Report - microsoft-windows.pages.dev/

Report Overview

Submitted URL
microsoft-windows.pages.dev/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-04-18 05:58:12
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
microsoft-windows.pages.dev	unknown	No data	No data	12 kB	752 kB	188.114.97.1
ocsp.sectigo.com	487	2019-11-29	2023-04-18	330 B	964 B	104.18.32.68
cdnhst.xyz	unknown	2022-04-20	2023-04-12	435 B	1.0 kB	104.21.57.38
cdnjs.cloudflare.com	235	2015-04-17	2023-04-17	437 B	28 kB	104.17.25.14
ocsp.pki.goog	175	2018-07-01	2023-04-17	333 B	700 B	142.250.74.131
www.googletagmanager.com	75	2013-05-22	2023-04-17	910 B	91 kB	142.250.74.168
maxcdn.bootstrapcdn.com	724	2014-06-18	2023-04-18	1.0 kB	75 kB	104.18.10.207
cdn.pushalert.co	44711	2017-02-01	2023-04-18	444 B	222 kB	151.139.128.10
cdn.jsdelivr.net	439	2012-09-30	2023-04-17	501 B	162 kB	185.244.209.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-18	medium	microsoft-windows.pages.dev/minimize.jpeg
2023-04-18	medium	microsoft-windows.pages.dev/background.webp
2023-04-18	medium	microsoft-windows.pages.dev/wa0lDErtm0s.mp3
2023-04-18	medium	microsoft-windows.pages.dev/xham.webp
2023-04-18	medium	microsoft-windows.pages.dev/style.css?1665074482
2023-04-18	medium	microsoft-windows.pages.dev/js/interactive89e5.js?1665074482
2023-04-18	medium	microsoft-windows.pages.dev/modernizr.js
2023-04-18	medium	microsoft-windows.pages.dev/fullscreen.js
2023-04-18	medium	microsoft-windows.pages.dev/before.js
2023-04-18	medium	microsoft-windows.pages.dev/modernizr.js
2023-04-18	medium	microsoft-windows.pages.dev/bootstrap.js
2023-04-18	medium	microsoft-windows.pages.dev/main.js
2023-04-18	medium	microsoft-windows.pages.dev/light.js
2023-04-18	medium	microsoft-windows.pages.dev/

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (37)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-10 22:13:46 Times Seen11099 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	microsoft-windows.pages.dev/	64 B	2023-03-07	2024-02-22
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05:03 Last Seen2024-02-22 03:14:01 Times Seen56 Hash 2dbd6a5277f1e899871b80d0f66fea18 39626c4717187035f5eb522f897f9b9e05cb3480 c169d8b05efde79bc6aa47afb193ce3d6dd96a1186a139481e1afb663f60589a Loading...

	microsoft-windows.pages.dev/	155 B	2023-03-07	2023-04-19
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:03:30 Last Seen2023-04-19 01:40:22 Times Seen3 Hash 8a956c6f60c1e7bebf4c7f99d1e53c78 1c7ae2f8edae6e71c8cb7ca3988b78588e4550c7 11c9cdec0cd005c49c4c42fef007d0d27e9c37646788a9bb42ad03cef89a954e Loading...

	microsoft-windows.pages.dev/	96 B	2023-03-07	2024-05-03
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:38 Last Seen2024-05-03 15:22:52 Times Seen169 Hash 9abf47821e5f4a693a066f5a7dabdc61 cb5f425fd94294f0355444fbdde91a5780544e95 2855cb5c161665c5229fd9b98609c5b1e945c26a1082952535c23fa915bd19cb Loading...

	microsoft-windows.pages.dev/	411 B	2023-03-07	2024-05-10
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:37 Last Seen2024-05-10 02:34:55 Times Seen452 Hash f0377b86e2049f89993a85c91de05c2b 49061b39e1dac235a40838d6e1cc4ee7d6bd493a acd76ae4519d08297507ed2928fb33f9b7a93a01f1e2ff2ddfaecd8117307eca Loading...

	microsoft-windows.pages.dev/	54 B	2023-03-07	2024-05-03
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:38 Last Seen2024-05-03 15:22:52 Times Seen357 Hash 15955c75985a4a65b2bc41de83d416e3 fa66029c48a0d474f5535e7c800b1eb2eb7d8cc7 26e46ced18ba88b850dc03c75a66706bd11e09586be175b62dc3598bbb683fb0 Loading...

	cdnhst.xyz/code?code=b049fe04941a742ca9167d53a7c135be	32 B	2023-03-07	2024-05-04
Pretty URL cdnhst.xyz/code?code=b049fe04941a742ca9167d53a7c135be IP 104.21.57.38 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20:56 Last Seen2024-05-04 05:58:49 Times Seen53 Hash 4cf09a531c260f6f06378fd2521c1b24 cd708e55317c517e02c97c54d62e1f99952c5773 d8637afc3e6a2a5512a1d6914980ba597263c1d015c8c6940ed04f59447f9d0e Loading...

	microsoft-windows.pages.dev/	241 B	2023-03-07	2024-05-03
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:38 Last Seen2024-05-03 15:22:52 Times Seen180 Hash e499f8811fba726771c3509adbf56103 19409e420fce03440f78f6149c8fd907a194f0e8 f3d936041adc98d6dc0b2db2df758dd6e408542ad62a924f76e0547f75acffcc Loading...

	microsoft-windows.pages.dev/sandbox%20eval%20code	147 B	2023-04-11	2024-05-11
Pretty URL microsoft-windows.pages.dev/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-11 00:11:07 Times Seen346936 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-11 00:11:07 Times Seen346428 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	microsoft-windows.pages.dev/	403 B	2023-03-07	2024-04-13
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:38 Last Seen2024-04-13 15:41:43 Times Seen177 Hash e82247fd4ca82183fa7dcca47f2d33e1 315896a3cb41037b0c6e7ee5a5f407456a99f58a 623d0332ccb2082e5721d9bdc40cf4568a89d4e1a72e19b7e94ebfbb98096a00 Loading...

	microsoft-windows.pages.dev/	947 B	2023-03-07	2024-05-03
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:38 Last Seen2024-05-03 15:22:52 Times Seen1128 Hash bdef85124f57f822d19cfa00f81b963b a3340b3288e6c3544fd013ed4a664b85f53d88d2 26f081811536ae9cf31db110acd4a319f399de9bad0e354ce20299685b3561cf Loading...

	microsoft-windows.pages.dev/	36 B	2023-03-07	2024-04-13
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05:02 Last Seen2024-04-13 15:41:43 Times Seen423 Hash 98974a127dd729248b555d6976ec761a 627a4bab7f3f51ecc506131a0e74551869767289 cb75a582376bf15206582694413711066bb6fef62c60c4f8ac9d0ff78e13e843 Loading...

	unknown	19 B	2023-04-10	2024-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23:44 Last Seen2024-05-10 19:51:12 Times Seen2604 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	microsoft-windows.pages.dev/	300 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 6a949537ba0e7ec6fe48459d1cc6504f 669810a19491c64342b7f9d022c1cb713078a41b c5185a69f32987441b59dd1aa8f582a16ddf849be393750fd1ba4f1eadd6bcc4 Loading...

	microsoft-windows.pages.dev/	248 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash f5ce29fbcc3090625d20c77352f0d007 7bfce136c83c1d5ae4e6a0c87accc478ccbd5edd 4b5b000336b831307e9cd541f11726eb2e1b82e31fc3380e17004c5a87541d65 Loading...

	www.googletagmanager.com/gtag/js?id=UA-210786003-1	115 kB	2023-04-18	2023-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-210786003-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 07:58:13 Last Seen2023-04-18 07:58:13 Times Seen2 Hash a517b19c24069b6b3e68ca7a615d424e ed4bf9f836757bb0905d2f34aae9842be918675b f0995babd1607e35114d143bf4db50640e597e5dc13a3e019d70a79efd27f03c Loading...

	www.googletagmanager.com/gtag/js?id=UA-210786003-1	115 kB	2023-04-18	2023-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-210786003-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 07:58:13 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 4f3c6f4801fca0e1c2cb211007ad5c45 c427593e7711b00f1f520442e5a43754d1463ac6 5523ce70221813c9881543175646606a44f3cae1e7d77f102a253454314392c9 Loading...

	microsoft-windows.pages.dev/light.js	503 B	2023-03-07	2024-05-10
Pretty URL microsoft-windows.pages.dev/light.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:37 Last Seen2024-05-10 19:51:12 Times Seen2699 Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 Loading...

	microsoft-windows.pages.dev/	21 B	2023-03-07	2024-05-10
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-10 02:34:56 Times Seen1247 Hash 011a84e54de113cd8bee0e17ae8aa515 e84b14b6ec396b1ab045b7e667f90536cd5c6083 13fcca4523b328c51789df37af5275739fd57abf684e5d3658e7d69210f9ec53 Loading...

	cdn.pushalert.co/integrate_6000caa177c2e27a72b940e8472069bc.js	221 kB	2023-03-13	2023-04-18
Pretty URL cdn.pushalert.co/integrate_6000caa177c2e27a72b940e8472069bc.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen3 Hash 66ea9bb8011084dca50bad621bb4c90b 173a63f8ccaa82ac911f821bbb4d0f2c6f6ee8ef 275611db4d76925c0db5520033a0ba441d71fc4844284692f6eb5c79e012857f Loading...

	microsoft-windows.pages.dev/before.js	366 B	2023-03-07	2024-04-23
Pretty URL microsoft-windows.pages.dev/before.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:37 Last Seen2024-04-23 01:48:07 Times Seen1635 Hash 87c2dc3aeb373ca8445f7410ef387689 688f4be3cfb8688b4441f382724495a7b82b3f62 31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95 Loading...

	microsoft-windows.pages.dev/	554 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 00897765651ebdb549daf71309d591bf d4eb91b1c6e8b7e7ef6706148ee28aa73f9a73c3 7935c775ece6a712bfe984af383d4f04e83b76d0ea9611191efd3ac5304f725c Loading...

	microsoft-windows.pages.dev/	466 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash df84d10b10461224cb2e7c5a482da2ae 5b655b6b947b2f7935872e402f8e7ecec7959bd0 f8e46b8b8568d17e8bfc9d628a8dfd516511c3d5bef6e584332acec73171553f Loading...

	microsoft-windows.pages.dev/	4.1 kB	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 374ee6b9e61e1fda18528d8f89a112f2 282771757c84d5beecee4424e080f17bae51b40b 9eb2230fdec701de86c4b2a3c8280f1b708c23b5c65d0cc221280c5c650220e1 Loading...

	microsoft-windows.pages.dev/	301 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 3e7ff7c34754b1daaf0d267dc4a74a57 65866cc33ddfeaa98c467b501d240f32c57f1cc5 bd8a42a8e2a1a787e1dde2dface5bd78ab7bd338f7249f3b3f20a00308f36f98 Loading...

	microsoft-windows.pages.dev/	158 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 0b526b9d30ffab85e08acfb7134cd539 5baf548deb02ae816dc2764a59ebaa20b250042e 00586132378bf5b66540ae65e925aa752e1897683a2bbf26f449984500c4e56c Loading...

	microsoft-windows.pages.dev/	282 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 61a21599d6baf5415ccd6b67c73dea16 6e9b34cdb59ebf9f2f173ef4518bba90d8a9f0c3 524266799798d8ee0a8760f837198df4d1060f97a6ed475e3a57662a56ca27d5 Loading...

	microsoft-windows.pages.dev/js/interactive89e5.js?1665074482	24 kB	2023-03-08	2023-04-18
Pretty URL microsoft-windows.pages.dev/js/interactive89e5.js?1665074482 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:48 Last Seen2023-04-18 07:58:13 Times Seen3 Hash 6eb0bc946c565fdbc3aa0a63e872d10e aed373d678239bc63a572636a44ec269b6355421 e5364687b339f0b590c8daa7fff5f423936d54dd0b2a332a433fd8c45bfe60b6 Loading...

	microsoft-windows.pages.dev/	797 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash cb9f989de319f8535f55447fa4cbda1a 5b4f535833bdfffed97a675b851093d9fcf113fd dbc5b38650b451ecab637852ff23d7ede957422cac47f16a73b416b255c86029 Loading...

	microsoft-windows.pages.dev/	94 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 7e83ae9edce467c98fe3e66581647539 e2a48a51fe21485729b24d59c0f1ac9d027eef1d 73aad151bda0db3d2c55dcc25c6e8cb6946f87b29f2464e4fd48fce4c7dbdd64 Loading...

	microsoft-windows.pages.dev/bootstrap.js	84 kB	2023-03-07	2024-05-10
Pretty URL microsoft-windows.pages.dev/bootstrap.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-10 12:09:47 Times Seen5480 Hash f81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Loading...

	microsoft-windows.pages.dev/fullscreen.js	245 B	2023-03-07	2024-04-23
Pretty URL microsoft-windows.pages.dev/fullscreen.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:37 Last Seen2024-04-23 01:48:07 Times Seen1628 Hash 62f519fe72808a3ec681392b7ff47417 2ee16112e35feb9d6d48ae0f4e66187514dec811 43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4 Loading...

	microsoft-windows.pages.dev/	149 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 41bc89d38950d1b098516b718a3fb46e 8580ea3b0b786f39ecb5f4f21d378b7bc7f0eafe dbce1f0e801f4a4e6f287cc45c18d573e3d1238ae1f195a695dd5c389fde194e Loading...

	microsoft-windows.pages.dev/	144 B	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash a570bde55075fda8ab4b00e602af8a62 6afcd311e9cb39b02a43631d1fd67d2ad19a4807 bf7ea904a239f59a84aef8d48bf56da68334ac6f9f1bdef0b498c34d04ce1398 Loading...

	microsoft-windows.pages.dev/main.js	1.3 kB	2023-03-13	2023-04-18
Pretty URL microsoft-windows.pages.dev/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:59 Last Seen2023-04-18 07:58:13 Times Seen2 Hash 61b456e4a102b271db998c38ba7dab5c 274b33c16572f32b8c0f91a902343ad3a3f1795e 7cf13153d1128147e5447b9191a72d0ec1d40bac6e7df45e3d054502f8d05206 Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 00:12:00 Times Seen37531015 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (35)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
b1e4b2a99336201b37fb8cea5d57abb9
d57980f0d0eaaf57ec33ddc9ed027274cfa86027
c805bfd991983f57b5b7878b998f7529e9b7e2df4bc2d39ba493934e23ba3f8a

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 464800
expires: Sun, 07 Apr 2024 05:57:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSUI8ZZ3TSwO6ypmX%2BKHeQGMdE4VvhPV3e3sTJs4xoZ2r0sNlo0ehJoICQUwduhmt9VfGeFDVzneQGpExHknxNbSTzFwg6GmZppKRDKSPu34a0cJc%2B1gdNTgXb6c1H6nGQU1tJOH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b9aac54fcf2b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

microsoft-windows.pages.dev/microsoft.png

188.114.97.1

200 OK

700 B

URL GET HTTP/3
microsoft-windows.pages.dev/microsoft.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
PNG image data, 47 x 46, 8-bit colormap, non-interlaced\012- data
Size
700 B (700 bytes)
Hash
0ff56a6a86d5e52a8befd4c71d1842df
9a5cd44dd2f43a37ce3af14e167bcba480e97ff4
81e528ea37468236da238a66c1539207d5eca2db4dbeb429bb0e67b80f04a9bb

HTTP Headers

GET /microsoft.png HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/png
content-length: 700
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "477cf60256fdc17a03865c19b516e74e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs8tkwi6v5StmmuAZw%2FLLRDcEyj83sWd3sVaJ06fLj%2FXddo21absK%2Bxeo5yj20SCoEs5Ef5J47ZWoO9LY%2BthQwJ72UW4S8AzKcRwzsSOlEVPp6MIc47j5QpDGgOvBCPlDotQ1gwNnkFSzlNH9oM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54cee3b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/pc.png

188.114.97.1

200 OK

4.9 kB

URL GET HTTP/3
microsoft-windows.pages.dev/pc.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
PNG image data, 166 x 92, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4949 bytes)
Hash
cc5132b56ba46b03dd998aa1fe220106
403e007a0b17d76a9945fa5ec46a9d01733b3040
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

HTTP Headers

GET /pc.png HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/png
content-length: 4949
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b60af58af358bbff1b64cbb0cae96f72"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwkTyfIjuHvsUcaVmMKpRGb112pFelh7n9vV0Pp1GBkCEBiEhAOM%2B9snwv1BjK9ROs%2BtJltyWd8fZIK5TkZkBiEBsTeblHOb6aLCMlMYq2e60TCxyaF2EOx9TGTYnuwDxXlTjpvAZuoTKfOjLzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54defcb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/minimize.jpeg

188.114.97.1

200 OK

2.2 kB

URL GET HTTP/3
microsoft-windows.pages.dev/minimize.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 180x39, components 3\012- data
Size
2.2 kB (2247 bytes)
Hash
1ba392dce74f8987dca48bf65d817c8f
db0b8444c46125105b52f272bd422a7f52da1f72
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /minimize.jpeg HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/jpeg
content-length: 2247
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "94135e9c4b673c3071863eb8b5db0c0d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYLodOnTyq0185wbzFDfGh07xV1a%2BZPQR5OWc5RLLV79lVfu6SEAs6EUkwyQRsKCsrZMibWDCeoFdPqmqygReq4z%2FnKp%2BaDkg8udLnGiJUMpj61d3XIFWqP8j6uJc%2FnQUtj1Q9jsV1yGw2ZjGaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54cee5b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/setting.png

188.114.97.1

200 OK

364 B

URL GET HTTP/3
microsoft-windows.pages.dev/setting.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

HTTP Headers

GET /setting.png HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/png
content-length: 364
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpfIh7rux8f2sTzxA%2FQD0CH2HigKgGN%2BQn%2BCEcXWfJoNAvSB%2BDffEB33FxwXRDTyagB2LcX0YI4ndtqymQHCJTHreSo5RvbRqeUPxKDqpnkyauMHv%2B6xzaiZaYjCOwlNwI%2FKmHibgbCxRFeJYV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ceefb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/images/ico_tray1.gif

188.114.97.1

200 OK

69 B

URL GET HTTP/3
microsoft-windows.pages.dev/images/ico_tray1.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

HTTP Headers

GET /images/ico_tray1.gif HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/gif
content-length: 69
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "aaf6c5e1ac9ac320bede916158ed5d07"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1cf1A06DRQ7et4lpaom5yquT7ZRbL0PREjsH14a1g1cNyhDRQosrJ5zMPnTga0B8EHEUuv5mlU9hHZw3TGyZkvnWHUL%2BJFfsHlhjJ96%2FaiG9RnLsefgVysrDRxivrozxt4rI4Utey3XtVZrMy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54defbb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/que.png

188.114.97.1

200 OK

349 B

URL GET HTTP/3
microsoft-windows.pages.dev/que.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Size
349 B (349 bytes)
Hash
7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

HTTP Headers

GET /que.png HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/png
content-length: 349
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d6dd742fc1124fe244e6f4f212155f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo2FhRQggU5vF2Kx5Mpg79RuZCwYsi%2F5CnkqQziiUD0JmZNRYCtal%2BhB7Kf4xEbhq%2FtZ9tcyB4KQlqgFT5cD2euK5Eytkw51oXAcRZpeJdWvg2k8i1AXYZeGHGZcUmMAENZicYr7oxB7SV%2FGZjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54def2b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/virus-scan.png

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
microsoft-windows.pages.dev/virus-scan.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25871 bytes)
Hash
2c497dfff84bd8c5af9254c9d6278ce1
667e72e7ba6f00a54629e28133317022d4b59af6
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

HTTP Headers

GET /virus-scan.png HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/png
content-length: 25871
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "cbc9ed14fa29655a591dc055c3db0f03"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUYqA6EI%2BisSPM6k9W7uSdnBEK2l7TpNR4tiz2ooKO9ufbIrPrPwgVh6fNpq1x2Ii%2FeI2d444b0x83n3tcRsllhP9gtwRmZohAGR45OVuSfPdXNB4jpgRn9n1orQD0HsrBmY4tY2tu5DmdvYqdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54def6b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/images/ico_tray3.gif

188.114.97.1

200 OK

234 B

URL GET HTTP/3
microsoft-windows.pages.dev/images/ico_tray3.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

HTTP Headers

GET /images/ico_tray3.gif HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/gif
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "77658f49c3237c43feb1f812a11dc45b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIhZzZ60tsaKkKZJ5S4DBkkgNa3S0yBBm2zOMSm5iPP5SW1FsbYwRjnMikFJUbsy3OkBydbmr83zRUJxC2GIn%2BdIDJxjlsDkiiCRPxhUwKCohkc2pwUC7A9sdX%2FCv2ZzazZuqHHOqSqWbXcaROk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef0ab529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/images/ico_tray2.gif

188.114.97.1

200 OK

377 B

URL GET HTTP/3
microsoft-windows.pages.dev/images/ico_tray2.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

HTTP Headers

GET /images/ico_tray2.gif HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/gif
content-length: 377
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9f6c72ab1272f4bbadf6b026cfcf0490"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpmnNI%2F2f74W6rKFN8aDiXgSg%2FliCFMbFCZcq2Lz%2FmNoJLcwNn7FaVFQFLqn5TCC7hEUYtA94AthG2VAJPztvc4ZuMa1sLmYzfxMb7XWDnjjRx336c8I6%2BjPMZVyq%2FFU8YdhVT0A5Tc%2Fdt%2F6aKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef07b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/background.webp

188.114.97.1

200 OK

86 kB

URL GET HTTP/3
microsoft-windows.pages.dev/background.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x1037, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
86 kB (85652 bytes)
Hash
08f7689f83b94fbf477bed4120ffd462
fe211d4605aa91d719e38a6cb6ca0aea1f74d375
a07598c068b797d9285806bc978a34ec52aa534d297630df8748ce0c95500ecb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /background.webp HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: image/webp
content-length: 85652
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "fa827b468f65c170ec8702d1b70ddd2e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXJnFMhsYHUlZmhD%2B4kdJEZQw1O85H90byMkcc0umM%2F17Fnj%2BNZjC2zpftTPajcslyZBNCl7NtYGBBVv%2BOjp4QH%2BM%2BNLaYoGQ0TDFzBWDr%2BCBDTgZ4Od5bMGiULn%2BZsLO4Jl5erZJIcGr9CWzpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54cee8b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
43db2c964498883fd98799a8b1dc6ea4
4814b7cbb03111d02286329392d2735225df3a5c
44b1d4e6c4b4ba2f50b3344787b34e1c8100454ce01eccd79c4c949fb7491690

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 05:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-210786003-1

142.250.74.168

200 OK

45 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-210786003-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT

File type
ASCII text, with very long lines (2206)
Size
45 kB (44682 bytes)
Hash
7dedab5353a32f3089d16e07b88f2fb8
af6e6b1c2e37a514cc7c4d68a73f8af69c2a4ceb
02ded9c8cb52d5e25da30fb6998ab21e89e1bc1694efe9a4afbe1d587fbacd96

HTTP Headers

GET /gtag/js?id=UA-210786003-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Apr 2023 05:57:56 GMT
expires: Tue, 18 Apr 2023 05:57:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Apr 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

472 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
940a764e481cc568f4cc030d3c72b5b4
74ef33f6b2c969185a3d6a28434b9a103c026006
8a7c2cef6f34c90ecb57205d67835cb83de9af05d8ded665f4def1d830041ca9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 18 Apr 2023 05:57:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2023 23:50:03 GMT
Expires: Mon, 24 Apr 2023 23:50:02 GMT
Etag: "74ef33f6b2c969185a3d6a28434b9a103c026006"
Cache-Control: max-age=582125,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b9aac551afb0b61-OSL

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.10.207

200 OK

6.6 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27303)
Size
6.6 kB (6639 bytes)
Hash
cdb32709ad49f6cddb68df3458b0824a
01f8bb4211a72a926076773e606c3818e34db8d8
c9a410068a7b6d44725b2dc6d309af75805f9ef1f14ba54bd5a803ee7262896e

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 27241724
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b9aac54ff9eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-210786003-1

142.250.74.168

200 OK

45 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-210786003-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT

File type
ASCII text, with very long lines (2206)
Size
45 kB (44680 bytes)
Hash
27fae1368430481412320558db1c738d
70b4c6667ba22c8450fca21555c07cd7aa02ec9f
d0c0d6a9db01ae060d22864a1592a1f654e18accc8c2b1979bcba0a4b1ee583e

HTTP Headers

GET /gtag/js?id=UA-210786003-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: www.googletagmanager.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Apr 2023 05:57:56 GMT
expires: Tue, 18 Apr 2023 05:57:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Apr 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

microsoft-windows.pages.dev/main.css

188.114.97.1

200 OK

42 kB

URL GET HTTP/3
microsoft-windows.pages.dev/main.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with CRLF line terminators
Size
42 kB (42342 bytes)
Hash
f73e9f820d9138cb46a55163a3ec6eaf
72480ea093355bbd96aab0a74b5db83b57fa5454
339dd40f10d73faf8b622e1f3a84dc6fc6e1566b8f9dbeee1bdf619353e8f0dd

HTTP Headers

GET /main.css HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b5453415f90e3b617f36f5fc8d58b721"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MJo%2F%2BX4swbiA8u3RXCFbwS4ElK3as6N36Z2WJ7Soqq5tefCeVc5xYG1VFALTSo9%2FPrt%2BTHKSqGTo3mAN%2BUCV3klNyVxhxyAExgadpYORbnNrcObEMQGn62JHGgptZv%2F1sv%2BzRuOMCYS7D6XYQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ced5b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.10.207

200 OK

67 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://microsoft-windows.pages.dev
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: bede1086fb59f133877b8c730cc05197
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b9aac57ae6bb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/wa0lDErtm0s.mp3

188.114.97.1

200 OK

201 kB

URL GET HTTP/3
microsoft-windows.pages.dev/wa0lDErtm0s.mp3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural\012- data
Size
201 kB (200832 bytes)
Hash
0116152611dd51432e852781f8cc7e82
2408d3d281b25649894f78a4e19f7f8a8ac735f9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wa0lDErtm0s.mp3 HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://microsoft-windows.pages.dev/
Range: bytes=0-
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: audio/mpeg
content-length: 200832
access-control-allow-origin: *
etag: "8ed7622fbdd15ff1b20ee9c97316f31c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMnNelusKf5tFh9AjXVJ1LAQtQuNHKhEjh23ev15xqBXWWU8dx2LalTEUfzuFHrRDf2JxgQeblGcpV%2FkL6%2FOaW8ymwuZzBHh70zdkirej6A676fri3WILceLl13iOMQMMZXq7cPd389PzZN2%2FAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac57aa60b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/xham.webp

188.114.97.1

200 OK

98 kB

URL GET HTTP/3
microsoft-windows.pages.dev/xham.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1884x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
98 kB (97646 bytes)
Hash
0439f76589490c4ab862e9f2f79bb309
9c552c7240e582c1b6534bc30a8db0030f343512
a052fb437fc9dcce0e360d688dc362ccca897dd0fcfd6c0366edb1ccf4529395

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /xham.webp HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: image/webp
content-length: 97646
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "51fbf4c0f284b7efc3d3dc33540720ce"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0GJxB%2F4xkEClHYHvtteobFC%2B0EWbK4gp2ngim8HH%2FoidfauOljw6RsOl3hXFR9L8DpANj9ZelIPEBkFbj5whbiTFu10kfFE09t7TPFc%2FENtCbyUx0JMc%2F353Of0OOyi1IzwvfbeJx0O5EYpZj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac586b32b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/1.png

188.114.97.1

200 OK

100 kB

URL GET HTTP/3
microsoft-windows.pages.dev/1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
PNG image data, 999 x 482, 8-bit/color RGBA, non-interlaced\012- data
Size
100 kB (99519 bytes)
Hash
80e3e464402c3d174d37070cff84a426
b3ffc7d1a292a5858bc14001df1e025605d05731
9ff74ac6d1875a5b7b14754d8921043442f80d5f5fe6642839fb2f10cab5de8c

HTTP Headers

GET /1.png HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/main.css
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: image/png
content-length: 99519
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ae43958bf2cf509d22106459e4404ddb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW%2FZnZ8Z%2FS65mk2ApXQSeCpYgmOl1ikiTXSPK142DqsqxsKBTXkZHLGTuED6VMpdPalzkxoFrzSkDm8%2FftkYeuFui2KAjT4HZlzn3V3TOM%2FUH2xM%2FOQTeIWuDf%2BfLGrN%2BWNY7FtkZ3qGS%2F1LDzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac586b33b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/style.css?1665074482

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
microsoft-windows.pages.dev/style.css?1665074482
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with very long lines (2033), with no line terminators
Size
1.8 kB (1811 bytes)
Hash
7eaf21fd066ad8d9ace23521f538a974
0cf315d78f12cfa40c9fb24da6e2684757d52448
19427665d6f482dfd185c05ad9b1909301f6e83d0a0089ae726f7eddb761f58a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /style.css?1665074482 HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a289f834523ac0b42594d4a5134e58de"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHZ50NuKt75iiNdQ6AV1mpXMzNflbqLdoauvzpIXIg9ewVEhkJwnXpPJfkx3dyB8tx08YwL8X%2FvP6HHIDHDkA1J%2BccbWuxfMUOF1czUktMyy2EGpHdIBGyBGXc1wTFmaXGEMsrMVQiilnpeeBkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54beceb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/js/interactive89e5.js?1665074482

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
microsoft-windows.pages.dev/js/interactive89e5.js?1665074482
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with very long lines (23751), with CRLF line terminators
Size
24 kB (23753 bytes)
Hash
6eb0bc946c565fdbc3aa0a63e872d10e
aed373d678239bc63a572636a44ec269b6355421
e5364687b339f0b590c8daa7fff5f423936d54dd0b2a332a433fd8c45bfe60b6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/interactive89e5.js?1665074482 HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2b986f3ebbb3124d81031aeaa9089096"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F6Bdrhb6enpc4lFRnMoEs84Fa2lwmKVmHJz8JKpEody3Pg4SfcAbKkl093xjSEGXESgomSAtOa1%2BfiLH%2BsTuUTYR2XcbVAocJZLCrsejLD8JL73z0Wb80%2BufXxcwI16KSpA4ONaf9ux%2BVCmpNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54bed0b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/modernizr.js

188.114.97.1

200 OK

0 B

URL GET HTTP/3
microsoft-windows.pages.dev/modernizr.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /modernizr.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"36d6924d9b4e37ab5e03641019ef70dc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6krC%2FFJFAMHeyw2KxDkvxsfXiNsAZpi4J6OLVudpi36d%2F%2F%2FpF6Pgs%2BtOmALMdghW8y%2FzCJg5tWOCqoqexSovb7YbpJqqZ2zbRwXaYVzIJV77Cb5nxrr3TZ8l66Gm6ygCCzKXyinUSOtnZrTm%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef06b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/fullscreen.js

188.114.97.1

200 OK

245 B

URL GET HTTP/3
microsoft-windows.pages.dev/fullscreen.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with no line terminators
Size
245 B (245 bytes)
Hash
e70e5bc6acccc111d1016ccb1de66c20
b75154dabdb11f3c546fe085efdd740a8b88ea90
c8988f92f8e1a825f5f34ed45ca542b25eab1b845c5a0f459dff5045a4ee486e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fullscreen.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"970171d0b5647b73e4f0ab08c9b3d82a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojKhc47oqTh87nyhYekZngSxePQiEcqN01gi5sHF9t09Gfd0dSNYjKE29XcvTIomdkxfeCgPbNlkcWZ7uLLIaHhvFQDn5gtaPIe%2BCqFQ0AKOKiVMIciBfOVn2RnMC4BzsjFdCnbVX%2Bah1PdswPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef0bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.pushalert.co/integrate_6000caa177c2e27a72b940e8472069bc.js

151.139.128.10

200 OK

221 kB

URL GET HTTP/2
cdn.pushalert.co/integrate_6000caa177c2e27a72b940e8472069bc.js
IP
151.139.128.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerSectigo Limited
Subject*.pushalert.co
FingerprintD5:47:58:F7:39:30:35:58:A6:7C:00:66:EB:5F:A4:AC:4D:2D:05:61
ValidityThu, 28 Apr 2022 00:00:00 GMT - Sat, 06 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (7961)
Size
221 kB (221121 bytes)
Hash
66ea9bb8011084dca50bad621bb4c90b
173a63f8ccaa82ac911f821bbb4d0f2c6f6ee8ef
275611db4d76925c0db5520033a0ba441d71fc4844284692f6eb5c79e012857f

HTTP Headers

GET /integrate_6000caa177c2e27a72b940e8472069bc.js HTTP/1.1
Host: cdn.pushalert.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
etag: "1673898395"
content-encoding: gzip
content-length: 39653
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 19:46:35 GMT
accept-ranges: bytes
server: Apache/2.4.10 (Debian)
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=8640000, public
x-hw: 1681797477.cds244.sk1.hn,1681797477.cds253.sk1.c
X-Firefox-Spdy: h2

microsoft-windows.pages.dev/favicon.ico

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
microsoft-windows.pages.dev/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (504), with CRLF line terminators
Size
30 kB (29659 bytes)
Hash
c468944c462b0777ab5e6f0a24d6b613
5b9294089e51624d89044fab7dd75a0a1bd57237
adc875dd1c7ffb92a68332627f33f610595ac597de0d76e2df5de02b49505ff4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"36d6924d9b4e37ab5e03641019ef70dc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2TABxY8iotWmPKtakl%2FGZjlHZ6Jpah%2BE6ieYyvr%2BgtkNw1jGx1%2BwbaS1yUPO4m73JuzWPe8iGTtiWtKEWvixDda8QkYCdxRpW5M6KtwXKdvF%2BQOvrhT3jO9Pc9dj1JUL0pGApbFveFl950%2F7iQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac599c57b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/before.js

188.114.97.1

200 OK

366 B

URL GET HTTP/3
microsoft-windows.pages.dev/before.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with very long lines (380), with no line terminators
Size
366 B (366 bytes)
Hash
30ab0fccfb4c857f608e51c255c26796
5923f53a21825d79b436e2c98e6ab53068370ad3
92e7f01957ef9660eb84aa2d821d4fff017b66659f7a74b900fad60053a1c88c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /before.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"026063519afe3b7556ecd042295feae5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xK1r%2BtAMHJADw3%2BX%2FQh19HruDFz3DbliRVoKIHaYnIokSjHTA5dPrkO2LWGywQ7FiXyt21kSmXBCHH4ExH7xYEPSb6PPRwQTQedVwip0kHAKv5ooqisNtSZ693dC1nR7c2FcC4L6YjKNa%2FPGkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef0fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnhst.xyz/code?code=b049fe04941a742ca9167d53a7c135be

104.21.57.38

200 OK

32 B

URL GET HTTP/2
cdnhst.xyz/code?code=b049fe04941a742ca9167d53a7c135be
IP
104.21.57.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint30:CD:C0:E1:64:2F:FA:4D:C0:FA:11:1D:C4:A2:1A:7B:F7:76:3A:32
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
4cf09a531c260f6f06378fd2521c1b24
cd708e55317c517e02c97c54d62e1f99952c5773
d8637afc3e6a2a5512a1d6914980ba597263c1d015c8c6940ed04f59447f9d0e

HTTP Headers

GET /code?code=b049fe04941a742ca9167d53a7c135be HTTP/1.1
Host: cdnhst.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: text/javascript;charset=UTF-8
content-location: code.php
vary: negotiate,accept,Accept-Encoding,User-Agent
tcn: choice
x-powered-by: PHP/7.4.33
p3p: CP="CAO PSA OUR"
expires: Tue, 03 Jul 2001 06:00:00 GMT
pragma: no-cache
cache-control: max-age=3600, s-max-age=84600
set-cookie: user_country=no; expires=Tue, 17 Oct 2023 20:52:20 +0000;path=/; SameSite=None; Secure
last-modified: Tue, 18 Apr 2023 05:57:57 GMT
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2IEXS3JQrYmqsyZ4FRbqYaYg5pcBv6vL1rBuZiaLzSAqHdTB8y5%2BRcj%2BMPpxe3cxzVNhuRj0O1L9OMBXKEM%2FKPfpIc3c9MMJbD5CnI1KR4O2dKIa0Hhd7BjaPWv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9aac573e470b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

microsoft-windows.pages.dev/modernizr.js

188.114.97.1

200 OK

0 B

URL GET HTTP/3
microsoft-windows.pages.dev/modernizr.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /modernizr.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:57 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"36d6924d9b4e37ab5e03641019ef70dc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtUvgnUN62IGA4%2BRcOtHxciY0mVyqlla23JbmEDFm4pK3AWti4LjAV1QkVOWMxWE5evb15JKBFoK5Bk8Z4R2Pqhd5plSsf6Xlx66qjJ9n2Cpex2lgbU3T8PiHU6Fu0QC82rsl1wBd1HDpel6y0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac57aa58b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

185.244.209.62

200 OK

161 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP
185.244.209.62:443
ASN
#58286 Electric-IT Business S.R.L.

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65326)
Size
161 kB (161409 bytes)
Hash
d432e4222814b62dd30c9513dcc29440
2cac4afc120983921411296bd4e8fd8a94ba237e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Origin: https://microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-03-14T12:14:47+00:00, 2023-03-14T12:17:59+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2

microsoft-windows.pages.dev/bootstrap.js

188.114.97.1

200 OK

84 kB

URL GET HTTP/3
microsoft-windows.pages.dev/bootstrap.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with very long lines (65299)
Size
84 kB (84378 bytes)
Hash
f81d0a1705048649befc8b595e455a94
aec551e4d573463088fca7d14fb644eb389f1839
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bootstrap.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4f31336b52b18c91e3052341d85138e3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FQMww3V8z908cIxO9DLtj2pxh%2FdSsjbzfHlmlAc0POq4LI4WZ8HURagA8Dofj2k6VDND6z7qENyvO2aca%2FTX4dSIdxZ6tPIyPd%2FDBiOfm5TeID3XkAl1q9zAxvtiFnDIKe4pvd3ful7SWuQca4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef09b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/main.js

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/3
microsoft-windows.pages.dev/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with very long lines (1440), with no line terminators
Size
1.3 kB (1290 bytes)
Hash
7ef64d7f959d59b092c4609201f02166
1d83f91236cfd5722e710234e17125a232dd16ea
a5a2eb108c5af78c9b9d7354a27aedce905b5da1cf052aff27eeee73ca07ebc6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /main.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f5ad7345697ff323b75dee4393175644"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0kSQL7myDPMQ4vkRtfT60a1qqHBXnrBkm0eB82KEtG%2FGuL7orxdMcUlvwa%2BvE79vwaChvREocz%2Bn8oWBeyu2j5f90Mm6yvYu2EkB6PVjD0Vq0LQ%2FqrZTN1HniOrrOiEtQqzU0MQ6NNnb8dVvxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef0db529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/light.js

188.114.97.1

200 OK

503 B

URL GET HTTP/3
microsoft-windows.pages.dev/light.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://microsoft-windows.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
ASCII text, with very long lines (545), with no line terminators
Size
503 B (503 bytes)
Hash
d64718a85daf432be5f8d3c9fe3a45bd
d1b2721f29e5a1a6e6344a53162f32c53eb98e1e
de0997f0917e44e1840ce9d82cc86fd7f6cae542f906c62d78ae71c6af0ee303

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /light.js HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://microsoft-windows.pages.dev/
Alt-Used: microsoft-windows.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"57ba525bb338c70835d5893885a8a80a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZjhu3XOGbUy3KboaunkrLpG8oZTbPAqvL3e7P7ClueEvFmT2bzMSCPXIrCqMcg%2B8IWUmuheeKPJc%2F0DF%2BUEUu9PVIFh7FmZbVPsDN5OcIvAQKCOaOmf%2FQP5uEVkvWUdbJ2FkWQAEC10peZOW2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac54ef0eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

microsoft-windows.pages.dev/

188.114.97.1

200 OK

30 kB

URL User Request GET HTTP/2
microsoft-windows.pages.dev/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject*.microsoft-windows.pages.dev
FingerprintCB:17:0D:A7:AE:1E:52:47:03:38:E2:C0:7A:ED:E5:3E:CD:91:29:7B
ValidityThu, 16 Mar 2023 15:13:28 GMT - Wed, 14 Jun 2023 15:13:27 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (504), with CRLF line terminators
Size
30 kB (29659 bytes)
Hash
c468944c462b0777ab5e6f0a24d6b613
5b9294089e51624d89044fab7dd75a0a1bd57237
adc875dd1c7ffb92a68332627f33f610595ac597de0d76e2df5de02b49505ff4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: microsoft-windows.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 18 Apr 2023 05:57:56 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"36d6924d9b4e37ab5e03641019ef70dc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRBvCsFZFqObg9gZvO9Vf14APrZb1abY0eKIq1YXt%2BB9t2ge6teSgIS1UjZouc4AjiZepDLSnC9tWOf2IbSt8hqi%2FoxCmxtUFjdEeLOpC1OTXXCZPL1ljfaQBTsmqM5o0XZuw5KOGQrZ%2F5aiuzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9aac52ac240b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML