navtikaceneje.top Open in urlscan Pro
185.222.203.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Submission: On April 08 via automatic, source openphish (April 8th 2019, 4:10:33 am UTC)

Summary HTTP 87 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 87 HTTP transactions. The main IP is 185.222.203.10, located in and belongs to UVL2-ASN, UA. The main domain is navtikaceneje.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 5th 2019. Valid for: 3 months.

This is the only time navtikaceneje.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	185.222.203.10 185.222.203.10	204725 (UVL2-ASN) (UVL2-ASN)
7	2a02:26f0:eb:... 2a02:26f0:eb:399::753	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2603:1020:0:7... 2603:1020:0:7::19c	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	2603:1026:4:7... 2603:1026:4:77::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	20.190.129.160 20.190.129.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	20.190.129.161 20.190.129.161	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a02:26f0:eb:... 2a02:26f0:eb:3ad::b34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.114.128.43 52.114.128.43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2603:1046:403::2 2603:1046:403::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	2620:1ec:21::11 2620:1ec:21::11	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
8	2620:1ec:c::11 2620:1ec:c::11	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2603:1026:300... 2603:1026:300:15::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	13.107.6.163 13.107.6.163	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2603:1026:4:1... 2603:1026:4:15::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2603:1026:c02... 2603:1026:c02:3040::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
87	15

45 185.222.203.10 (None, )

ASN204725 (UVL2-ASN, UA)

navtikaceneje.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:eb:399::753 (European Union)

ASN20940 (AKAMAI-ASN1, US)

r1.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r4.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1020:0:7::19c (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

webshell.suite.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:4:77::2 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

outlook.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.129.160 (Falls Church, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.129.161 (Falls Church, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

account.activedirectory.windowsazure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3ad::b34 (European Union)

ASN20940 (AKAMAI-ASN1, US)

res.delve.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.114.128.43 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1046:403::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::11 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

afd-a-acdc-direct.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c::11 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

afd-k-acdc-direct.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
outlook.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1026:300:15::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.6.163 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

fpc.msedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1026:4:15::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

acdc-direct.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1026:c02:3040::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

acdc-direct.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	navtikaceneje.top navtikaceneje.top	4 MB
20	office.com webshell.suite.office.com res.delve.office.com afd-a-acdc-direct.office.com afd-k-acdc-direct.office.com acdc-direct.office.com outlook.office.com	549 KB
8	office365.com 1 redirects r1.res.office365.com outlook.office365.com r4.res.office365.com	218 KB
4	footprintdns.com 1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com 7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com	2 KB
3	microsoft.com browser.pipe.aria.microsoft.com	1 KB
2	msedge.net fpc.msedge.net	358 B
2	windowsazure.com account.activedirectory.windowsazure.com	3 KB
1	microsoftonline.com login.microsoftonline.com
0	webtrends.com Failed m.webtrends.com Failed
87	9

	Domain	Requested by
45	navtikaceneje.top	navtikaceneje.top
6	r1.res.office365.com	navtikaceneje.top r1.res.office365.com
4	outlook.office.com	r4.res.office365.com
4	acdc-direct.office.com	r4.res.office365.com
4	afd-k-acdc-direct.office.com	r4.res.office365.com
4	afd-a-acdc-direct.office.com	r4.res.office365.com
3	browser.pipe.aria.microsoft.com	r1.res.office365.com
3	webshell.suite.office.com	r1.res.office365.com navtikaceneje.top
2	fpc.msedge.net	r4.res.office365.com
2	7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com	r4.res.office365.com
2	1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com	r4.res.office365.com
2	account.activedirectory.windowsazure.com	navtikaceneje.top
1	r4.res.office365.com	r1.res.office365.com
1	res.delve.office.com	navtikaceneje.top
1	login.microsoftonline.com	navtikaceneje.top
1	outlook.office365.com	1 redirects
0	m.webtrends.com Failed	navtikaceneje.top
87	17

This site contains links to these domains. Also see Links.

Domain
www.office.com
g.microsoftonline.com
answers.microsoft.com
go.microsoft.com
portal.office.com
csustudentnet-my.sharepoint.com
login.microsoftonline.com

Subject Issuer	Validity	Valid
navtikaceneje.top Let's Encrypt Authority X3	`2019-04-05` - `2019-07-04`	3 months	crt.sh
*.res.outlook.com Microsoft IT TLS CA 5	`2017-11-27` - `2019-11-27`	2 years	crt.sh
webshell.suite.office.com Microsoft IT TLS CA 4	`2018-08-20` - `2020-08-20`	2 years	crt.sh
stamp2.login.microsoftonline.com Microsoft IT TLS CA 1	`2018-09-24` - `2020-09-24`	2 years	crt.sh
account.activedirectory.windowsazure.com Microsoft IT TLS CA 2	`2019-03-19` - `2021-03-19`	2 years	crt.sh
*.delve.office.com Microsoft IT TLS CA 2	`2017-11-17` - `2019-11-17`	2 years	crt.sh
*.events.data.microsoft.com Microsoft IT TLS CA 2	`2017-11-07` - `2019-11-07`	2 years	crt.sh
outlook.com DigiCert Cloud Services CA-1	`2018-11-18` - `2020-11-18`	2 years	crt.sh
Outlook.live.com DigiCert Cloud Services CA-1	`2018-10-02` - `2020-10-02`	2 years	crt.sh
Outlook.office.com DigiCert Cloud Services CA-1	`2018-09-19` - `2020-09-19`	2 years	crt.sh
*.msedge.net Microsoft IT TLS CA 4	`2018-12-13` - `2020-12-13`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Frame ID: C681E9001B28A947D71EDEDB395535B5
Requests: 80 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=a63bb590-9d02-4ef8-982d-08a9b1e8f1c2&protectedtoken=true&prompt=none&login_hint=TEGrimes%40csustudent.net&nonce=636902934167827964.0f61b364-de17-4afa-a142-0f4b186e3da7&state=xU7BboMwFIPuW-gNCiQK5VBNk7ruMlVdu56nBzyWAAk0eXTdPnVfsxz7B5NsS7ZsyWEQBA-eC88w9RIUgokyzUvGM1Gs86IUPElbkVVM8LjBrIg5tBBDxvM4bXmVrQWyBorQb38Xq_ELVqdZEZ7QXlWNBzvevhNw0-3R3cVnh3YPGjfvzy9WaXQRT2s3O5obNJQYpOV9_Yg0W3O2w0YSTS5iT1G-8zBwJdVDjQY7TGicfHaUwwSdu1wyXYH3ZPef7gDjAE3nrbZIP0gqkaQjttMgm7dpkFtzeIWIbWuJ2Cv66MH4Sx1UakjqUS_tfz_4Aw
Frame ID: DE46C39153FD369E7EF8F39F82DD75CC
Requests: 1 HTTP requests in this frame

Frame: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy.htm
Frame ID: FFBCCB9B38066CC89B44873AD468C7B5
Requests: 2 HTTP requests in this frame

Frame: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/TokenFactoryIframe_003.htm
Frame ID: 9544170E62B0FAD2AEFEFBC0DC683464
Requests: 1 HTTP requests in this frame

Frame: https://account.activedirectory.windowsazure.com/1.0.0.2652/Firefox/en-US/css/O365NavbarStyleOverrides.css
Frame ID: ECA986E04E7FECB82E0B0A5143C50D87
Requests: 1 HTTP requests in this frame

Frame: https://account.activedirectory.windowsazure.com/1.0.0.2652/Firefox/en-US/css/ChangePassword.css
Frame ID: E8F78DA01E4091AA9892D8F4BEEF2412
Requests: 1 HTTP requests in this frame

Frame: https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Fnavtikaceneje.top&shsid=5e241db2-6055-4aa5-a1ef-fd2b1f41e7fb&cshver=16.00.2984.000&apiver=g2
Frame ID: 1C5693FF090114E4AC56C5A597AC71B3
Requests: 1 HTTP requests in this frame

Frame: https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Fnavtikaceneje.top&shsid=5e241db2-6055-4aa5-a1ef-fd2b1f41e7fb&cshver=16.00.2984.000&apiver=g2
Frame ID: 9EE3CDED6B8BA309496D0E30899101DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Webtrends (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^(?:WTOptimize|WebTrends)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

87
Requests

97 %
HTTPS

67 %
IPv6

9
Domains

17
Subdomains

15
IPs

3
Countries

4469 kB
Transfer

5465 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.office.com/?auth=2&home=1&username=TEGrimes%40csustudent.net&from=ShellLogo
Title: Office 365

Search URL Search Domain Scan URL

URL: https://g.microsoftonline.com/0AX00en/111
Title: Help

Search URL Search Domain Scan URL

URL: https://answers.microsoft.com/en-US/msoffice
Title: Community

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkId=2083423
Title: Legal

Search URL Search Domain Scan URL

URL: https://portal.office.com/account/#security
Title: Privacy & cookies

Search URL Search Domain Scan URL

URL: https://csustudentnet-my.sharepoint.com/person.aspx
Title: My profile

Search URL Search Domain Scan URL

URL: https://portal.office.com/account/
Title: My account

Search URL Search Domain Scan URL

URL: https://login.microsoftonline.com/logout.srf?ct=1554367812&rver=64.4.6456.0&lc=1033&id=501392
Title: Sign out

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://outlook.office365.com/owa/SuiteServiceProxy.aspx?suiteServiceUserName=TEGrimes%40csustudent.net&suiteServiceReturnUrl=https%3A%2F%2Fnavtikaceneje.top%2FRhlpajsqq1mba%2FtrNgsPaoladj%2Fmretzeti.htm%3FmahdQplhDnPLa%3Dcheekit_kan%40jabil.com&returnUrl=https%3A%2F%2Fnavtikaceneje.top%2FRhlpajsqq1mba%2FtrNgsPaoladj%2Fmretzeti.htm%3FmahdQplhDnPLa%3Dcheekit_kan%40jabil.com HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=a63bb590-9d02-4ef8-982d-08a9b1e8f1c2&protectedtoken=true&prompt=none&login_hint=TEGrimes%40csustudent.net&nonce=636902934167827964.0f61b364-de17-4afa-a142-0f4b186e3da7&state=xU7BboMwFIPuW-gNCiQK5VBNk7ruMlVdu56nBzyWAAk0eXTdPnVfsxz7B5NsS7ZsyWEQBA-eC88w9RIUgokyzUvGM1Gs86IUPElbkVVM8LjBrIg5tBBDxvM4bXmVrQWyBorQb38Xq_ELVqdZEZ7QXlWNBzvevhNw0-3R3cVnh3YPGjfvzy9WaXQRT2s3O5obNJQYpOV9_Yg0W3O2w0YSTS5iT1G-8zBwJdVDjQY7TGicfHaUwwSdu1wyXYH3ZPef7gDjAE3nrbZIP0gqkaQjttMgm7dpkFtzeIWIbWuJ2Cv66MH4Sx1UakjqUS_tfz_4Aw

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request mretzeti.htm Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/ 165 KB
165 KB 430ms
120ms Document
text/html 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 78b52aeb330ef431f5aa3b3e66e2aaaec9114f8e5262d4658b23d949df323cc1

Request headers

Host: navtikaceneje.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:12 GMT
Server: Apache
Last-Modified: Sun, 07 Apr 2019 23:39:04 GMT
Accept-Ranges: bytes
Content-Length: 168648
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK Shared.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 11 KB
12 KB 697ms
159ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/Shared.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 856e8dd8a62017d2a75f936d4debd4ddbff01ef0b1cd121e198518f7eac49693

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11747

GET
H/1.1 200
OK ClientLogService.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 2 KB
2 KB 695ms
158ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ClientLogService.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 93b93dd648568423bc33c306b0d8ecd172ec33ff2a6dab62f54ee7989f245d01

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1813

GET
H/1.1 200
OK PerformanceTracking.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 2 KB
3 KB 817ms
122ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/PerformanceTracking.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 9089c1e9c5c72904ccee0e18f28fb906dc5c6aa81400294e53c3e31777bd4d28

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2447

GET
H/1.1 200
OK XmlHttpRequestService.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 5 KB
5 KB 844ms
145ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/XmlHttpRequestService.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 849817652c53b867316192eb943de01d8e5cf7b92fe3b8b763bb426bf65d328e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4858

GET
H/1.1 200
OK AjaxService.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 19 KB
19 KB 845ms
145ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/AjaxService.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 8c697445929e3b83fcc693ca5df78834472f3d61c864a805ad43c9aa19813337

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19309

GET
H/1.1 200
OK MasterStyles.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 69 KB
70 KB 389ms
137ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/MasterStyles.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 3fdfb720bbb84271c095891ac92194d2f221fc0b2015e4b6890ef815ae697f62

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 71008

GET
H/1.1 200
OK WebResource.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 5 KB
6 KB 521ms
109ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/WebResource.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 64f69949f20639e8295c9425a4b81055503b3d6c30db88b89534675d8eaa43d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5396

GET
H/1.1 200
OK InactivityTimer.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 3 KB
3 KB 958ms
144ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/InactivityTimer.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: f1ac61946852907c2bbc85591af3ff674c2749805372f6526de7d37fd0f75a4e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3017

GET
H/1.1 200
OK shellbootstrapperg2css_2712f627.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 46 B
286 B 534ms
122ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellbootstrapperg2css_2712f627.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 54cdab7046aac6c817f330d46551671727f0f762b279d71af82876f3e4079cc2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 46

GET
H/1.1 200
OK shellg2coremincss_4b196d30.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 70 KB
70 KB 540ms
125ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellg2coremincss_4b196d30.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 1c58886c9c04ccb144ea6aa4182e73480af97cd0eeafec5136d1aac29ec1b392

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 71816

GET
H/1.1 200
OK shellg2corecss_a5132399.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 101 KB
101 KB 544ms
118ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellg2corecss_a5132399.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 4e1e68346eb54382fc22fb331d618f1418e91ef4d2e029a7129782340d01593a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 103383

GET
H/1.1 200
OK data.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 14 KB
14 KB 563ms
125ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/data.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 564edf44d911657385afd4a44bfc39106638b05af115dc07798dce326c2cd2ad

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13982

GET
H/1.1 200
OK shellg2pluscss_48140884.css
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 164 KB
164 KB 570ms
129ms Stylesheet
text/css 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellg2pluscss_48140884.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 13e330896fb75b2c0d65d842cc9e10809306957fc6eb390311460aa0d6f315cc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 167961

GET
H/1.1 200
OK profile_photo_picker_1_20180607_11_0_524e5613807382845262.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 490 KB
490 KB 959ms
142ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/profile_photo_picker_1_20180607_11_0_524e5613807382845262.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 9f238312f9f18b3367cfe22181aa3b542de5b65c1d325afec562662b97c77abd

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 501633

GET
H/1.1 200
OK o365shellarialogger_3cefa9b2.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 53 KB
53 KB 963ms
121ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/o365shellarialogger_3cefa9b2.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 0a57958dac14aea8ed09167919bdfcf06654870e44aca5b4a8eae2b1bc8ea4cf

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 53903

GET
H/1.1 200
OK fp.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 23 KB
23 KB 983ms
136ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/fp.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 9eca0cb6930de9987094bd6bba32cbc89adeb595fc3436caa91a43c1ff9b3ab2

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 23778

GET
H/1.1 200
OK WebResource_002.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 23 KB
23 KB 992ms
137ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/WebResource_002.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 23063

GET
H/1.1 200
OK MicrosoftAjaxCombined.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 221 KB
221 KB 994ms
139ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/MicrosoftAjaxCombined.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 5ea698b3ac0114a7f7a2c1ab35d3f8d15a3d86cf9820c159ddb80c739f77b623

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 226535

GET
H/1.1 200
OK TextBox.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 1 KB
2 KB 1014ms
139ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/TextBox.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 039c24e57d0db5f02aa6140f2e83c241eafdb532b5b2c28a9e7d8306947e8a12

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1299

GET
H/1.1 200
OK Button.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 6 KB
7 KB 1014ms
128ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/Button.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 75d27cda334c0f5f0273997386ebd0a0ed35a9f65ee0a1068b3c3d11886d90eb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6492

GET
H/1.1 200
OK PageLayout.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 2 KB
2 KB 1039ms
133ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/PageLayout.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 15d47c5862caa79572e75d0d96da6d79664ad03bab324b7b6649cf4981e08866

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:13 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1913

GET
H/1.1 200
OK Shell.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 1010 B
1 KB 1124ms
124ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/Shell.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 8a73c656d2293067e9eca459faf0ba98fac3494b517e9ed5471d05bdd8864038

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1010

GET
H/1.1 200
OK O365Branding.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 603 B
857 B 1136ms
123ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/O365Branding.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 1cff1172548fb1a52b5d3a9f8b2b41d5e05c706ab8970e322d4dce13c54658e1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 603

GET
H/1.1 200
OK jquery-1_12_2_min.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 95 KB
95 KB 1147ms
133ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/jquery-1_12_2_min.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 39f4c9dcb9e369b27edc6202f2b34db1f26abcde6910d6563544b0ddc255b9ec

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 97272

GET
H/1.1 200
OK JSPublicKey.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 804 B
1 KB 1196ms
158ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/JSPublicKey.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: e510a031ab62f376d97db2a501542daf03097edc2010e1fef5dc8a50fd8905c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 804

GET
H/1.1 200
OK PPRSAEnc.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 5 KB
5 KB 1251ms
128ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/PPRSAEnc.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 81261be300ded216f14a6556a792a6cc735db157de13bb0a6b6b9b842a45ac35

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4709

GET
H/1.1 200
OK shellbootstrapperg2_3d2cf9ac.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 6 KB
6 KB 1259ms
123ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellbootstrapperg2_3d2cf9ac.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 2225fabaa4e18a8fb2d51affccb6ad302ad9b16c9ac56e5a81d0ee467318adbf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6103

GET
H/1.1 200
OK PropertySheet.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 1 KB
2 KB 1345ms
149ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/PropertySheet.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: ae9cc7f752c37e63cad66c543bc6259e66c6bea809c3c81e5f2d6bef10aa1f3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1342

GET
H/1.1 200
OK ScriptResource.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 26 KB
27 KB 1384ms
130ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ScriptResource.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 26954

GET
H/1.1 200
OK DialogManager.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 39 KB
39 KB 1401ms
136ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/DialogManager.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: f7606dc08dc582ae5d4f6d2cf52ac0e04eec89d930a65a37a7eaa2a9bfe7ca7e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 40154

GET
H/1.1 200
OK sscompat.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 6 KB
6 KB 1471ms
125ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/sscompat.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: dca6768cc513f46d42e774f9d5aa69162f3da17fd5412ad6fd928df383eaa2fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5869

GET
H/1.1 200
OK ImageButton.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 1000 B
1 KB 1518ms
128ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ImageButton.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: da68948995a1651b2ce4f51d7e7cbab4d8638ece7f5fd22a4cc6f2e7b80ced4b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1000

GET
H/1.1 200
OK WebResource.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 3 KB
3 KB 1514ms
114ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/WebResource.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3005

GET
H/1.1 200
OK GetPersonaPhoto.gif
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 42 B
282 B 137ms
137ms Image
image/gif 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/GetPersonaPhoto.gif
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 42

GET
H/1.1 200
OK spinner_24x24.gif
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 738 B
979 B 143ms
143ms Image
image/gif 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/spinner_24x24.gif
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 2f932a46e57edd7e47818d28dd3e5f6e26ee473fb00a8b987e5f650b29957b82

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 738

GET
H/1.1 200
OK webcontrols.png
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 76 KB
76 KB 109ms
108ms Image
image/png 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/webcontrols.png
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 295b179d93907f6aa011418544cc7269afebf65769fe95260e0f5a6a40a27bae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:15 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 77792

GET
H/1.1 200
OK WebTrends.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 24 KB
24 KB 118ms
118ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/WebTrends.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 6e73e8dc11f64b0cc4e7a4ad3ddf7db7c0d71b68a1001e56ec203d7c01102081

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 24788

GET
H/1.1 200
OK shellcoreming2m_ab4c3b48.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 80 KB
80 KB 131ms
131ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellcoreming2m_ab4c3b48.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 7a274d9bd3ae20b936d4c820c3291398ddaa070885911f13de4c6e300fee984a

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 81778

GET
H/1.1 200
OK shellg2strings_99df9cde.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 33 KB
33 KB 114ms
113ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellg2strings_99df9cde.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: e7fa25bebb1437a60c673b8fda2f39b478074496b8416896fafe87a19b539dc7

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 33474

GET
H/1.1 200
OK shellcoreprimeg2m_ed9bfbb0.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 496 KB
496 KB 146ms
145ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellcoreprimeg2m_ed9bfbb0.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 05b8a2ad68472b5b9a24a12e9a69cee1a52cad188d7120e075f700f650a4afc6

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 507965

GET
H/1.1 200
OK shellplusg2m_43732df3.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ 1 MB
1 MB 135ms
135ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellplusg2m_43732df3.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 1351555fc32dd51504c515fedc96b0861ad52e2c59774dc703f95c91f5d4a6fc

Request headers

Pragma: no-cache
Origin: https://navtikaceneje.top
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:14 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 1164841

GET
H/1.1 200
OK shellg2coremincss_4b196d30.css
r1.res.office365.com/o365/versionless/ 70 KB
23 KB 305ms
28ms Stylesheet
text/css 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.res.office365.com/o365/versionless/shellg2coremincss_4b196d30.css
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellbootstrapperg2_3d2cf9ac.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 1c58886c9c04ccb144ea6aa4182e73480af97cd0eeafec5136d1aac29ec1b392

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 22:05:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 23470

GET
H/1.1 200
OK shellcoreming2m_ab4c3b48.js Show response
r1.res.office365.com/o365/versionless/ 80 KB
20 KB 296ms
19ms Script
application/x-javascript 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.res.office365.com/o365/versionless/shellcoreming2m_ab4c3b48.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellbootstrapperg2_3d2cf9ac.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 7a274d9bd3ae20b936d4c820c3291398ddaa070885911f13de4c6e300fee984a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Mar 2019 10:50:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 19835

GET
DATA 200
OK truncated
/ 13 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15b61c641afc5b9a02352e1a9a008b1225765bfa819e2aa262be875b2d4b06d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://navtikaceneje.top

Response headers

Content-Type: application/font-woff

GET wtid.js
m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/ 0
0

GET dcs.gif
m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/ 0
0

GET
H/1.1 200
OK shellg2strings_99df9cde.js Show response
r1.res.office365.com/o365/versionless/ 33 KB
6 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.res.office365.com/o365/versionless/shellg2strings_99df9cde.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellbootstrapperg2_3d2cf9ac.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: e7fa25bebb1437a60c673b8fda2f39b478074496b8416896fafe87a19b539dc7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jul 2018 03:13:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 6224

GET
H/1.1 200
OK shellg2corecss_a5132399.css
r1.res.office365.com/o365/versionless/ 101 KB
29 KB 49ms
47ms Stylesheet
text/css 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.res.office365.com/o365/versionless/shellg2corecss_a5132399.css
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/shellcoreming2m_ab4c3b48.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e1e68346eb54382fc22fb331d618f1418e91ef4d2e029a7129782340d01593a

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 22:05:38 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29607

GET
H/1.1 200
OK shellcoreprimeg2m_ed9bfbb0.js Show response
r1.res.office365.com/o365/versionless/ 496 KB
116 KB 26ms
24ms Script
application/x-javascript 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.res.office365.com/o365/versionless/shellcoreprimeg2m_ed9bfbb0.js
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/shellcoreming2m_ab4c3b48.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 05b8a2ad68472b5b9a24a12e9a69cee1a52cad188d7120e075f700f650a4afc6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Mar 2019 10:50:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 data.theme
webshell.suite.office.com/ 14 KB
3 KB 140ms
46ms Stylesheet
text/css 2603:1020:0:7::19c
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://webshell.suite.office.com/data.theme?action=tc&tc=0078D7%7C000000%7CFFFFFF%7CFFFFFF&tt=G2&tv=9b9d46d2-6328-4654-b9a5-7860b98e4485&l=en-US

Requested by

Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/shellcoreming2m_ab4c3b48.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1020:0:7::19c , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

564edf44d911657385afd4a44bfc39106638b05af115dc07798dce326c2cd2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=31536000, public
content-length: 2731
expires: Tue, 07 Apr 2020 04:10:15 GMT

GET
H/1.1

200
OK

Cookie set authorize
login.microsoftonline.com/common/oauth2/ Frame DE46
Redirect Chain

https://outlook.office365.com/owa/SuiteServiceProxy.aspx?suiteServiceUserName=TEGrimes%40csustudent.net&suiteServiceReturnUrl=https%3A%2F%2Fnavtikaceneje.top%2FRhlpajsqq1mba%2FtrNgsPaoladj%2Fmretze...
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...

0
0

1588ms
1470ms

Document
text/html

20.190.129.160
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=a63bb590-9d02-4ef8-982d-08a9b1e8f1c2&protectedtoken=true&prompt=none&login_hint=TEGrimes%40csustudent.net&nonce=636902934167827964.0f61b364-de17-4afa-a142-0f4b186e3da7&state=xU7BboMwFIPuW-gNCiQK5VBNk7ruMlVdu56nBzyWAAk0eXTdPnVfsxz7B5NsS7ZsyWEQBA-eC88w9RIUgokyzUvGM1Gs86IUPElbkVVM8LjBrIg5tBBDxvM4bXmVrQWyBorQb38Xq_ELVqdZEZ7QXlWNBzvevhNw0-3R3cVnh3YPGjfvzy9WaXQRT2s3O5obNJQYpOV9_Yg0W3O2w0YSTS5iT1G-8zBwJdVDjQY7TGicfHaUwwSdu1wyXYH3ZPef7gDjAE3nrbZIP0gqkaQjttMgm7dpkFtzeIWIbWuJ2Cv66MH4Sx1UakjqUS_tfz_4Aw

Requested by

Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellplusg2m_43732df3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.129.160 Falls Church, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: login.microsoftonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
x-ms-request-id: fe320565-c1c2-4e4b-9085-6a3136d31800
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: buid=AQABAAEAAADCoMpjJXrxTq9VG9te-7FX0IHpM0YYubePLFpQgkiJmpuuBszWxXUOAxgpRi3b2xZFrOMCb_a1o2QHbYKj5b77PkuEIz1dutysngjHy0EZZrZmBrsfIZInGWDV66uah1kgAA; expires=Wed, 08-May-2019 04:10:17 GMT; path=/; secure; HttpOnly fpc=AtrrlWKf-exItKofxLK-8C4-NjKRAQAAAKjAPNQOAAAA; expires=Wed, 08-May-2019 04:10:18 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAADCoMpjJXrxTq9VG9te-7FXCZw6LwqOMBZMtIH-zaf3U6b8wC49d4dEdeHbGyuWG0mD8YYb5RuZ637NrSlQF5k5oDJw5fMVhMrNE6R0jtVFPwO2rCEPN3PqcLrXJSXUQLlC9omhOiEJGaWRvBJBZb2v6HwIgL7_MlM9lKx4BXQykIuxsghAE7mzQu9VndQsxp0gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=prod; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Date: Mon, 08 Apr 2019 04:10:18 GMT
Content-Length: 888

Redirect headers

Content-Length: 962
Content-Type: text/html; charset=utf-8
Location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=a63bb590-9d02-4ef8-982d-08a9b1e8f1c2&protectedtoken=true&prompt=none&login_hint=TEGrimes%40csustudent.net&nonce=636902934167827964.0f61b364-de17-4afa-a142-0f4b186e3da7&state=xU7BboMwFIPuW-gNCiQK5VBNk7ruMlVdu56nBzyWAAk0eXTdPnVfsxz7B5NsS7ZsyWEQBA-eC88w9RIUgokyzUvGM1Gs86IUPElbkVVM8LjBrIg5tBBDxvM4bXmVrQWyBorQb38Xq_ELVqdZEZ7QXlWNBzvevhNw0-3R3cVnh3YPGjfvzy9WaXQRT2s3O5obNJQYpOV9_Yg0W3O2w0YSTS5iT1G-8zBwJdVDjQY7TGicfHaUwwSdu1wyXYH3ZPef7gDjAE3nrbZIP0gqkaQjttMgm7dpkFtzeIWIbWuJ2Cv66MH4Sx1UakjqUS_tfz_4Aw
Server: Microsoft-IIS/10.0
request-id: a63bb590-9d02-4ef8-982d-08a9b1e8f1c2
X-CalculatedBETarget: DB6PR06MB3992.eurprd06.prod.outlook.com
X-BackEndHttpStatus: 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: ClientId=B0054BD7D5EB482F884F75BBFB85B278; expires=Wed, 08-Apr-2020 04:10:16 GMT; path=/; secure ClientId=B0054BD7D5EB482F884F75BBFB85B278; expires=Wed, 08-Apr-2020 04:10:16 GMT; path=/; secure OIDC=1; expires=Tue, 08-Oct-2019 04:10:16 GMT; path=/; secure; HttpOnly OpenIdConnect.token.v1=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.token.v1=; domain=outlook.office365.com; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.id_token.v1=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.code.v1=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.idp_nonce.v1=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.idp_correlation_id=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.tokenPostPath=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.id_token.v1=; domain=outlook.office365.com; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.code.v1=; domain=outlook.office365.com; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.idp_nonce.v1=; domain=outlook.office365.com; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.idp_correlation_id=; domain=outlook.office365.com; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.tokenPostPath=; domain=outlook.office365.com; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OpenIdConnect.nonce.v3.GrkRf8JDSX8kjH3nCTdoovJxPQ-dUTatjpx3Z0_Nj7g=636902934167827964.0f61b364-de17-4afa-a142-0f4b186e3da7; expires=Mon, 08-Apr-2019 05:10:16 GMT; path=/; secure; HttpOnly HostSwitchPrg=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure OptInPrg=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure SuiteServiceProxyKey=; expires=Sat, 08-Apr-1989 04:10:16 GMT; path=/; secure
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS5
X-OWA-DiagnosticsInfo: 1;0;0
X-BackEnd-Begin: 2019-04-08T04:10:16.782
X-BackEnd-End: 2019-04-08T04:10:16.784
X-DiagInfo: DB6PR06MB3992
X-BEServer: DB6PR06MB3992
X-UA-Compatible: IE=EmulateIE7
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-FEServer: DB6PR0601CA0018
Date: Mon, 08 Apr 2019 04:10:16 GMT

GET
H/1.1 200
OK SuiteServiceProxy.htm Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ Frame FFBC 46 KB
46 KB 135ms
134ms Document
text/html 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy.htm
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 5175f5da7083464bd0739bcd332b21ac5e24aecb50b74e9c0925d70423605319

Request headers

Host: navtikaceneje.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Accept-Encoding: gzip, deflate, br
Cookie: WT_NVR=0=/:1=rhlpajsqq1mba:2=rhlpajsqq1mba/trngspaoladj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com

Response headers

Date: Mon, 08 Apr 2019 04:10:16 GMT
Server: Apache
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Accept-Ranges: bytes
Content-Length: 46834
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 404
Not Found TokenFactoryIframe_003.htm Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/ Frame 9544 385 B
585 B 134ms
133ms Document
text/html 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/TokenFactoryIframe_003.htm
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 3e5701af3a8a61efd8d3df189f8569a146d2250173c1f96b4d459676a70c9367

Request headers

Host: navtikaceneje.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Accept-Encoding: gzip, deflate, br
Cookie: WT_NVR=0=/:1=rhlpajsqq1mba:2=rhlpajsqq1mba/trngspaoladj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com

Response headers

Date: Mon, 08 Apr 2019 04:10:16 GMT
Server: Apache
Content-Length: 385
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK O365NavbarStyleOverrides.css
account.activedirectory.windowsazure.com/1.0.0.2652/Firefox/en-US/css/ Frame ECA9 322 B
1 KB 282ms
46ms Stylesheet
text/css 20.190.129.161
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.activedirectory.windowsazure.com/1.0.0.2652/Firefox/en-US/css/O365NavbarStyleOverrides.css

Requested by

Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/Shared.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.129.161 Falls Church, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

4598b2ffb98d047057df3bca4279b414541f1da5c2549102c1394c880d181a85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
x-ms-gateway-requestid: 3635c376-bb44-42d4-b69f-ac393154d7fd
Content-Length: 216
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
x-ms-session-id: 1a639841-a9c1-42cc-a6a3-618f292bdaf5
Last-Modified: Wed, 27 Mar 2019 01:01:31 GMT
Date: Mon, 08 Apr 2019 04:10:16 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: public, max-age=31536000
x-server: NEU
Content-Security-Policy: frame-ancestors 'self';
x-ms-correlation-id: 23816272-d61b-45ef-94da-25e5fbd7cb79

GET
H/1.1 200
OK ChangePassword.css
account.activedirectory.windowsazure.com/1.0.0.2652/Firefox/en-US/css/ Frame E8F7 2 KB
2 KB 286ms
58ms Stylesheet
text/css 20.190.129.161
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.activedirectory.windowsazure.com/1.0.0.2652/Firefox/en-US/css/ChangePassword.css

Requested by

Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/Shared.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.129.161 Falls Church, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

f291f9b4f1948542401f533a5ac8ce05807cfb1c3bc80f88ed3b8c5f8ba00d41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
x-ms-gateway-requestid: ae770c22-933a-4ce4-98a1-3ea87db64086
Content-Length: 856
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
x-ms-session-id: 6a7fa1f7-2dc1-4e31-9e97-d2387cb80b65
Last-Modified: Wed, 27 Mar 2019 00:39:02 GMT
Date: Mon, 08 Apr 2019 04:10:16 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: public, max-age=31536000
x-server: NEU
Content-Security-Policy: frame-ancestors 'self';
x-ms-correlation-id: 9427c0b2-25da-46bf-8cf7-297fbcca0d18

GET
H2 200 TokenFactoryIframe
webshell.suite.office.com/iframe/ Frame 1C56 0
0 41ms
40ms Document
text/html 2603:1020:0:7::19c
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Fnavtikaceneje.top&shsid=5e241db2-6055-4aa5-a1ef-fd2b1f41e7fb&cshver=16.00.2984.000&apiver=g2

Requested by

Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellplusg2m_43732df3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1020:0:7::19c , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src ; script-src https://r1.res.office365.com 'nonce-PfHhj3MkdkD4ktevy4vCcPf7hCAJzQWgH2Yjbc3PBH0=' 'unsafe-inline'; connect-src
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: webshell.suite.office.com
:scheme: https
:path: /iframe/TokenFactoryIframe?origin=https%3A%2F%2Fnavtikaceneje.top&shsid=5e241db2-6055-4aa5-a1ef-fd2b1f41e7fb&cshver=16.00.2984.000&apiver=g2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com

Response headers

status: 200
cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
x-aspnetmvc-version: 5.2
content-security-policy: default-src 'none'; frame-src *; script-src https://r1.res.office365.com 'nonce-PfHhj3MkdkD4ktevy4vCcPf7hCAJzQWgH2Yjbc3PBH0=' 'unsafe-inline'; connect-src *
x-o365suiteuxshell-correlationid: 56b93433-27d5-4418-89a5-549c58f0ff8d
set-cookie: s.SessID=05da4f8f-d44b-4e31-b617-a0b1aaea0287; path=/; secure; HttpOnly
x-powered-by: ASP.NET
date: Mon, 08 Apr 2019 04:10:15 GMT
content-length: 1088

GET
H/1.1 200
OK profile_photo_picker_1_20180607_11_0_524e5613807382845262.js Show response
res.delve.office.com/lpc/versionless/ 490 KB
139 KB 71ms
24ms Script
application/x-javascript 2a02:26f0:eb:3ad::b34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.delve.office.com/lpc/versionless/profile_photo_picker_1_20180607_11_0_524e5613807382845262.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellplusg2m_43732df3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:3ad::b34 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 9f238312f9f18b3367cfe22181aa3b542de5b65c1d325afec562662b97c77abd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jun 2018 00:12:59 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 142160

GET
H/1.1 200
OK o365shellarialogger_3cefa9b2.js Show response
r1.res.office365.com/o365/versionless/ 53 KB
14 KB 13ms
11ms Script
application/x-javascript 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.res.office365.com/o365/versionless/o365shellarialogger_3cefa9b2.js
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/shellcoreming2m_ab4c3b48.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 0a57958dac14aea8ed09167919bdfcf06654870e44aca5b4a8eae2b1bc8ea4cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Aug 2018 19:09:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=630720000, s-maxage=630720000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13607

GET
H2 200 fp.js Show response
r4.res.office365.com/footprint/v2.7/scripts/ 23 KB
6 KB 78ms
25ms Script
application/x-javascript 2a02:26f0:eb:399::753
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/shellcoreming2m_ab4c3b48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:399::753 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 9eca0cb6930de9987094bd6bba32cbc89adeb595fc3436caa91a43c1ff9b3ab2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:16 GMT
content-encoding: gzip
last-modified: Thu, 29 Nov 2018 21:59:33 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public,max-age=86400, s-maxage=86400
accept-ranges: bytes
timing-allow-origin: *
content-length: 6249

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 601ms
131ms XHR
application/json 52.114.128.43
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/o365shellarialogger_3cefa9b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.43 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:16 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 544
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H/1.1 200
OK suiteserviceproxyiframe_4c7aae4f.js Show response
navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy_data/ Frame FFBC 161 KB
161 KB 123ms
122ms Script
application/javascript 185.222.203.10
UVL2-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy_data/suiteserviceproxyiframe_4c7aae4f.js
Requested by: Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.222.203.10 -, , ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software: Apache /
Resource Hash: 7d032be3610f00241ebb04f5a8fa43cf43bf04e8245a3b704701624cc41593cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: navtikaceneje.top
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy.htm
Cookie: WT_NVR=0=/:1=rhlpajsqq1mba:2=rhlpajsqq1mba/trngspaoladj
Connection: keep-alive
Cache-Control: no-cache
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/SuiteServiceProxy.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:16 GMT
Last-Modified: Thu, 04 Apr 2019 20:54:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 164822

GET
H/1.1 200
OK trans.gif Show response
1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com/apc/ 43 B
550 B 1230ms
243ms XHR
image/gif 2603:1046:403::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com/apc/trans.gif?160bc7f11f6fbc90c48257ac04a01bbe
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1046:403::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:18 GMT
X-MachineName: TY1PR01CA0199
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: HND
Accept-Ranges: bytes
Expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
396 B 131ms
130ms XHR
application/json 52.114.128.43
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/o365shellarialogger_3cefa9b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.43 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:18 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 72
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H/1.1 200
OK trans.gif Show response
1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com/apc/ 43 B
550 B 248ms
244ms XHR
image/gif 2603:1046:403::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com/apc/trans.gif?fc3d5273aa164d19540c03156ca89d14
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1046:403::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:18 GMT
X-MachineName: TY1PR01CA0199
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: HND
Accept-Ranges: bytes
Expires: -1

GET
H2 200 trans.gif Show response
afd-a-acdc-direct.office.com/apc/ 43 B
482 B 197ms
20ms XHR
image/gif 2620:1ec:21::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://afd-a-acdc-direct.office.com/apc/trans.gif?9d03f4f02e2a099bbcc6cef925bb017b
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:21::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:18 GMT
x-machinename: VI1PR0202CA0015
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: 8B48FD64A20D47A9A1C42D08A5EEB01E Ref B: VIEEDGE0611 Ref C: 2019-04-08T04:10:19Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 trans.gif Show response
afd-a-acdc-direct.office.com/apc/ 43 B
208 B 27ms
26ms XHR
image/gif 2620:1ec:21::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://afd-a-acdc-direct.office.com/apc/trans.gif?2b5c95d20853f2ef5a77c45763557112
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:21::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:18 GMT
x-machinename: VI1PR08CA0157
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Tue, 01 May 2018 19:14:58 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: AF057A88BC0A412090A9BD47AC80E69C Ref B: VIEEDGE0611 Ref C: 2019-04-08T04:10:19Z
etag: "1D3E180B1DD2500"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 trans.gif Show response
afd-k-acdc-direct.office.com/apc/ 43 B
481 B 128ms
27ms XHR
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://afd-k-acdc-direct.office.com/apc/trans.gif?fc5e307f42e0bf67995c47d518306715
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:19 GMT
x-machinename: VI1PR0501CA0001
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: B154C1202E314AC0B40629827FA085F5 Ref B: VIEEDGE0608 Ref C: 2019-04-08T04:10:19Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H/1.1 200
OK trans.gif Show response
7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com/apc/ 43 B
552 B 590ms
14ms XHR
image/gif 2603:1026:300:15::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com/apc/trans.gif?0dd247c34a318674315fa5fe55e1de24
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1026:300:15::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:19 GMT
X-MachineName: VI1PR0101CA0081
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: VIE
Accept-Ranges: bytes
Expires: -1

GET
H2 200 trans.gif Show response
afd-k-acdc-direct.office.com/apc/ 43 B
170 B 37ms
30ms XHR
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://afd-k-acdc-direct.office.com/apc/trans.gif?fe45fd2c5477c0750a27df6f62ca4ccd
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:19 GMT
x-machinename: VI1PR06CA0183
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: C813C2DC017E4E3EB949E110F700AC41 Ref B: VIEEDGE0608 Ref C: 2019-04-08T04:10:19Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 trans.gif
afd-a-acdc-direct.office.com/apc/ 43 B
481 B 59ms
22ms Image
image/gif 2620:1ec:21::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afd-a-acdc-direct.office.com/apc/trans.gif?523103247c081a2ff78340c6158459ad
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:21::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:19 GMT
x-machinename: VI1PR06CA0110
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: 069A49C70BC44CC2AD810BE0871923F7 Ref B: VIEEDGE0310 Ref C: 2019-04-08T04:10:19Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 100k.gif
afd-a-acdc-direct.office.com/apc/ 100 KB
101 KB 22ms
21ms Image
image/gif 2620:1ec:21::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afd-a-acdc-direct.office.com/apc/100k.gif?467c79ce3203005df08f32c897c2c585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:21::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d1dd07bfb530b2c90fc3682cb3812dcc27f00f96f2f377b3806f2eaf8a3af40

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:19 GMT
x-machinename: VI1PR08CA0137
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 102766
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Thu, 07 Mar 2019 13:04:10 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: 4393FE5C4E2348B59D8DCCDF16637F57 Ref B: VIEEDGE0310 Ref C: 2019-04-08T04:10:19Z
etag: "1D4D4E641144100"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 trans.gif
afd-k-acdc-direct.office.com/apc/ 43 B
480 B 74ms
28ms Image
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afd-k-acdc-direct.office.com/apc/trans.gif?af37df61219746da4bc0909e2db296a1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:19 GMT
x-machinename: VI1PR08CA0118
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Tue, 15 May 2018 10:22:58 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: 646940B71F704114946AB0750439A245 Ref B: VIEEDGE0712 Ref C: 2019-04-08T04:10:19Z
etag: "1D3EC36B1D82D00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 100k.gif
afd-k-acdc-direct.office.com/apc/ 100 KB
101 KB 35ms
34ms Image
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afd-k-acdc-direct.office.com/apc/100k.gif?816af4af84b4211f18b09e7e1f94c7a4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d1dd07bfb530b2c90fc3682cb3812dcc27f00f96f2f377b3806f2eaf8a3af40

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:19 GMT
x-machinename: VI1P195CA0006
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 102766
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: 400FD22078C04764B747C2DFA1747BF5 Ref B: VIEEDGE0712 Ref C: 2019-04-08T04:10:19Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 r.gif Show response
fpc.msedge.net/ 42 B
213 B 136ms
18ms XHR
image/gif 13.107.6.163
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.msedge.net/r.gif?MonitorID=O365se&rid=2cc70d5771912ca6b0255bd45c270b4a&w3c=true&prot=https:&v=2018111301&tag=[{%22TenantId%22:%22931ddf6a-9f23-49c0-a072-58cdb2e4a971%22}]&DATA=[{%22RequestID%22:%221a3f64d819e1af699f9c5fc47a3ac89c%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:1232,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22HND%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%221a3f64d819e1af699f9c5fc47a3ac89c%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:256,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22HND%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22afd-a-acdc-direct.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:219,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22afd-a-acdc-direct.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:30,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22afd-k-acdc-direct.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:129,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22afd-k-acdc-direct.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:38,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22afd-a-acdc-direct.office.com%22,%22Object%22:%22100k.gif%22,%22Conn%22:%22warm%22,%22Result%22:17807,%22T%22:8},{%22RequestID%22:%22afd-k-acdc-direct.office.com%22,%22Object%22:%22100k.gif%22,%22Conn%22:%22warm%22,%22Result%22:13711,%22T%22:8}]
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.107.6.163 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

status: 200
date: Mon, 08 Apr 2019 04:10:20 GMT
cache-control: no-store
x-msedge-ref: Ref A: 9D751F43A1A94701B33D751542FF5A78 Ref B: AMS04EDGE0811 Ref C: 2019-04-08T04:10:20Z
access-control-allow-origin: https://navtikaceneje.top
content-type: image/gif

GET
H/1.1 200
OK trans.gif Show response
7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com/apc/ 43 B
552 B 15ms
14ms XHR
image/gif 2603:1026:300:15::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com/apc/trans.gif?d7c9138bee215a4f5a3cfb1830aefd42
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1026:300:15::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:19 GMT
X-MachineName: VI1PR0101CA0081
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: VIE
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK trans.gif Show response
acdc-direct.office.com/apc/ 43 B
552 B 182ms
38ms XHR
image/gif 2603:1026:4:15::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://acdc-direct.office.com/apc/trans.gif?550357c462bb558dc2f77d0ab49c0d9f
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1026:4:15::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:20 GMT
X-MachineName: DB6PR0601CA0041
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: DUB
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK trans.gif Show response
acdc-direct.office.com/apc/ 43 B
552 B 41ms
41ms XHR
image/gif 2603:1026:4:15::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://acdc-direct.office.com/apc/trans.gif?fcfc0a9f5c3fcbd90a211f4132d4cb04
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1026:4:15::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:20 GMT
X-MachineName: DB6PR0601CA0041
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: DUB
Accept-Ranges: bytes
Expires: -1

GET
H2 200 trans.gif Show response
outlook.office.com/apc/ 43 B
193 B 51ms
26ms XHR
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://outlook.office.com/apc/trans.gif?7148c98eb6d07d33d830acd424c8219d
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:20 GMT
x-machinename: VE1PR03CA0015
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: DAE77859BB9C4F4885F44A300DD048D2 Ref B: VIEEDGE0608 Ref C: 2019-04-08T04:10:20Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 trans.gif Show response
outlook.office.com/apc/ 43 B
170 B 25ms
24ms XHR
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://outlook.office.com/apc/trans.gif?5d757061471614188310cb98a9690a8d
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

date: Mon, 08 Apr 2019 04:10:20 GMT
x-machinename: VI1PR04CA0131
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Sun, 29 Apr 2018 10:25:26 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: D28FC4C467C845189D74DE0B82367828 Ref B: VIEEDGE0608 Ref C: 2019-04-08T04:10:20Z
etag: "1D3DFA463732F00"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H/1.1 200
OK trans.gif
acdc-direct.office.com/apc/ 43 B
550 B 159ms
38ms Image
image/gif 2603:1026:c02:3040::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acdc-direct.office.com/apc/trans.gif?a50f70b55a15c4dceb440419e1196143
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1026:c02:3040::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:19 GMT
X-MachineName: DB8PR06CA0025
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 43
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: DUB
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK 100k.gif
acdc-direct.office.com/apc/ 100 KB
101 KB 39ms
39ms Image
image/gif 2603:1026:c02:3040::2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acdc-direct.office.com/apc/100k.gif?9d082cc4a8feb70b91d0af7322c277da
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2603:1026:c02:3040::2 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d1dd07bfb530b2c90fc3682cb3812dcc27f00f96f2f377b3806f2eaf8a3af40

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Apr 2019 04:10:19 GMT
X-MachineName: DB8PR06CA0025
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 102766
X-UserHostAddress: 2a01:4f8:202::
Pragma: no-cache
X-FrontEnd: cafe
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
Cache-Control: no-cache, no-store, must-revalidate
X-EndPoint: DUB
Accept-Ranges: bytes
Expires: -1

GET
H2 200 trans.gif
outlook.office.com/apc/ 43 B
233 B 25ms
25ms Image
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://outlook.office.com/apc/trans.gif?f8abe38fe80d3735dd57f03c04c23f7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:20 GMT
x-machinename: VI1PR0802CA0046
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 43
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Tue, 01 May 2018 19:14:58 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: F695D199CAE845F9A6029DB32C21073F Ref B: VIEEDGE0712 Ref C: 2019-04-08T04:10:20Z
etag: "1D3E180B1DD2500"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 100k.gif
outlook.office.com/apc/ 100 KB
101 KB 27ms
26ms Image
image/gif 2620:1ec:c::11
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://outlook.office.com/apc/100k.gif?9bc275ee27cfe3b6ad628065b96cb96b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c::11 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d1dd07bfb530b2c90fc3682cb3812dcc27f00f96f2f377b3806f2eaf8a3af40

Request headers

Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Apr 2019 04:10:20 GMT
x-machinename: VI1PR08CA0091
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 102766
x-userhostaddress: 2a01:4f8:202::
pragma: no-cache
x-frontend: cafe
last-modified: Thu, 07 Mar 2019 13:04:10 GMT
server: Microsoft-IIS/10.0
x-msedge-ref: Ref A: CEFAE070E51148BC8AF16BAE90600D34 Ref B: VIEEDGE0712 Ref C: 2019-04-08T04:10:20Z
etag: "1D4D4E641144100"
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
cache-control: no-cache, no-store, must-revalidate
x-endpoint: VIE
accept-ranges: bytes
expires: -1

GET
H2 200 r.gif Show response
fpc.msedge.net/ 42 B
145 B 16ms
15ms XHR
image/gif 13.107.6.163
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://fpc.msedge.net/r.gif?MonitorID=O365se&rid=2cba4426efd1c85f128c32ba67108f9a&w3c=true&prot=https:&v=2018111301&tag=[{%22TenantId%22:%22931ddf6a-9f23-49c0-a072-58cdb2e4a971%22}]&DATA=[{%22RequestID%22:%227f6888cd05de616ee6b42074bcf68fba%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:594,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%227f6888cd05de616ee6b42074bcf68fba%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:16,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22acdc-direct.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:183,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22DUB%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22acdc-direct.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:42,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22DUB%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22outlook.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:54,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22outlook.office.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:25,%22T%22:128,%22Rip%22:%222a01:4f8:202::%22,%22Ep%22:%22VIE%22,%22Fe%22:%22cafe%22},{%22RequestID%22:%22acdc-direct.office.com%22,%22Object%22:%22100k.gif%22,%22Conn%22:%22warm%22,%22Result%22:7168,%22T%22:8},{%22RequestID%22:%22outlook.office.com%22,%22Object%22:%22100k.gif%22,%22Conn%22:%22warm%22,%22Result%22:29356,%22T%22:8}]
Requested by: Host: r4.res.office365.com
URL: https://r4.res.office365.com/footprint/v2.7/scripts/fp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.107.6.163 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

status: 200
date: Mon, 08 Apr 2019 04:10:20 GMT
cache-control: no-store
x-msedge-ref: Ref A: D9E77D70B2624BAF9DDAF4BC48868491 Ref B: AMS04EDGE0811 Ref C: 2019-04-08T04:10:20Z
access-control-allow-origin: https://navtikaceneje.top
content-type: image/gif

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
396 B 261ms
260ms XHR
application/json 52.114.128.43
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688
Requested by: Host: r1.res.office365.com
URL: https://r1.res.office365.com/o365/versionless/o365shellarialogger_3cefa9b2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.43 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
Origin: https://navtikaceneje.top

Response headers

Date: Mon, 08 Apr 2019 04:10:26 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 64
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 TokenFactoryIframe
webshell.suite.office.com/iframe/ Frame 9EE3 0
0 43ms
41ms Document
text/html 2603:1020:0:7::19c
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Fnavtikaceneje.top&shsid=5e241db2-6055-4aa5-a1ef-fd2b1f41e7fb&cshver=16.00.2984.000&apiver=g2

Requested by

Host: navtikaceneje.top
URL: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti_files/shellplusg2m_43732df3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1020:0:7::19c , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src ; script-src https://r1.res.office365.com 'nonce-qpnWiSvibV2S5a+WGzY+VL3r9e5r/L+3ftGQ1kbzbjo=' 'unsafe-inline'; connect-src
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: webshell.suite.office.com
:scheme: https
:path: /iframe/TokenFactoryIframe?origin=https%3A%2F%2Fnavtikaceneje.top&shsid=5e241db2-6055-4aa5-a1ef-fd2b1f41e7fb&cshver=16.00.2984.000&apiver=g2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://navtikaceneje.top/Rhlpajsqq1mba/trNgsPaoladj/mretzeti.htm?mahdQplhDnPLa=cheekit_kan@jabil.com

Response headers

status: 200
cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
x-aspnetmvc-version: 5.2
content-security-policy: default-src 'none'; frame-src *; script-src https://r1.res.office365.com 'nonce-qpnWiSvibV2S5a+WGzY+VL3r9e5r/L+3ftGQ1kbzbjo=' 'unsafe-inline'; connect-src *
x-o365suiteuxshell-correlationid: 1fc9431f-b68b-4ed2-80c6-c7319b6221de
set-cookie: s.SessID=86949600-b5f8-4168-8ca0-58688e473104; path=/; secure; HttpOnly
x-powered-by: ASP.NET
date: Mon, 08 Apr 2019 04:10:28 GMT
content-length: 1088

POST /
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: m.webtrends.com
URL: https://m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/wtid.js

Domain: m.webtrends.com
URL: https://m.webtrends.com/dcsc97avu10000kn75ujgpso2_7j5n/dcs.gif?&dcsdat=1554696615230&dcssip=navtikaceneje.top&dcsuri=/changepassword.aspx:ChangePasswordPage&dcsqry=?mahdQplhDnPLa=cheekit_kan%40jabil.com&WT.tz=0&WT.bh=4&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=ChangePasswordPage&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.le=UTF-8&WT.tv=8.6.2&WT.dl=0&WT.ssl=1&WT.es=account.activedirectory.windowsazure.com%2Fchangepassword.aspx%3AChangePasswordPage&WT.z_url=%2Fchangepassword.aspx%3AChangePasswordPage&WT.sli=Not%20Installed&WT.vt_f_a=2&WT.vt_f=2&WT.vt_nvr1=1&WT.vt_nvr2=1&WT.vt_nvr3=1&wtEvtSrc=navtikaceneje.top%2Fchangepassword.aspx%3AChangePasswordPage&wtDrillDir=%2Frhlpajsqq1mba%2F%3B%2Frhlpajsqq1mba%2Ftrngspaoladj%2F&WT.dep=wtEvtSrc%3BwtDrillDir

Domain: browser.pipe.aria.microsoft.com
URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.microsoftonline.com/	1970-01-19 00:34:48	Name: buid Value: AQABAAEAAADCoMpjJXrxTq9VG9te-7FX0IHpM0YYubePLFpQgkiJmpuuBszWxXUOAxgpRi3b2xZFrOMCb_a1o2QHbYKj5b77PkuEIz1dutysngjHy0EZZrZmBrsfIZInGWDV66uah1kgAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: ests
outlook.office365.com/	1970-01-19 04:15:07	Name: OIDC Value: 1
outlook.office365.com/	1970-01-18 23:51:40	Name: OpenIdConnect.nonce.v3.GrkRf8JDSX8kjH3nCTdoovJxPQ-dUTatjpx3Z0_Nj7g Value: 636902934167827964.0f61b364-de17-4afa-a142-0f4b186e3da7
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAADCoMpjJXrxTq9VG9te-7FXCZw6LwqOMBZMtIH-zaf3U6b8wC49d4dEdeHbGyuWG0mD8YYb5RuZ637NrSlQF5k5oDJw5fMVhMrNE6R0jtVFPwO2rCEPN3PqcLrXJSXUQLlC9omhOiEJGaWRvBJBZb2v6HwIgL7_MlM9lKx4BXQykIuxsghAE7mzQu9VndQsxp0gAA
login.microsoftonline.com/	1970-01-19 00:34:48	Name: fpc Value: AtrrlWKf-exItKofxLK-8C4-NjKRAQAAAKjAPNQOAAAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: prod
outlook.office365.com/	1970-01-19 08:38:39	Name: ClientId Value: B0054BD7D5EB482F884F75BBFB85B278
.navtikaceneje.top/	1970-01-19 08:37:12	Name: WT_NVR Value: 0=/:1=rhlpajsqq1mba:2=rhlpajsqq1mba/trngspaoladj

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a3f64d819e1af699f9c5fc47a3ac89c.nrb.footprintdns.com
7f6888cd05de616ee6b42074bcf68fba.nrb.footprintdns.com
account.activedirectory.windowsazure.com
acdc-direct.office.com
afd-a-acdc-direct.office.com
afd-k-acdc-direct.office.com
browser.pipe.aria.microsoft.com
fpc.msedge.net
login.microsoftonline.com
m.webtrends.com
navtikaceneje.top
outlook.office.com
outlook.office365.com
r1.res.office365.com
r4.res.office365.com
res.delve.office.com
webshell.suite.office.com
browser.pipe.aria.microsoft.com
m.webtrends.com
13.107.6.163
185.222.203.10
20.190.129.160
20.190.129.161
2603:1020:0:7::19c
2603:1026:300:15::2
2603:1026:4:15::2
2603:1026:4:77::2
2603:1026:c02:3040::2
2603:1046:403::2
2620:1ec:21::11
2620:1ec:c::11
2a02:26f0:eb:399::753
2a02:26f0:eb:3ad::b34
52.114.128.43
039c24e57d0db5f02aa6140f2e83c241eafdb532b5b2c28a9e7d8306947e8a12
05b8a2ad68472b5b9a24a12e9a69cee1a52cad188d7120e075f700f650a4afc6
0a57958dac14aea8ed09167919bdfcf06654870e44aca5b4a8eae2b1bc8ea4cf
1351555fc32dd51504c515fedc96b0861ad52e2c59774dc703f95c91f5d4a6fc
13e330896fb75b2c0d65d842cc9e10809306957fc6eb390311460aa0d6f315cc
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
15b61c641afc5b9a02352e1a9a008b1225765bfa819e2aa262be875b2d4b06d9
15d47c5862caa79572e75d0d96da6d79664ad03bab324b7b6649cf4981e08866
1c58886c9c04ccb144ea6aa4182e73480af97cd0eeafec5136d1aac29ec1b392
1cff1172548fb1a52b5d3a9f8b2b41d5e05c706ab8970e322d4dce13c54658e1
2225fabaa4e18a8fb2d51affccb6ad302ad9b16c9ac56e5a81d0ee467318adbf
295b179d93907f6aa011418544cc7269afebf65769fe95260e0f5a6a40a27bae
2f932a46e57edd7e47818d28dd3e5f6e26ee473fb00a8b987e5f650b29957b82
39f4c9dcb9e369b27edc6202f2b34db1f26abcde6910d6563544b0ddc255b9ec
3e5701af3a8a61efd8d3df189f8569a146d2250173c1f96b4d459676a70c9367
3fdfb720bbb84271c095891ac92194d2f221fc0b2015e4b6890ef815ae697f62
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4598b2ffb98d047057df3bca4279b414541f1da5c2549102c1394c880d181a85
4e1e68346eb54382fc22fb331d618f1418e91ef4d2e029a7129782340d01593a
5175f5da7083464bd0739bcd332b21ac5e24aecb50b74e9c0925d70423605319
54cdab7046aac6c817f330d46551671727f0f762b279d71af82876f3e4079cc2
564edf44d911657385afd4a44bfc39106638b05af115dc07798dce326c2cd2ad
5d1dd07bfb530b2c90fc3682cb3812dcc27f00f96f2f377b3806f2eaf8a3af40
5ea698b3ac0114a7f7a2c1ab35d3f8d15a3d86cf9820c159ddb80c739f77b623
64f69949f20639e8295c9425a4b81055503b3d6c30db88b89534675d8eaa43d9
6e73e8dc11f64b0cc4e7a4ad3ddf7db7c0d71b68a1001e56ec203d7c01102081
75d27cda334c0f5f0273997386ebd0a0ed35a9f65ee0a1068b3c3d11886d90eb
78b52aeb330ef431f5aa3b3e66e2aaaec9114f8e5262d4658b23d949df323cc1
7a274d9bd3ae20b936d4c820c3291398ddaa070885911f13de4c6e300fee984a
7d032be3610f00241ebb04f5a8fa43cf43bf04e8245a3b704701624cc41593cf
81261be300ded216f14a6556a792a6cc735db157de13bb0a6b6b9b842a45ac35
849817652c53b867316192eb943de01d8e5cf7b92fe3b8b763bb426bf65d328e
856e8dd8a62017d2a75f936d4debd4ddbff01ef0b1cd121e198518f7eac49693
8a73c656d2293067e9eca459faf0ba98fac3494b517e9ed5471d05bdd8864038
8c697445929e3b83fcc693ca5df78834472f3d61c864a805ad43c9aa19813337
9089c1e9c5c72904ccee0e18f28fb906dc5c6aa81400294e53c3e31777bd4d28
93b93dd648568423bc33c306b0d8ecd172ec33ff2a6dab62f54ee7989f245d01
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eca0cb6930de9987094bd6bba32cbc89adeb595fc3436caa91a43c1ff9b3ab2
9f238312f9f18b3367cfe22181aa3b542de5b65c1d325afec562662b97c77abd
ae9cc7f752c37e63cad66c543bc6259e66c6bea809c3c81e5f2d6bef10aa1f3a
da68948995a1651b2ce4f51d7e7cbab4d8638ece7f5fd22a4cc6f2e7b80ced4b
dca6768cc513f46d42e774f9d5aa69162f3da17fd5412ad6fd928df383eaa2fc
dcb4269e8f666ee0d7b1ab71b0df041f15d9a0ba44ffd3d0c4c49ccd44c49be0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e510a031ab62f376d97db2a501542daf03097edc2010e1fef5dc8a50fd8905c3
e7fa25bebb1437a60c673b8fda2f39b478074496b8416896fafe87a19b539dc7
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f1ac61946852907c2bbc85591af3ff674c2749805372f6526de7d37fd0f75a4e
f291f9b4f1948542401f533a5ac8ce05807cfb1c3bc80f88ed3b8c5f8ba00d41
f7606dc08dc582ae5d4f6d2cf52ac0e04eec89d930a65a37a7eaa2a9bfe7ca7e

navtikaceneje.top Open in urlscan Pro 185.222.203.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

97 %HTTPS

67 %IPv6

9 Domains

17 Subdomains

15 IPs

3 Countries

4469 kBTransfer

5465 kBSize

9 Cookies

8 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

navtikaceneje.top Open in urlscan Pro
185.222.203.10 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

97 %
HTTPS

67 %
IPv6

9
Domains

17
Subdomains

15
IPs

3
Countries

4469 kB
Transfer

5465 kB
Size

9
Cookies

87 HTTP transactions
1 data transactions