| signup-live-com.o365.ams.skyfencenet.com/MobileError.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802 | 157.167.155.205 | 302 Found | 238 B |
URL User Request GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/MobileError.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802 IP157.167.155.205:443
CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc486717c77478d2f77a0c45248a149ec 87a9e68e3722102aab0d11cc920fec75fc48e63d 93242bb4bc0838c5296df803522290080807beac52ed2b14a3c4cbf207663cfd
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /MobileError.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
X-UA-Compatible: IE=edge, chrome=1
x-ms-amserver: wusXXXX00YC (2.0.3311.1)
x-ms-amserver-tm: 0ms
x-ms-request-id: 986cde04-b5a0-480a-80c0-78704d2db520
Referrer-Policy: strict-origin-when-cross-origin
AMServer: wusXXXXig0000YC
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: E88FC49A9BED4F02AB9E97A4F950F826 Ref B: LON21EDGE1315 Ref C: 2024-04-25T03:37:45Z
Date: Thu, 25 Apr 2024 03:37:44 GMT
Set-Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; Domain=.o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 | 157.167.155.205 | 200 OK | 99 kB |
URL User Request GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 IP157.167.155.205:443
CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10314), with CRLF, LF line terminators Hash871b3979b62e8ffd609d7f2ce95f5917 d36de0914d5b832a5fb23208594b2bbccd41e1a7 ef4b10a23dcb4aba4f40a51f03aa0b8c7869563f32af3a6a6e98547dce7140f1
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
X-UA-Compatible: IE=edge, chrome=1
x-ms-amserver: wusXXXX00YC (2.0.3311.1)
x-ms-amserver-tm: 15ms
x-ms-request-id: 592de212-0f01-4dba-928e-bdef1060f9cb
Link: <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=dns-prefetch, <https://acctcdn.msauth.net>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
Referrer-Policy: strict-origin-when-cross-origin
AMServer: wusXXXXig0000YC
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 592DE2120F014DBA928EBDEF1060F9CB Ref B: LON21EDGE1315 Ref C: 2024-04-25T03:37:45Z
Date: Thu, 25 Apr 2024 03:37:44 GMT
Set-Cookie: amcanary=0; path=/; secure; HttpOnly; SameSite=None
__SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:45 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_event_listener_hook.js | 157.167.155.205 | 200 OK | 1.8 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_event_listener_hook.js IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash1f737f56e7bdc64e8b061b77939eee2a e6f0b0fb1d97fbf1ad5b269ecdec27ca321c8da5 a860b9561b1615b3dca00ef253ebc8f398b346e13042dc6bef68ccac5da536ad
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /__sf_resource/_/__sf_event_listener_hook.js HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; amcanary=0; __SF__sfbid=e7Pp4NM83h0a2d53d7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Cache-Control: max-age=21600
X-Content-Type-Options: nosniff
Content-Length: 1849
|
|
| signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_ajax_hook.js | 157.167.155.205 | 200 OK | 6.3 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_ajax_hook.js IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashf969bab2aeac15ae39a5d1f81e7b5b76 3b2c77372698e7d3bc391f11d1c6632464973e33 198126ad3f4d583b32e828ed9c86a9ef0a3b7e2c8292b1422cd931a722da5418
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /__sf_resource/_/__sf_ajax_hook.js HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; amcanary=0; __SF__sfbid=e7Pp4NM83h0a2d53d7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Cache-Control: max-age=21600
X-Content-Type-Options: nosniff
Content-Length: 6334
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js | 157.167.155.205 | 200 OK | 3.7 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (746) Hash87effb0bb533c1d79f5c94fd9e30c14d 4e4f5f3cddddbfddb46a1626d7ce579a639de389 617e32ca57507098771fd30af6b9dcab063448f6d7e0bc6d6557dd1895f80543
GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 338435
Cache-Control: public, max-age=604800
Content-MD5: GpB463eVzCq5vobQLSGoUw==
Content-Type: application/javascript
Date: Thu, 25 Apr 2024 03:37:46 GMT
Etag: 0x8DC61C00E1BF22D
Last-Modified: Sun, 21 Apr 2024 05:01:07 GMT
Server: ECAcc (lhc/7914)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f51be461-301e-007c-7cad-935c3f000000
x-ms-version: 2009-09-19
Set-Cookie: __SF__sessionId=5b5a2a9ac0fa6436ec1bb34505e7; Domain=.o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/images/favicon.ico?v=2 | 157.167.155.205 | 200 OK | 17 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/images/favicon.ico?v=2 IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /images/favicon.ico?v=2 HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; __SF__sfbid=e7Pp4NM83h0a2d53d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 338116
Cache-Control: public, max-age=604800
Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
Content-Type: image/x-icon
Date: Thu, 25 Apr 2024 03:37:46 GMT
Etag: 0x8DC61C017611702
Last-Modified: Sun, 21 Apr 2024 05:01:23 GMT
Server: ECAcc (lhc/78AE)
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 0ad754d0-601e-00d9-2dae-931d53000000
x-ms-version: 2009-09-19
Content-Length: 17174
Set-Cookie: __SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:46 GMT; SameSite=Lax; Secure; HttpOnly
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 | 157.167.155.205 | 200 OK | 119 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (54994), with CRLF, LF line terminators Size119 kB (119321 bytes) Hashafba278001bec18bb958b37906f3e761 62249fd3f29df66c5d496f790640091b82d5fef2 59ab8a81f52e7786ef4e7e5a7b717295b8b1f9d633a790f5ac820fabc98699ab
GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; __SF__sfbid=e7Pp4NM83h0a2d53d7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 338147
Cache-Control: public, max-age=604800
Content-MD5: aLM4Wm3/yNZOAZgyrMkY7Q==
Content-Type: application/javascript
Date: Thu, 25 Apr 2024 03:37:46 GMT
Etag: 0x8DC61C024BDDFEE
Last-Modified: Sun, 21 Apr 2024 05:01:45 GMT
Server: ECAcc (lhc/792B)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a8b75949-d01e-00f6-6bae-93057f000000
x-ms-version: 2009-09-19
Set-Cookie: __SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:46 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/API/ReportClientEvent?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 | 157.167.155.205 | 200 OK | 544 B |
URL POST HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/API/ReportClientEvent?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash584836676f38d0b478e8046b208c8da2 efaa8b7db07740e94180771bb5c59111aa1cad45 db284b2993e6636e237b0c4f1901403a5b4e6c01e8723870e3cffdcb9d5ebbfa
POST /API/ReportClientEvent?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
Content-Type: application/json
canary: KOpSYzWgufNr3rsxjhAJ6kglQWoEqhf3YTj/xq7q7dr+7atoe5O98z1bnm1pKqQhQFpCC/N3cCOy/e6b8XIctoskdkfXRpCzT2jHjadw6OWMDGjz79xVHdIC6SMLxSeC//ntTUuFWKEKuXBMvkTmfJkf4Pvf3nV/s2wrXpf0j2FAnG3t6U+jt5OaduQ/WVLbhR1FBX0boHxNVkxGCGrPNpGUcJN8CHw3gI4PdPFO8fgJzoCYSfmINDo0l7OzdkIw:2:3c
x-ms-apiVersion: 2
x-ms-apiTransport: xhr
uiflvr: 1001
scid: 100145
hpgid: 200202
uaid: e42401c8435e457baf2992bb73265802
tcxt: a/WsNpSO5kRwdipwlbpvMrSu2MfO0qVJX12g0bwELIMp60/m7KmM4dENofuLc79FBmFZBSR3RspwQj15rlDoSj0LrLLj7Lga+JQzuAHg2ssWCvM+pIYv8lY1Tv9NkFGDxWYoy8aNDlEhkux4EvL5fA==:2:3
Content-Length: 575
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; amcanary=0; __SF__sfbid=e7Pp4NM83h0a2d53d7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
x-ms-amserver: wusXXXX0004 (2.0.3311.1)
x-ms-amserver-tm: 125ms
x-ms-request-id: 6aa3595b-9044-450a-8da1-43c5abcf4754
Referrer-Policy: strict-origin-when-cross-origin
AMServer: wusXXXXig000004
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 6AA3595B9044450A8DA143C5ABCF4754 Ref B: LON04EDGE1122 Ref C: 2024-04-25T03:37:46Z
Date: Thu, 25 Apr 2024 03:37:45 GMT
Set-Cookie: __SF__.live.com/amsc=KiQK8tIHJAsF53jhoutNRG2mneLGQf7l8w5RjqgOKXPSaKV8E8mGBo76Vn+ND28nWldz4gW18Ag9T6+0nJpKptCf79FP0/Eym9WRHfUxwuX12jWfWUH5iDyXqe1XcczNhl7hGcRstthdpymbJ6ZvkxywIOstOfIfgakBEX6kUwNUlzDtcK/JVu38zd/1hO9/zzy5hCN7DVZUrrk0IpbIFTnYUwfMCRjEmwPV+gBYkO3Uggo96zPE+MTDQl8lHONM4hmZxF5EjRhaRhIyEm+FWWJccRz+YgILuqLOo1NRMRiWeqMGmOVoOLJnBz7/HaNq:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:46 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico | 157.167.155.205 | 200 OK | 17 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Resources/images/favicon.ico HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; amcanary=0; __SF__sfbid=e7Pp4NM83h0a2d53d7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=31536000
Content-Length: 17174
Content-Type: image/x-icon
Last-Modified: Tue, 23 Apr 2024 14:29:38 GMT
Accept-Ranges: bytes
ETag: "075baab8a95da1:0"
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
AMServer: wcuXXXXig0000SR
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: A8CAA69CD3C0405288363ECC0B74EE05 Ref B: LON21EDGE1315 Ref C: 2024-04-25T03:37:46Z
Date: Thu, 25 Apr 2024 03:37:45 GMT
Set-Cookie: __SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:46 GMT; SameSite=Lax; Secure; HttpOnly
|
|
| signup-live-com.o365.ams.skyfencenet.com/API/ClientEvents | 157.167.155.205 | 200 OK | 581 B |
URL POST HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/API/ClientEvents IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash24b4dccf459ca3e5fadfe721dd6319c4 b90da326e3068afccd93132f15e729a3420d32f2 bee20652461075962f6c4f541a44b474b99e1bca6e0c1f8372406b7abe00585b
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
POST /API/ClientEvents HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
hpgid: 200202
canary: KOpSYzWgufNr3rsxjhAJ6kglQWoEqhf3YTj/xq7q7dr+7atoe5O98z1bnm1pKqQhQFpCC/N3cCOy/e6b8XIctoskdkfXRpCzT2jHjadw6OWMDGjz79xVHdIC6SMLxSeC//ntTUuFWKEKuXBMvkTmfJkf4Pvf3nV/s2wrXpf0j2FAnG3t6U+jt5OaduQ/WVLbhR1FBX0boHxNVkxGCGrPNpGUcJN8CHw3gI4PdPFO8fgJzoCYSfmINDo0l7OzdkIw:2:3c
uaid: e42401c8435e457baf2992bb73265802
tcxt: a/WsNpSO5kRwdipwlbpvMrSu2MfO0qVJX12g0bwELIMp60/m7KmM4dENofuLc79FBmFZBSR3RspwQj15rlDoSj0LrLLj7Lga+JQzuAHg2ssWCvM+pIYv8lY1Tv9NkFGDxWYoy8aNDlEhkux4EvL5fA==:2:3
x-ms-apiVersion: 3
x-ms-apiTransport: fetch
Content-Type: application/json; charset=utf-8
Content-Length: 4558
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=O7yA9HBUh+T63zKOlqwRfNZk4eSN4rf24VA6bmAVJxm8/IeiUmX3AnsL7++5kb7TQzmGBgPYGMaidoavAjeU+cebG8j23hILA9vMLeD+C5x8WHYDQsFD6fMDMLPAM7M/0OOUhW13UFBdHk/wkdMERkrLSP+uuL0NxZ3LyTttuPIHIOKOBvf3fikZFfh/ChNRMEYlHAL/HW6MKZeDRObwi43BNQlllpawEsfxStJnamjCfb2VRy30XjM2pyy+TzTF:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; amcanary=0; __SF__sfbid=e7Pp4NM83h0a2d53d7; MicrosoftApplicationsTelemetryDeviceId=7dfa493d-2e15-4dc8-870a-d62d237b8413
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
x-ms-amserver: eusXXXX00DO (2.0.3302.0)
x-ms-amserver-tm: 156ms
x-ms-request-id: 16fcd141-e15e-4a5e-baa6-9f7dfc863644
Referrer-Policy: strict-origin-when-cross-origin
AMServer: eusXXXXgn0000DO
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 16FCD141E15E4A5EBAA69F7DFC863644 Ref B: LTSEDGE1007 Ref C: 2024-04-25T03:37:46Z
Date: Thu, 25 Apr 2024 03:37:46 GMT
Set-Cookie: __SF__.live.com/amsc=GNJw8tN3JmPHfJeTEe8pHjGg6Fypyu1J7nVzmvFoMYdmNRw4USt7MY3VdeF/wlQVE4e8swTo4ypD7SCoJoPq9zIbc5flhKbWumoMfUQdrG94oPU4+VBiudkShzFhpdCauZVd58RWOzH9CyFimxLhj+xWY9BTz2zg0m9al5p/DA7y5hQ7okvfIWXUJvv5Z3xoYuwnsUNbgpwmSw3c58p7ApUEkAWl7IJ4EeibRqHmfyeeaPbYrUhqPntbBjoAhVp+/2IfUjFZLPGlhzdTnV470aWu4KEQ/6CF/u4mxlc2rMm4f2CBSAIDLUVLG7dShBtm:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:46 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico | 157.167.155.205 | 200 OK | 17 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Resources/images/favicon.ico HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=e42401c8435e457baf2992bb73265802&e=404
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=GNJw8tN3JmPHfJeTEe8pHjGg6Fypyu1J7nVzmvFoMYdmNRw4USt7MY3VdeF/wlQVE4e8swTo4ypD7SCoJoPq9zIbc5flhKbWumoMfUQdrG94oPU4+VBiudkShzFhpdCauZVd58RWOzH9CyFimxLhj+xWY9BTz2zg0m9al5p/DA7y5hQ7okvfIWXUJvv5Z3xoYuwnsUNbgpwmSw3c58p7ApUEkAWl7IJ4EeibRqHmfyeeaPbYrUhqPntbBjoAhVp+/2IfUjFZLPGlhzdTnV470aWu4KEQ/6CF/u4mxlc2rMm4f2CBSAIDLUVLG7dShBtm:2:3c; __SF__sessionId=5b5a2a9a3c91a64368e1bb3450218; amcanary=0; __SF__sfbid=e7Pp4NM83h0a2d53d7; MicrosoftApplicationsTelemetryDeviceId=7dfa493d-2e15-4dc8-870a-d62d237b8413
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=31536000
Content-Length: 17174
Content-Type: image/x-icon
Last-Modified: Tue, 23 Apr 2024 14:29:38 GMT
Accept-Ranges: bytes
ETag: "075baab8a95da1:0"
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
AMServer: wusXXXXig0000YC
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: CB155E23A681420296DD198F82B879A5 Ref B: LON21EDGE1315 Ref C: 2024-04-25T03:37:53Z
Date: Thu, 25 Apr 2024 03:37:52 GMT
Set-Cookie: __SF__sfbid=e7Pp4NM83h0a2d53d7; Domain=ams.skyfencenet.com; Path=/; Expires=Sun, 23 Apr 2034 03:37:53 GMT; SameSite=Lax; Secure; HttpOnly
|
|