. Also see Links.

Domain
mejeff.striscia.org
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
ocprq.striscia.org
R10		 2024-07-22 -
2024-10-20		 3 months crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Frame ID: 224ABD593BB75090597DCAFEAE57C5BC
Requests: 14 HTTP requests in this frame

Frame: https://mejeff.striscia.org/owa/prefetch.aspx
Frame ID: 1A1626BC1111A779CFC549F2EAF6E17A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Outlook anmelden

Page URL History Show full URLs

  1. https://meheff.striscia.org/gtEXtUaI HTTP 302
    https://mejeff.striscia.org/owa/ HTTP 302
    https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

7
Subdomains

3
IPs

2
Countries

1798 kB
Transfer

3927 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://meheff.striscia.org/gtEXtUaI HTTP 302
    https://mejeff.striscia.org/owa/ HTTP 302
    https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
ocprq.striscia.org/common/oauth2/
Redirect Chain
  • https://meheff.striscia.org/gtEXtUaI
  • https://mejeff.striscia.org/owa/
  • https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-00000000...
44 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
a9234307d27a3ef2d72cacf1865420c346c2b5b2ab2bacf0cdc2ff03387985a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Aug 2024 11:31:56 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Dns-Prefetch-Control
on
X-Ms-Ests-Server
2.1.18621.9 - WUS3 ProdSlices
X-Ms-Request-Id
04976588-51cf-4ae5-9836-3207d6be1f00
X-Ms-Srs
1.P

Redirect headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Connection
close
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Aug 2024 11:31:55 GMT
Location
https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SAT&RemoteIP=199.192.27.0&Environment=MT"}],"include_subdomains":true}
Request-Id
33aedb69-aa23-c01b-dde3-3a842d8ef781
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
X-Backend-Begin
2024-08-06T11:31:56.233
X-Backend-End
2024-08-06T11:31:56.249
X-Backendhttpstatus
302 302
X-Beserver
EA2P222MB0828
X-Besku
WCS8
X-Calculatedbetarget
EA2P222MB0828.NAMP222.PROD.OUTLOOK.COM
X-Calculatedfetarget
MW4PR03CU007.internal.outlook.com
X-Diaginfo
EA2P222MB0828
X-Feefzinfo
SAT
X-Feproxyinfo
SA1P222CA0189.NAMP222.PROD.OUTLOOK.COM
X-Feserver
MW4PR03CA0194 SA1P222CA0189
X-Firsthopcafeefz
SAT
X-Owa-Diagnosticsinfo
7;0;0;
X-Proxy-Backendserverstatus
302
X-Proxy-Routingcorrectness
1
X-Rum-Notupdatequerieddbcopy
1
X-Rum-Notupdatequeriedpath
1
X-Rum-Validated
1
X-Ua-Compatible
IE=EmulateIE7
Me.htm
hrvetbr.striscia.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://hrvetbr.striscia.org/Me.htm?v=3
Requested by
Host: ocprq.striscia.org
URL: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
jrhte.striscia.org/ests/2.1/content/cdnbundles/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jrhte.striscia.org/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: ocprq.striscia.org
URL: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:31:58 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 03 Jul 2024 21:48:08 GMT
Etag
0x8DC9BA9D4131BFD
X-Azure-Ref
20240806T113158Z-15db5b49bf6cbsjq291bqy4sac0000000hqg000000005hbh
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Ms-Request-Id
6de5139e-f01e-001d-6bad-deceea000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
ConvergedLogin_PCore_rvcgQIW8sBUbuWPuM-EIeA2.js
jrhte.striscia.org/shared/1.0/content/js/ 		439 KB
440 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.striscia.org/shared/1.0/content/js/ConvergedLogin_PCore_rvcgQIW8sBUbuWPuM-EIeA2.js
Requested by
Host: ocprq.striscia.org
URL: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
55aa68fc7904d26bb6d01530776ae953e00dbfbe9b0f1237e6cdd04b8034c451

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:31:58 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Tue, 23 Jul 2024 00:06:24 GMT
Etag
0x8DCAAAB4A807BCD
X-Azure-Ref
20240806T113158Z-15db5b49bf6lttvgftb3ed2wkn0000000hng00000000em8b
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
ecb84c65-001e-0001-2317-e2eb35000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
ux.converged.login.strings-de.min_zwemwkpuyugjstly9tezhq2.js
jrhte.striscia.org/ests/2.1/content/cdnbundles/ 		61 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.striscia.org/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_zwemwkpuyugjstly9tezhq2.js
Requested by
Host: ocprq.striscia.org
URL: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
aada16c1472519ba77cb2ce71609eb9715ad651bcf059a56a4c04cbdbb082baa

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:31:58 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Cache-Info
L1_T2
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Tue, 09 Jul 2024 17:43:33 GMT
Etag
0x8DCA03EA7495993
X-Azure-Ref
20240806T113158Z-15db5b49bf6p24gfrhy0hexdy00000000hvg0000000066qs
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
42c81d97-f01e-0048-1e5f-e7a9de000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
jrhte.striscia.org/shared/1.0/content/js/asyncchunk/ 		397 KB
398 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.striscia.org/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
Requested by
Host: jrhte.striscia.org
URL: https://jrhte.striscia.org/shared/1.0/content/js/ConvergedLogin_PCore_rvcgQIW8sBUbuWPuM-EIeA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:05 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Thu, 20 Jun 2024 02:13:44 GMT
Etag
0x8DC90CE9C53BCDF
X-Azure-Ref
20240806T113205Z-15db5b49bf6p24gfrhy0hexdy00000000hvg0000000066x8
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
bc720456-901e-0013-36ad-de90e5000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
prefetch.aspx
mejeff.striscia.org/owa/ Frame 1A16 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mejeff.striscia.org/owa/prefetch.aspx
Requested by
Host: jrhte.striscia.org
URL: https://jrhte.striscia.org/shared/1.0/content/js/ConvergedLogin_PCore_rvcgQIW8sBUbuWPuM-EIeA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54ad973664e5d7ea91ed5e8b1ee4c9d42382e46f387f40afe36a25d9d985f0e7

Request headers

Referer
https://ocprq.striscia.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Cache-Control
private, no-store
Connection
close
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Aug 2024 11:32:05 GMT
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SAT&RemoteIP=199.192.27.0&Environment=MT"}],"include_subdomains":true}
Request-Id
f319a790-c0ac-84b7-b05c-2e50767ac75d
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Backend-Begin
2024-08-06T11:32:05.591
X-Backend-End
2024-08-06T11:32:05.591
X-Backendhttpstatus
200 200
X-Beserver
MN0P222MB0647
X-Besku
WCS7
X-Calculatedbetarget
MN0P222MB0647.NAMP222.PROD.OUTLOOK.COM
X-Calculatedfetarget
MN0PR03CU001.internal.outlook.com
X-Diaginfo
MN0P222MB0647
X-Feefzinfo
SAT
X-Feproxyinfo
SA1P222CA0189.NAMP222.PROD.OUTLOOK.COM
X-Feserver
MN0PR03CA0023 SA1P222CA0189
X-Firsthopcafeefz
SAT
X-Owa-Diagnosticsinfo
7;0;0;
X-Owa-Version
15.20.7828.25
X-Proxy-Backendserverstatus
200
X-Proxy-Routingcorrectness
1
X-Rum-Notupdatequerieddbcopy
1
X-Rum-Notupdatequeriedpath
1
X-Rum-Validated
1
X-Ua-Compatible
IE=EmulateIE7
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.7828.27/scripts/ Frame 1A16 		648 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/scripts/boot.worldwide.0.mouse.js
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:18:35 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
179692
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.7828.27/scripts/ Frame 1A16 		644 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/scripts/boot.worldwide.1.mouse.js
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:18:23 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
163064
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.7828.27/scripts/ Frame 1A16 		647 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/scripts/boot.worldwide.2.mouse.js
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:18:35 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
169666
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.7828.27/scripts/ Frame 1A16 		645 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/scripts/boot.worldwide.3.mouse.js
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:18:24 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
145599
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.7828.27/resources/images/0/ Frame 1A16 		132 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/resources/images/0/sprite1.mouse.png
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:28:31 GMT
server
AkamaiNetStorage
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
132
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.7828.27/resources/images/0/ Frame 1A16 		994 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/resources/images/0/sprite1.mouse.css
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:28:30 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
288
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.7828.27/resources/styles/0/ Frame 1A16 		227 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7828.27/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: mejeff.striscia.org
URL: https://mejeff.striscia.org/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:251b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mejeff.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:32:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 04 Aug 2024 17:29:00 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
44144
49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
jrhte.striscia.org/shared/1.0/content/images/appbackgrounds/ 		987 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.striscia.org/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
0
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:42 GMT
Etag
0x8DB5C3F457E15E1
X-Azure-Ref
20240806T113207Z-15db5b49bf6cbsjq291bqy4sac0000000hqg000000005hu3
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Ms-Request-Id
c883d342-501e-0065-2ae3-e452bf000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
49_6ffe0a92d779c878835b40171ffc2e13.jpg
jrhte.striscia.org/shared/1.0/content/images/appbackgrounds/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.striscia.org/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
0
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:42 GMT
Etag
0x8DB5C3F4584F323
X-Azure-Ref
20240806T113207Z-15db5b49bf6cbsjq291bqy4sac0000000hqg000000005hu4
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Ms-Request-Id
6094e8ef-401e-0072-4538-e2b3a6000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
53_7a3c80bf9694448bac31a9589d2e9e92.png
jrhte.striscia.org/shared/1.0/content/images/applogos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.striscia.org/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
0
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:45 GMT
Etag
0x8DB5C3F475BAFC0
X-Azure-Ref
20240806T113207Z-15db5b49bf6p24gfrhy0hexdy00000000hvg000000006701
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Ms-Request-Id
45bf521c-a01e-0000-4b38-e2c356000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
jrhte.striscia.org/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.striscia.org/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
0
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:48 GMT
Etag
0x8DB5C3F4911527F
X-Azure-Ref
20240806T113207Z-15db5b49bf6p24gfrhy0hexdy00000000hvg000000006703
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
c3219157-001e-0019-4119-de43ed000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
jrhte.striscia.org/shared/1.0/content/js/asyncchunk/ 		0
0
favicon_a_eupayfgghqiai7k9sol6lg2.ico
jrhte.striscia.org/shared/1.0/content/images/ 		17 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jrhte.striscia.org/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Sun, 18 Oct 2020 03:02:03 GMT
Etag
0x8D8731230C851A6
X-Azure-Ref
20240806T113207Z-15db5b49bf6p24gfrhy0hexdy00000000hvg0000000066zy
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
X-Ms-Request-Id
c96bef56-c01e-006c-67b6-de5f7e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
jrhte.striscia.org/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.striscia.org/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:49 GMT
Etag
0x8DB5C3F49ED96E0
X-Azure-Ref
20240806T113207Z-15db5b49bf6p24gfrhy0hexdy00000000hvg0000000066zx
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
231339bc-701e-0034-11ad-de8721000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
htejre.striscia.org/shared/1.0/content/js/asyncchunk/ 		16 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://htejre.striscia.org/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
Requested by
Host: jrhte.striscia.org
URL: https://jrhte.striscia.org/shared/1.0/content/js/ConvergedLogin_PCore_rvcgQIW8sBUbuWPuM-EIeA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.192.27.192 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
ECAcc (lac/55B1) /
Resource Hash

Request headers

Referer
https://ocprq.striscia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Tue, 06 Aug 2024 11:32:09 GMT
Content-Md5
FXzSZAYOwKp2jFj6XjvNRQ==
Age
3938887
Transfer-Encoding
chunked
X-Cache
HIT
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Thu, 20 Jun 2024 02:16:53 GMT
Server
ECAcc (lac/55B1)
Etag
0x8DC90CF0D8CB039
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
fe99e0f7-c01e-0097-7721-c46c5f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jrhte.striscia.org
URL
https://jrhte.striscia.org/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ function| lp function| _0x410e92 function| _0x5778 function| _0x4864 function| checkElement3 function| checkElement function| checkElement2 boolean| __convergedlogin_pcustomizationloader_6c7dc46bb93924417b57

15 Cookies

Domain/Path Name / Value
.striscia.org/ Name: qihB
Value: 9e168a6b8feb1aed0abfa1d964f8160705eb7488896f6ac90231ab0fc6479e1d
mejeff.striscia.org/ Name: ClientId
Value: A387EB94A089442F877B76A6DB77378A
mejeff.striscia.org/ Name: OIDC
Value: 1
mejeff.striscia.org/ Name: OpenIdConnect.nonce.v3.Jx8HO43XijT1LXR1DxS6vZ6uPoVhxq3SyEd9cl3oxa0
Value: 638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617
mejeff.striscia.org/ Name: X-OWA-RedirectHistory
Value: ArLym14BLSmrYAu23Ag
ocprq.striscia.org/ Name: buid
Value: 0.ARgAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYB9v6Q6Ky7xoZ_GYHjVTwH7j4LgN0kYUy0VmJJ3SZzKWE71OwsedqsUSVE0Gl8B7p961REKcrPYlss83LnshkqCRM-7SEiptw5CdpqDW9O1wgAA
.ocprq.striscia.org/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYjewf8FLP84PAESrTfWIUUPuziuZE1zUPBR6AkC1slO76NYDFBdQz1bWSS-WmTdkNtSzxdvMV4w01FquZodwwho-owJQk7KcZGOuqpQTrpwc3RikPA8aZE25uUScIcFrbMirt-o8aI7FHBKIOmSKpfhYk6lqc1woBibk1JfmLlNogAA
.ocprq.striscia.org/ Name: esctx-12CKAGKdE9M
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYRuald2ceQ6C6Jbfuetj68dKP1qKc08yZCqRPvAs8cIhHhCoPukJ62q2C0w99a9qwV9wTwW1M51SAyv1Dc4DPSoiB2FG06n8a0iBtLrMmtospI5knDXhg9tp1a5C8i6J1OTdX9FAM7XN0Cb1sHJgAkiAA
ocprq.striscia.org/ Name: fpc
Value: ArN6h_zwE0FAv3cdbAQhltuerOTJAQAAAK0ARN4OAAAA
ocprq.striscia.org/ Name: x-ms-gateway-slice
Value: estsfd
ocprq.striscia.org/ Name: stsservicecookie
Value: estsfd
.hrvetbr.striscia.org/ Name: uaid
Value: e2940ff1238c4374b333e296e2b12545
.hrvetbr.striscia.org/ Name: MSPRequ
Value: id=N&lt=1722943918&co=1
.ocprq.striscia.org/ Name: brcap
Value: 0
mejeff.striscia.org/ Name: OWAPF
Value: v:15.20.7828.27&l:mouse

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://ocprq.striscia.org/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=33aedb69-aa23-c01b-dde3-3a842d8ef781&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638585407162493229.87b9f0dd-3604-4b83-ad01-003a645cb617&state=DctBEoAgCEBRzOk4JAoCHkdz2rbs-rF4f_cTAORwhEQRMGXv3oWsapPBrY3LbY2H9kZWEpTljHNTRSKeKv1eWi3Fe5b3m-UH
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hrvetbr.striscia.org
htejre.striscia.org
jrhte.striscia.org
meheff.striscia.org
mejeff.striscia.org
ocprq.striscia.org
r4.res.office365.com
jrhte.striscia.org
199.192.27.192
2a02:26f0:7100::687e:251b
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
54ad973664e5d7ea91ed5e8b1ee4c9d42382e46f387f40afe36a25d9d985f0e7
55aa68fc7904d26bb6d01530776ae953e00dbfbe9b0f1237e6cdd04b8034c451
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a9234307d27a3ef2d72cacf1865420c346c2b5b2ab2bacf0cdc2ff03387985a4
aada16c1472519ba77cb2ce71609eb9715ad651bcf059a56a4c04cbdbb082baa
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898