urlscan.io logo urlscan.io
SecurityTrails logo

www-azure-microsoft-office33.mixture.ltd Open in urlscan Pro
95.214.24.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r3doag.esfap.edu.pe/?url=https%3A%2F%2FR3dOAG.2f.esfap.edu.pe%3Furl%3D.%23waileng%40temasek.com.sg&sig=PkoY7Q9GJRTQI...
Effective URL: https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvv...
Submission Tags: falconsandbox
Submission: On April 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 95.214.24.34, located in United States and belongs to AS_DELIS, US. The main domain is www-azure-microsoft-office33.mixture.ltd.
TLS certificate: Issued by R3 on April 11th 2023. Valid for: 3 months.
This is the only time www-azure-microsoft-office33.mixture.ltd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 165.140.69.216 399250 (NAMEHERO-...)
1 2 186.64.116.165 52368 (ZAM LTDA.)
2 4 95.214.24.34 211252 (AS_DELIS)
4 3
Apex Domain
Subdomains		 Transfer
3 mixture.ltd
www-azure-microsoft-office33.mixture.ltd
57 KB
2 ventisca.cl
ventisca.cl
2 KB
2 esfap.edu.pe
r3doag.esfap.edu.pe
r3doag.2f.esfap.edu.pe
690 B
1 towneleypaints.com
relay.towneleypaints.com
706 B
4 4
Domain Requested by
3 www-azure-microsoft-office33.mixture.ltd 1 redirects r3doag.esfap.edu.pe
www-azure-microsoft-office33.mixture.ltd
2 ventisca.cl 1 redirects
1 relay.towneleypaints.com 1 redirects
1 r3doag.2f.esfap.edu.pe 1 redirects
1 r3doag.esfap.edu.pe
4 5

This site contains no links.

Subject Issuer Validity Valid
*.esfap.edu.pe
R3		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.ventisca.cl
R3		 2023-04-08 -
2023-07-07		 3 months crt.sh
www-azure-microsoft-office33.mixture.ltd
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui&sso_reload=true
Frame ID: B2E3F5EB93E2219C72045A5B1897C383
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://r3doag.esfap.edu.pe/?url=https%3A%2F%2FR3dOAG.2f.esfap.edu.pe%3Furl%3D.%23waileng%40temasek.com.... Page URL
  2. https://r3doag.2f.esfap.edu.pe/?url=. HTTP 302
    https://ventisca.cl/api/includes HTTP 301
    https://ventisca.cl/api/includes/ Page URL
  3. https://relay.towneleypaints.com/?eocv&qrc=waileng@temasek.com.sg HTTP 302
    https://www-azure-microsoft-office33.mixture.ltd/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3d3dy1henVyZ... HTTP 302
    https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
  4. https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

58 kB
Transfer

202 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r3doag.esfap.edu.pe/?url=https%3A%2F%2FR3dOAG.2f.esfap.edu.pe%3Furl%3D.%23waileng%40temasek.com.sg&sig=PkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRPkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRQSGae4y1zLdLbUpXVK0MOUWSXfjVaLPzgYC0CUzWlToWLFbrRPN2AyzI7jkzfWjlZeWIMRNReWxLrl9NhPhtsCsCz29vQFgQ6DgH-2Bpbso8xxmYU27HQYAMNRbUwZPbooLI0lsGbfQhp9cGCaKkF6tO35dTXof9rWrVY1Iw8cAPh-2BC3JsYD2FpSjhmtuq7IDQaOjzwVJeCXbU-2FxJFpO44kw-3D-3Dik89_cisED4Jwra-2BuqhwGAmCxxrFt-2FOsqFtgrenSprbixFZnToue2C0G-2FCoeF5x-2Fm21uCs4kT1jPlu6PeDxf-2FN29-2FGiAdMtpZIVERdtKfl72Bsj0GXm0EebMqHqH-2BuMtFUrGAM9kTos2WhLSGl3u2EJb4jMNW6r27ZQztcQrxlQLcFQjyVc3S4nK8iWNA18UKrvx1dWVS9fNt7sG1qONKXIQvlKw8LGIULdc-2BuN35ihEuOx13cwyGj-2FsY4YmKDoK59-2BwGgeJa7JwfsvWizXjWJZHu7Ik53kCDNtsMY7Q8Suh2N-2FrmcXr-2Fg-2BoUQAR87uXDtnvlGrTkdWClsqaqqGxGuuSfURRQeFJOFtwK-2BDFF9ZHFzsyWZ-2BFs1x0mUQlRzLJOTZ-2FoQWyUexzjXgdgidkdBj1neWsgvz9nrlPQHq33958eloU-3D Page URL
  2. https://r3doag.2f.esfap.edu.pe/?url=. HTTP 302
    https://ventisca.cl/api/includes HTTP 301
    https://ventisca.cl/api/includes/ Page URL
  3. https://relay.towneleypaints.com/?eocv&qrc=waileng@temasek.com.sg HTTP 302
    https://www-azure-microsoft-office33.mixture.ltd/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3d3dy1henVyZS1taWNyb3NvZnQtb2ZmaWNlMzMubWl4dHVyZS5sdGQiLCJkb21haW4iOiJ3d3ctYXp1cmUtbWljcm9zb2Z0LW9mZmljZTMzLm1peHR1cmUubHRkIiwia2V5IjoiTU1UOE8zRDlEeFVNIiwicXJjIjoid2FpbGVuZ0B0ZW1hc2VrLmNvbS5zZyIsImlhdCI6MTY4MTQ2OTU1NywiZXhwIjoxNjgxNDY5ODU3fQ.jU1eWl2tG6uTocwqAk7NN9m6I3avRjkQ-iknOQ3qq6c HTTP 302
    https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui Page URL
  4. https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://r3doag.2f.esfap.edu.pe/?url=. HTTP 302
  • https://ventisca.cl/api/includes HTTP 301
  • https://ventisca.cl/api/includes/
Request Chain 2
  • https://relay.towneleypaints.com/?eocv&qrc=waileng@temasek.com.sg HTTP 302
  • https://www-azure-microsoft-office33.mixture.ltd/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3d3dy1henVyZS1taWNyb3NvZnQtb2ZmaWNlMzMubWl4dHVyZS5sdGQiLCJkb21haW4iOiJ3d3ctYXp1cmUtbWljcm9zb2Z0LW9mZmljZTMzLm1peHR1cmUubHRkIiwia2V5IjoiTU1UOE8zRDlEeFVNIiwicXJjIjoid2FpbGVuZ0B0ZW1hc2VrLmNvbS5zZyIsImlhdCI6MTY4MTQ2OTU1NywiZXhwIjoxNjgxNDY5ODU3fQ.jU1eWl2tG6uTocwqAk7NN9m6I3avRjkQ-iknOQ3qq6c HTTP 302
  • https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
r3doag.esfap.edu.pe/ 		158 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r3doag.esfap.edu.pe/?url=https%3A%2F%2FR3dOAG.2f.esfap.edu.pe%3Furl%3D.%23waileng%40temasek.com.sg&sig=PkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRPkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRQSGae4y1zLdLbUpXVK0MOUWSXfjVaLPzgYC0CUzWlToWLFbrRPN2AyzI7jkzfWjlZeWIMRNReWxLrl9NhPhtsCsCz29vQFgQ6DgH-2Bpbso8xxmYU27HQYAMNRbUwZPbooLI0lsGbfQhp9cGCaKkF6tO35dTXof9rWrVY1Iw8cAPh-2BC3JsYD2FpSjhmtuq7IDQaOjzwVJeCXbU-2FxJFpO44kw-3D-3Dik89_cisED4Jwra-2BuqhwGAmCxxrFt-2FOsqFtgrenSprbixFZnToue2C0G-2FCoeF5x-2Fm21uCs4kT1jPlu6PeDxf-2FN29-2FGiAdMtpZIVERdtKfl72Bsj0GXm0EebMqHqH-2BuMtFUrGAM9kTos2WhLSGl3u2EJb4jMNW6r27ZQztcQrxlQLcFQjyVc3S4nK8iWNA18UKrvx1dWVS9fNt7sG1qONKXIQvlKw8LGIULdc-2BuN35ihEuOx13cwyGj-2FsY4YmKDoK59-2BwGgeJa7JwfsvWizXjWJZHu7Ik53kCDNtsMY7Q8Suh2N-2FrmcXr-2Fg-2BoUQAR87uXDtnvlGrTkdWClsqaqqGxGuuSfURRQeFJOFtwK-2BDFF9ZHFzsyWZ-2BFs1x0mUQlRzLJOTZ-2FoQWyUexzjXgdgidkdBj1neWsgvz9nrlPQHq33958eloU-3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.140.69.216 , United States, ASN399250 (NAMEHERO-KCDC, US),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
136
content-type
text/html; charset=UTF-8
date
Fri, 14 Apr 2023 10:52:33 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
/
ventisca.cl/api/includes/
Redirect Chain
  • https://r3doag.2f.esfap.edu.pe/?url=.
  • https://ventisca.cl/api/includes
  • https://ventisca.cl/api/includes/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ventisca.cl/api/includes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.116.165 , Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
blue125.dnsmisitio.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://r3doag.esfap.edu.pe/?url=https%3A%2F%2FR3dOAG.2f.esfap.edu.pe%3Furl%3D.%23waileng%40temasek.com.sg&sig=PkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRPkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRQSGae4y1zLdLbUpXVK0MOUWSXfjVaLPzgYC0CUzWlToWLFbrRPN2AyzI7jkzfWjlZeWIMRNReWxLrl9NhPhtsCsCz29vQFgQ6DgH-2Bpbso8xxmYU27HQYAMNRbUwZPbooLI0lsGbfQhp9cGCaKkF6tO35dTXof9rWrVY1Iw8cAPh-2BC3JsYD2FpSjhmtuq7IDQaOjzwVJeCXbU-2FxJFpO44kw-3D-3Dik89_cisED4Jwra-2BuqhwGAmCxxrFt-2FOsqFtgrenSprbixFZnToue2C0G-2FCoeF5x-2Fm21uCs4kT1jPlu6PeDxf-2FN29-2FGiAdMtpZIVERdtKfl72Bsj0GXm0EebMqHqH-2BuMtFUrGAM9kTos2WhLSGl3u2EJb4jMNW6r27ZQztcQrxlQLcFQjyVc3S4nK8iWNA18UKrvx1dWVS9fNt7sG1qONKXIQvlKw8LGIULdc-2BuN35ihEuOx13cwyGj-2FsY4YmKDoK59-2BwGgeJa7JwfsvWizXjWJZHu7Ik53kCDNtsMY7Q8Suh2N-2FrmcXr-2Fg-2BoUQAR87uXDtnvlGrTkdWClsqaqqGxGuuSfURRQeFJOFtwK-2BDFF9ZHFzsyWZ-2BFs1x0mUQlRzLJOTZ-2FoQWyUexzjXgdgidkdBj1neWsgvz9nrlPQHq33958eloU-3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=604800, must-revalidate
content-encoding
gzip
content-type
text/html
date
Fri, 14 Apr 2023 10:52:36 GMT
etag
"474b10b-cb1-5f93b493a5280-gzip"
expires
Fri, 14 Apr 2023 10:52:36 GMT
last-modified
Thu, 13 Apr 2023 17:45:10 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
max-age=0
content-length
241
content-type
text/html; charset=iso-8859-1
date
Fri, 14 Apr 2023 10:52:36 GMT
expires
Fri, 14 Apr 2023 10:52:36 GMT
location
https://ventisca.cl/api/includes/
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
cwvjqtkbg
www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/
Redirect Chain
  • https://relay.towneleypaints.com/?eocv&qrc=waileng@temasek.com.sg
  • https://www-azure-microsoft-office33.mixture.ltd/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3d3dy1henVyZS1taWNyb3NvZnQtb2ZmaWNlMzMubWl4dHVyZS5sdGQiLCJkb21haW4iOiJ3d3ctYXp1cmUtb...
  • https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=...
153 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui
Requested by
Host: r3doag.esfap.edu.pe
URL: https://r3doag.esfap.edu.pe/?url=https%3A%2F%2FR3dOAG.2f.esfap.edu.pe%3Furl%3D.%23waileng%40temasek.com.sg&sig=PkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRPkoY7Q9GJRTQIkAUpk1mKK9LwFSW34wtBqC8Vu2UUTiy0JcFVFH8KTfMYtSl5xlCbM6EwYfg9ZCCZ30YTfxKJPx8TLTNVXTFaWGkkkT26hrhHQHzs2LMCszjTwZAHHEY5OcsusNZGY3JjnpaAFjdheZW6Q6P9vkFWvohlTsqyNxBJO5A4OP1wFFSWXoG1PuMYnb6hIOtBiInKh5GTM8p49KHwyqavK92DipQSliAVhu0hDFDUT8AWHDUXUMEOX9BZWSqsKuGyGBWn0i0wPzcNg6U2AzVG4w0leLWvhd2vCK59J5c9gCcxbJyHTcJHwEyOyKInlfuM9TXYnlkurV3uixoHd0kbvILSd862eROj0eqR8LAWzI2c8f60wP792epNtUbR3J0m7UEGNNoEjv02CYLsZbEow2aAKntwCzGjI1rcju1FBBZKoUzYN2X3jEzY9Culn4Wweem27Z1LxpqA6DUZXgAuiD9MeA1GyBCeFXILYGq1AsNZoH64WeugfgoKbEtpehPkeDNnbjVK7aMsKTOO1uRcfj4UuF7rhG4xwg4p4fKGDxvi4RAjwLNwpWxP00bBQgJM0LW2AN7EwgWF5VQAMuSKfHFlbyVcsgMnvoZlYnXWrZzAJ6FerRjYQrpyc1uR44HCJIWPtrJeF6uOGu4rg12rbibieiZl8NqAqoS2HurukO4kmX7SIvnyS1OdlNeqBHtQzeLvahgvnNDuqDoA01yeOtr76RyGCHLSeUKzwXSDJk6E2NL8j0VrV5Z1oHdbOYf5PfU3oL4Fd5WtG6DdXeaNN4beCHUEe74gbtCyre2pxWBx2ID9NXEA3XefFOUORaE4ijITZ6EoUiVycbjyzgtZCeGFDGfuoCMC43ziRB3FihJAnkgH9YIoepR0gbwMdte2oT3VlRLrLxMPoBcweThsfWAR9YOJmvZMZvZZ77Sci7BhdEiUcxYh5UwzHFa8uQX50ksmlBr6nmRQSGae4y1zLdLbUpXVK0MOUWSXfjVaLPzgYC0CUzWlToWLFbrRPN2AyzI7jkzfWjlZeWIMRNReWxLrl9NhPhtsCsCz29vQFgQ6DgH-2Bpbso8xxmYU27HQYAMNRbUwZPbooLI0lsGbfQhp9cGCaKkF6tO35dTXof9rWrVY1Iw8cAPh-2BC3JsYD2FpSjhmtuq7IDQaOjzwVJeCXbU-2FxJFpO44kw-3D-3Dik89_cisED4Jwra-2BuqhwGAmCxxrFt-2FOsqFtgrenSprbixFZnToue2C0G-2FCoeF5x-2Fm21uCs4kT1jPlu6PeDxf-2FN29-2FGiAdMtpZIVERdtKfl72Bsj0GXm0EebMqHqH-2BuMtFUrGAM9kTos2WhLSGl3u2EJb4jMNW6r27ZQztcQrxlQLcFQjyVc3S4nK8iWNA18UKrvx1dWVS9fNt7sG1qONKXIQvlKw8LGIULdc-2BuN35ihEuOx13cwyGj-2FsY4YmKDoK59-2BwGgeJa7JwfsvWizXjWJZHu7Ik53kCDNtsMY7Q8Suh2N-2FrmcXr-2Fg-2BoUQAR87uXDtnvlGrTkdWClsqaqqGxGuuSfURRQeFJOFtwK-2BDFF9ZHFzsyWZ-2BFs1x0mUQlRzLJOTZ-2FoQWyUexzjXgdgidkdBj1neWsgvz9nrlPQHq33958eloU-3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.214.24.34 , United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
/
Resource Hash
bba93b91bece5b3351f8fc92a61f73a19d7b01a3aa48269256959eee978bc36e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ventisca.cl/api/includes/#waileng@temasek.com.sg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Apr 2023 10:52:37 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
157102
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14939.4 - NEULR2 ProdSlices
x-ms-request-id
19414aa3-a2ff-46d4-813e-bf5214f20e01

Redirect headers

Connection
keep-alive
Date
Fri, 14 Apr 2023 10:52:37 GMT
Keep-Alive
timeout=5
Transfer-Encoding
chunked
location
/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui
Primary Request cwvjqtkbg
www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/ 		46 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui&sso_reload=true
Requested by
Host: www-azure-microsoft-office33.mixture.ltd
URL: https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.214.24.34 , United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www-azure-microsoft-office33.mixture.ltd/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=yckngpi%40vgocugm.eqo.ui
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Apr 2023 10:52:39 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msftauth.net>; rel=dns-prefetch, <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
209535
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.15049.5 - NEULR1 ProdSlices
x-ms-request-id
54ca3bd3-93b5-4d40-a4ab-052f21ce0900

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

9 Cookies

Domain/Path Name / Value
relay.towneleypaints.com/ Name: qPdM
Value: MMT8O3D9DxUM
relay.towneleypaints.com/ Name: qPdM.sig
Value: ZtsLNs3rmJFkhKoS91Lqtw_ZBR4
www-azure-microsoft-office33.mixture.ltd/ Name: qPdM
Value: MMT8O3D9DxUM
www-azure-microsoft-office33.mixture.ltd/ Name: qPdM.sig
Value: ZtsLNs3rmJFkhKoS91Lqtw_ZBR4
www-azure-microsoft-office33.mixture.ltd/ Name: fpc
Value: AgIZMfRze_tDpDIToGjWPOk
www-azure-microsoft-office33.mixture.ltd/ Name: x-ms-gateway-slice
Value: estsfd
www-azure-microsoft-office33.mixture.ltd/ Name: stsservicecookie
Value: estsfd
.www-azure-microsoft-office33.mixture.ltd/ Name: AADSSO
Value: NA|NoExtension
www-azure-microsoft-office33.mixture.ltd/ Name: SSOCOOKIEPULLED
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

r3doag.2f.esfap.edu.pe
r3doag.esfap.edu.pe
relay.towneleypaints.com
ventisca.cl
www-azure-microsoft-office33.mixture.ltd
165.140.69.216
186.64.116.165
95.214.24.34
bba93b91bece5b3351f8fc92a61f73a19d7b01a3aa48269256959eee978bc36e