| signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 | 157.167.155.85 | 200 OK | 99 kB |
URL User Request GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 IP157.167.155.85:443
CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10314), with CRLF, LF line terminators Hash0d603945250ccaa62f4f040a26498e6d e964d657e09806b31af2343efb57a0b6ed2ad4b4 916b6fa8c9169a2b65c81384c61f73d9c31e7851231c13bed69374c7cd176d48
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
X-UA-Compatible: IE=edge, chrome=1
x-ms-amserver: wcuXXXX00M2 (2.0.3302.0)
x-ms-amserver-tm: 15ms
x-ms-request-id: ccbbd701-6579-4c3a-a1d3-99c5e664cffc
Link: <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=dns-prefetch, <https://acctcdn.msauth.net>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
Referrer-Policy: strict-origin-when-cross-origin
AMServer: wcuXXXXig0000M2
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: CCBBD70165794C3AA1D399C5E664CFFC Ref B: LON04EDGE1119 Ref C: 2024-04-18T05:30:41Z
Date: Thu, 18 Apr 2024 05:30:41 GMT
Content-Security-Policy-Report-Only: frame-src cert.ams.skyfencenet.com auth.ams.skyfencenet.com 'self'; base-uri 'self'; report-uri https://csp-microsoft-com.o365.ams.skyfencenet.com/report/MSA-UX-All
Set-Cookie: amcanary=0; path=/; secure; HttpOnly; SameSite=None
amcanary=0; path=/; secure; HttpOnly; SameSite=None
__SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227; Domain=.o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_event_listener_hook.js | 157.167.155.85 | 200 OK | 1.8 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_event_listener_hook.js IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash1f737f56e7bdc64e8b061b77939eee2a e6f0b0fb1d97fbf1ad5b269ecdec27ca321c8da5 a860b9561b1615b3dca00ef253ebc8f398b346e13042dc6bef68ccac5da536ad
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /__sf_resource/_/__sf_event_listener_hook.js HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404
DNT: 1
Connection: keep-alive
Cookie: amcanary=0; __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Cache-Control: max-age=21600
X-Content-Type-Options: nosniff
Content-Length: 1849
|
|
| signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_ajax_hook.js | 157.167.155.85 | 200 OK | 6.3 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_ajax_hook.js IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashf969bab2aeac15ae39a5d1f81e7b5b76 3b2c77372698e7d3bc391f11d1c6632464973e33 198126ad3f4d583b32e828ed9c86a9ef0a3b7e2c8292b1422cd931a722da5418
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /__sf_resource/_/__sf_ajax_hook.js HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404
DNT: 1
Connection: keep-alive
Cookie: amcanary=0; __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Cache-Control: max-age=21600
X-Content-Type-Options: nosniff
Content-Length: 6334
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/images/favicon.ico?v=2 | 157.167.155.205 | 200 OK | 17 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/images/favicon.ico?v=2 IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /images/favicon.ico?v=2 HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 344893
Cache-Control: public, max-age=604800
Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
Content-Type: image/x-icon
Date: Thu, 18 Apr 2024 05:30:43 GMT
Etag: 0x8DC5C40A389CC38
Last-Modified: Sun, 14 Apr 2024 05:06:27 GMT
Server: ECAcc (lhc/78AE)
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ec3ac304-e01e-0079-152e-8edb35000000
x-ms-version: 2009-09-19
Content-Length: 17174
Set-Cookie: __SF__sfbid=bfar1WJXHw70615c1c; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 16 Apr 2034 05:30:43 GMT; SameSite=Lax; Secure; HttpOnly
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js | 157.167.155.205 | 200 OK | 3.7 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (746) Hash87effb0bb533c1d79f5c94fd9e30c14d 4e4f5f3cddddbfddb46a1626d7ce579a639de389 617e32ca57507098771fd30af6b9dcab063448f6d7e0bc6d6557dd1895f80543
GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 345212
Cache-Control: public, max-age=604800
Content-MD5: GpB463eVzCq5vobQLSGoUw==
Content-Type: application/javascript
Date: Thu, 18 Apr 2024 05:30:43 GMT
Etag: 0x8DC5C409B6EB831
Last-Modified: Sun, 14 Apr 2024 05:06:13 GMT
Server: ECAcc (lhc/7914)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1e2ebd9d-301e-00e8-792d-8e1740000000
x-ms-version: 2009-09-19
Set-Cookie: __SF__sessionId=5b5a2a9ad940a64368e1bbdf9fea64; Domain=.o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico | 157.167.155.85 | 200 OK | 17 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Resources/images/favicon.ico HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: amcanary=0; __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=31536000
Content-Length: 17174
Content-Type: image/x-icon
Last-Modified: Wed, 10 Apr 2024 03:41:32 GMT
Accept-Ranges: bytes
ETag: "0fe7efaf88ada1:0"
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
AMServer: wusXXXXig0000WG
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 5511C567C769430DA757A7D928E57350 Ref B: LON04EDGE1119 Ref C: 2024-04-18T05:30:43Z
Date: Thu, 18 Apr 2024 05:30:42 GMT
Set-Cookie: __SF__sfbid=3YNuu2qEmp923caa70; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 16 Apr 2034 05:30:43 GMT; SameSite=Lax; Secure; HttpOnly
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 | 157.167.155.205 | 200 OK | 119 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (54994), with CRLF, LF line terminators Size119 kB (119321 bytes) Hashafba278001bec18bb958b37906f3e761 62249fd3f29df66c5d496f790640091b82d5fef2 59ab8a81f52e7786ef4e7e5a7b717295b8b1f9d633a790f5ac820fabc98699ab
GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 258862
Cache-Control: public, max-age=604800
Content-MD5: aLM4Wm3/yNZOAZgyrMkY7Q==
Content-Type: application/javascript
Date: Thu, 18 Apr 2024 05:30:43 GMT
Etag: 0x8DC5D072788B412
Last-Modified: Mon, 15 Apr 2024 04:47:28 GMT
Server: ECAcc (lhc/7955)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 9773b0d2-301e-0080-42f6-8e0d73000000
x-ms-version: 2009-09-19
Set-Cookie: __SF__sfbid=NQqsYD7w71dd505fdf; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 16 Apr 2034 05:30:43 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/API/ClientEvents | 157.167.155.85 | 200 OK | 601 B |
URL POST HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/API/ClientEvents IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash7321bf3275b7a7d6e247618dbb430f1c 70f4037e3fd78fc21f6551bacd6ffd8af8d94906 a2019cff676f61fc8f83f3cf2062943b9d8b7372454a6dee9e687facc27374d1
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
POST /API/ClientEvents HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404
hpgid: 200202
canary: FXpbSI37JIj2HZZjS4R0cJedfvPLhA21cCUt3UzCAsvD8/jKkYKRBlCQm2MgkjdINpBQrnHhg2g3mnxd8Xs4qN76Xk6synbgnvIRHgC2/1u5GUKH3l7fWuv3s6jKV5PFP18BLFSGDLH0S1AU8Cbuj3g/2dEkxATjMG2gBk82bXv91rReqBWCuwov8ppo0UtaGHIxO3kOZQnqDsQ04X+cEHFG+zsS2/qJVi8XZqDGiGOUstim48n9cvo/KSgHt4FW:2:3c
uaid: 0bb65cefbc96499ba343c9a5a1b365c4
tcxt: /WIba0JrlpSva/4AcxLItOP5w6179yN4at5tiYT2km5NAAVh5ch5qXmyQdiawndvLz+YkGW4rmgaKIXhp+2c+Uyp124LXUH+u9g34MZcUzo63+S4MOzMnPPgNsXTcvxE5iq93wSEt0U4T5um+5tNhQ==:2:3
x-ms-apiVersion: 3
x-ms-apiTransport: fetch
Content-Type: application/json; charset=utf-8
Content-Length: 5129
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Cookie: amcanary=0; __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227; __SF__sfbid=3YNuu2qEmp923caa70; MicrosoftApplicationsTelemetryDeviceId=8393b1b9-d88d-4d43-a25d-4059f534e2ca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
x-ms-amserver: wcuXXXX00M2 (2.0.3302.0)
x-ms-amserver-tm: 249ms
x-ms-request-id: 8b6e4eca-0075-40c9-8049-31bd6d973b75
Referrer-Policy: strict-origin-when-cross-origin
AMServer: wcuXXXXig0000M2
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 8B6E4ECA007540C9804931BD6D973B75 Ref B: LON04EDGE1119 Ref C: 2024-04-18T05:30:43Z
Date: Thu, 18 Apr 2024 05:30:43 GMT
Set-Cookie: __SF__.live.com/amsc=BvagmYDm4OJhpdSm63Y+LTnDaugL2LgSXtQoRKh5RZnoGOPZgHCrXkvCHLWWM0Pzfb3H8zDg4OXi/nRHUI8JJL2mHlvfMJnnoGODtDWHzP1hlWIJeXf+RnYJ+fWWY1kvNg9iVlpZVYCubvzUcwR1BOC0gNvMDLRaj/D4nhpJ9vt4SHkr7m5hHTfM8M9hZmgbTCCHoliOAUZXwlB5BR1eKRC0jqLb/Qvqa7Rqwx/ofhpNvRfMta6mMpdy9hQHdXymGLla7+w4Dmj2qZupbvWL9PR9qXNZbc9vmqQs8/Ihabc=:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sfbid=3YNuu2qEmp923caa70; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 16 Apr 2034 05:30:43 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/API/ReportClientEvent?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 | 157.167.155.85 | 200 OK | 501 B |
URL POST HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/API/ReportClientEvent?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hashfdacdd41ff32cc30fb1e3bc368bfba53 6cbea86628c1cedc031f56d3821c8a62a3262225 8d3d74d80d0e8c103f484945a84f1490ea1a9f506659e97d39aa1d46c28387d2
POST /API/ReportClientEvent?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404
Content-Type: application/json
canary: FXpbSI37JIj2HZZjS4R0cJedfvPLhA21cCUt3UzCAsvD8/jKkYKRBlCQm2MgkjdINpBQrnHhg2g3mnxd8Xs4qN76Xk6synbgnvIRHgC2/1u5GUKH3l7fWuv3s6jKV5PFP18BLFSGDLH0S1AU8Cbuj3g/2dEkxATjMG2gBk82bXv91rReqBWCuwov8ppo0UtaGHIxO3kOZQnqDsQ04X+cEHFG+zsS2/qJVi8XZqDGiGOUstim48n9cvo/KSgHt4FW:2:3c
x-ms-apiVersion: 2
x-ms-apiTransport: xhr
uiflvr: 1001
scid: 100145
hpgid: 200202
uaid: 0bb65cefbc96499ba343c9a5a1b365c4
tcxt: /WIba0JrlpSva/4AcxLItOP5w6179yN4at5tiYT2km5NAAVh5ch5qXmyQdiawndvLz+YkGW4rmgaKIXhp+2c+Uyp124LXUH+u9g34MZcUzo63+S4MOzMnPPgNsXTcvxE5iq93wSEt0U4T5um+5tNhQ==:2:3
Content-Length: 576
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Cookie: amcanary=0; __SF__.live.com/amsc=XYVeQ3mXuGx50IQ+Ef6brwC+lsrLGaNPqscVPz7OsaDsNJploafh64P/ijT7zmlvWc30Y5Jd28+dXhmBgwFBZ9WLWd356YhMRZ61vFeRpvx8SNr3m9UIa4lWG99AsRSD2plwszry4FYFbw102hCnW4tfK8g8pofq0an9hUZnJqwWXgvjJ/C2DRgvZHm3FPqr82gByM/ymCYOs29CsnbAVyQn76lvgO+AWoheL+iKJq/youTON9DN20OFzDtLEKU2:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227; __SF__sfbid=bfar1WJXHw70615c1c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
x-ms-amserver: scuXXXX00J4 (2.0.3302.0)
x-ms-amserver-tm: 218ms
x-ms-request-id: ad0b410c-d546-4271-bbf4-6b34c8f3333e
Referrer-Policy: strict-origin-when-cross-origin
AMServer: scuXXXXig0000J4
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: AD0B410CD5464271BBF46B34C8F3333E Ref B: LTSEDGE0810 Ref C: 2024-04-18T05:30:43Z
Date: Thu, 18 Apr 2024 05:30:43 GMT
Set-Cookie: __SF__.live.com/amsc=ZackCRYphG1ZKOZKCgCMcyyHOKp7J4/QVmaTGxWKbDBa0U5xtlR9QR0VkFfU2eQlop215pyPw4ceqK/cRJuJjeg2sFpLVcEfswz6thzWvZDI8iLprZqjtra/7EB9pHnjJmFqeY3y5kjEhoYq+J9KG+CBSLAkgW79z2JaPeLKyrBQARhY0jBGGfOwAQKsL0NLp2R2Wmnqu8xMLpPdAeS+Kr4SEeOhfuoHhiCA8KZwYvCbe/NuRzS5EVFjhX8IV+mbWoTHrtDvGi4vmDvEL0Hke+zKUiGHqNgRx0iXDavSHNI=:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sfbid=bfar1WJXHw70615c1c; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 16 Apr 2034 05:30:44 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico | 157.167.155.85 | 200 OK | 17 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Resources/images/favicon.ico HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&lic=1&uaid=0bb65cefbc96499ba343c9a5a1b365c4&e=404
DNT: 1
Connection: keep-alive
Cookie: amcanary=0; __SF__.live.com/amsc=ZackCRYphG1ZKOZKCgCMcyyHOKp7J4/QVmaTGxWKbDBa0U5xtlR9QR0VkFfU2eQlop215pyPw4ceqK/cRJuJjeg2sFpLVcEfswz6thzWvZDI8iLprZqjtra/7EB9pHnjJmFqeY3y5kjEhoYq+J9KG+CBSLAkgW79z2JaPeLKyrBQARhY0jBGGfOwAQKsL0NLp2R2Wmnqu8xMLpPdAeS+Kr4SEeOhfuoHhiCA8KZwYvCbe/NuRzS5EVFjhX8IV+mbWoTHrtDvGi4vmDvEL0Hke+zKUiGHqNgRx0iXDavSHNI=:2:3c; __SF__sessionId=5b5a2a9a40d9a6436201bbdf9fe227; __SF__sfbid=bfar1WJXHw70615c1c; MicrosoftApplicationsTelemetryDeviceId=8393b1b9-d88d-4d43-a25d-4059f534e2ca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=31536000
Content-Length: 17174
Content-Type: image/x-icon
Last-Modified: Wed, 10 Apr 2024 03:41:32 GMT
Accept-Ranges: bytes
ETag: "0fe7efaf88ada1:0"
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
AMServer: EUSXXXXGN0000DP
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 5F518EEE9EC649C883F623F787AA48DA Ref B: LON04EDGE1119 Ref C: 2024-04-18T05:30:50Z
Date: Thu, 18 Apr 2024 05:30:50 GMT
Set-Cookie: __SF__sfbid=bfar1WJXHw70615c1c; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 16 Apr 2034 05:30:50 GMT; SameSite=Lax; Secure; HttpOnly
|
|