| pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/intmdaw.html | 104.18.3.35 | 200 OK | 37 kB |
URL User Request GET HTTP/1.1pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/intmdaw.html IP104.18.3.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeJavaScript source, ASCII text, with very long lines (7887), with CRLF line terminators Hash7c8524e35c67ea8c088bdc7c71f861aa 9b0560a441a994efc5766d1bcd468e947b57f0bf b791e92b3efb3dc16009d3f495d1f7c918307b2bee564a9b09b49c1620b5da5e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /intmdaw.html HTTP/1.1
Host: pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 05:27:35 GMT
Content-Type: text/html
Content-Length: 37109
Connection: keep-alive
Accept-Ranges: bytes
ETag: "7c8524e35c67ea8c088bdc7c71f861aa"
Last-Modified: Tue, 23 Jan 2024 22:55:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 878b71f94d74b4fa-OSL
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/intmdaw.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 05:27:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3375562
expires: Sun, 13 Apr 2025 05:27:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FwPSBaaqccCGBug3cb8Hduln%2BH%2FRAZhz8B4c%2F6uJulFlWLB1gRlAObUtZKb%2B0jA9ua0ZyMOG2GDp3lT8sL4h8HX5aNCnppLQCqaVcRcbExWe4fSJ26x13PaDCvuKWi42Caol%2BqV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 878b71fdcd4e56ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| east.exch026.serverdata.net/owa/auth/15.1.2507/themes/resources/favicon.ico | 64.78.48.81 | 200 OK | 7.9 kB |
URL GET HTTP/2east.exch026.serverdata.net/owa/auth/15.1.2507/themes/resources/favicon.ico IP64.78.48.81:443
Requested byhttps://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/intmdaw.html CertificateIssuerDigiCert Inc Subjectexch026.serverdata.net FingerprintFB:9B:A4:70:9B:B2:D1:2A:D2:9C:49:63:76:C1:97:58:E2:79:B8:1C ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File typeMS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel Hash759fade9033aa298629e4b000dcd6dde 34a1adf5c7326d7bde5b5735471b5d81e611c189 cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /owa/auth/15.1.2507/themes/resources/favicon.ico HTTP/1.1
Host: east.exch026.serverdata.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: image/x-icon
last-modified: Sat, 26 Mar 2022 18:40:39 GMT
accept-ranges: bytes
etag: "806d40fd4041d81:0"
server: Microsoft-IIS/10.0
request-id: b82ce2e3-6a3e-4861-bd60-19f927f9f023
x-powered-by: ASP.NET
date: Tue, 23 Apr 2024 05:27:35 GMT
content-length: 7886
X-Firefox-Spdy: h2
|
|
| autodiscover.homlaw.com/owa/auth/15.0.1395/themes/resources/segoeui-regular.ttf | 0.0.0.0 | | 0 B |
URL GET autodiscover.homlaw.com/owa/auth/15.0.1395/themes/resources/segoeui-regular.ttf IP0.0.0.0:0
Requested byhttps://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/intmdaw.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /owa/auth/15.0.1395/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: autodiscover.homlaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| autodiscover.homlaw.com/owa/auth/15.0.1395/themes/resources/segoeui-semilight.ttf | 0.0.0.0 | | 0 B |
URL GET autodiscover.homlaw.com/owa/auth/15.0.1395/themes/resources/segoeui-semilight.ttf IP0.0.0.0:0
Requested byhttps://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/intmdaw.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /owa/auth/15.0.1395/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: autodiscover.homlaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-f587e0217ce7406993fb5171bb0a5b24.r2.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|