{"report_id":"71925ecb-42f2-4551-b176-426d03ad2cf9","version":6,"status":"done","tags":[],"date":"2026-04-01T17:51:56Z","url":{"schema":"http","addr":"microsoffteam.top","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"ip":{"addr":"104.21.87.207","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"microsoffteam.top/","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"title":"Verify you are human","dom":{"size":506252,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65239)","md5":"2334497e07e5bda3cc917933a1a9e9d0","sha1":"af4e6cf585b8529d4e560482901a80f0d2a55c96","sha256":"260634680a04fa5d3fb31cec440fcde73df5a82443ecc92b2ddfbc418d02cb6f","sha512":"c5e55a849f1361cc9ed53929c13c9347ce784a88db44d8118f993e73e9097a48958632755e9e1c1f50c31544d3dba5ff798e21e6b30a38176dfd19a1264667c9","ssdeep":"6144:eNdDj05sY1N6YsmTYP9HqRG/ce8qkvX+N0KI7NsgfIpyjMvyAWqMDyjMvyAWqk:0E1R49KI/cSN0/U0olMOolk","tlshash":"f8b48851dd0a371eb3714c1fe78e29ee3b9a42ac942991cfbf5d31d8930d4658a70ca8","dom_hash":"domhash01eeb956cf9c03371a31324244820658","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"microsoffteam.top","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"ip":{"addr":"104.21.87.207","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T17:51:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"microsoffteam.top","ip":{"addr":"104.21.87.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-01","domain_rank":0,"first_seen":"2026-04-01T17:51:56.465305Z","last_seen":"2026-04-01T17:51:56.465305Z","alert_count":0,"request_count":2,"received_data":582971,"sent_data":890,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"microsoffteam.top/","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"ip":{"addr":"104.21.87.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"46d2dabc7c4e6eb1df7057bb479e9c0e","sha1":"046d78e991080da8ff21cf81eb6d24638911d240","sha256":"599bc9bb63cc7e054d09c7179e018a531102b3f271a1ef627fabe2cc7f4d4daa","sha512":"2bc88499e4ebd57b50b4a7a8cc6eb4a92720292c0ee9a0ac71b6c2222b3e5e862a037dde6b9ab700583e4710f89cfc782534dd717a87db6b1d3c8dd600eeca75","ssdeep":"384:h0hqyUcONBnzESb+EphtbH9LRoq3mQl9FyD74ipTrFtOvvEv4FA:h0URbzESb+E5/mQl924+","tlshash":"43c2930bede71d3009a3a17a179fb2c1b2319017e589c95478adb7100f9e96593bbbcc","size":27657,"data":"","first_seen":"2026-04-01T17:51:59.354602Z","last_seen":"2026-04-01T17:51:59.354602Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoffteam.top/","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"ip":{"addr":"104.21.87.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f09160c32ad7c3f1ea7c92e697c524f8","sha1":"cda45bdd7178e4a98183f5a0dd4e8d062abfb598","sha256":"68e731c88853682804a9351be8c366bce4f77e0fcfc5d44ee904f1a818c9f275","sha512":"a687214e349b4e72b1970b6c230379df6603ea8c84c5c17a4c891655e05a43ef9e7a8a4261d4d91b04f735914aa219e059a5638cf5b2b6467ca73931f0cc3ab4","ssdeep":"6144:CNdDj05sY1N6YsmTYP9HqRG/ce8qkvX+N0KI7NsgfIb:AE1R49KI/cSN0/Ub","tlshash":"f454e284ee077b1df360444bbadc2dcd77be97205876a2dbef2d2509210d8ba59b085c","size":290158,"data":"","first_seen":"2026-04-01T17:51:59.355436Z","last_seen":"2026-04-01T17:51:59.355436Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"23706cb654bb3a01c2330d36f901172e","sha1":"fb0ee46c020eae211f3e2dc84a82abe03bbbdaab","sha256":"0b2224467ab3e446cda30ceec106ec7cee921e9cd5afa585760fadf3738a2cd3","sha512":"f6464a682beb744ef16926d9ef94777c8eb947558a16ec25403fe7b1755a77bf1f02c71b457f54bcc9cd7f3ef651b87f84356db4188c180ad7c86ce975a95b86","ssdeep":"3072:pREhJAm10x6vyAnqD4Z7iohJAm10x6vyAnqD4ZnqzESb+EE:syjMvyAWq7DyjMvyAWqf","tlshash":"af249f260d5d379e76335c6ecb07257f3e8650eea10884df7c9eb2e8cb560508a29de4","size":216034,"data":"","first_seen":"2026-04-01T17:51:59.356713Z","last_seen":"2026-04-01T17:51:59.356713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"microsoffteam.top/","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"ip":{"addr":"104.21.87.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T17:51:33.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoffteam.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 14:12:06 GMT","end":"Tue, 30 Jun 2026 14:12:05 GMT"},"fingerprint":{"sha1":"A5:F0:B7:4A:50:FF:8E:CA:A4:B7:64:D6:F0:EB:8E:84:11:B7:85:B9","sha256":"0D:EC:51:CF:C7:5C:6F:EE:86:E4:99:58:45:7B:6B:B1:5B:2F:B7:E3:FA:5B:AC:12:0D:04:FB:B5:0A:47:E0:35"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: microsoffteam.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Apr 2026 17:51:34 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet, noimageindex, novideoindex\r\nreferrer-policy: no-referrer\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\npermissions-policy: geolocation=(), camera=(), microphone=(), usb=(), payment=()\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YkhJQ8EqUTIgtDZptwzFMkuCV3lG7AkAkXTMRLLLBq6XADvBgphnOv4FdubrfIfW6Dz2M%2Bil1NzyX8ZiqVKN9W5%2BSC1uxvXkx12UJVSFrmx2kwvFwVBAZsK2GJslMnJOBSTu9Q%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e59714dacdc5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":290463,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65222)","md5":"90ad6d745ed4f5b9e7cf3ed6c9ba275e","sha1":"f668bed44d82402278b514d39a487ba6d19fea55","sha256":"e49c46817358886780142e95e1dc5fc1a693a0035419081a5cb24e0601177b97","sha512":"8ffb66ce7181ccaf0857f92c108288ea11b86c13de184559404ae5466e81f17bfb3774bcff3256320691fb05fb77ed28cc6645011c6f72eb3c9b9c74170ae4b3","ssdeep":"6144:4NdDj05sY1N6YsmTYP9HqRG/ce8qkvX+N0KI7NsgfIB:KE1R49KI/cSN0/UB","tlshash":"b654e284ee077b1df360444bbadc2dcd77be97205876a2dbef2d2509210d8ba59b085c","first_seen":"2026-04-01T17:51:59.352814Z","last_seen":"2026-04-01T17:51:59.352814Z","times_seen":1,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":60,"dns":45,"connect":1,"send":0,"wait":150,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoffteam.top/favicon.ico","fqdn":"microsoffteam.top","domain":"microsoffteam.top","tld":"top"},"ip":{"addr":"104.21.87.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoffteam.top/","date":"2026-04-01T17:51:34.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoffteam.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 14:12:06 GMT","end":"Tue, 30 Jun 2026 14:12:05 GMT"},"fingerprint":{"sha1":"A5:F0:B7:4A:50:FF:8E:CA:A4:B7:64:D6:F0:EB:8E:84:11:B7:85:B9","sha256":"0D:EC:51:CF:C7:5C:6F:EE:86:E4:99:58:45:7B:6B:B1:5B:2F:B7:E3:FA:5B:AC:12:0D:04:FB:B5:0A:47:E0:35"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: microsoffteam.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-robots-tag: noindex, nofollow, noarchive, nosnippet, noimageindex, novideoindex\r\nreferrer-policy: no-referrer\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\npermissions-policy: geolocation=(), camera=(), microphone=(), usb=(), payment=()\r\nx-xss-protection: 1; mode=block\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K8itNDUgWunTHHOANttIsYNoLLEba%2Ffh0mg1k7%2BMqasnix2xfohvuS00Y%2BVC65LGHNkl7Llk%2BH1wkV7XDP%2BzvxQXmcmWwuSCar%2BmLIjYBCP%2BNAg%2FpA8PCUmTua%2BpmqJDV7QcyA%3D%3D\"}]}\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 17:51:34 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\nserver: cloudflare\r\nlast-modified: Wed, 01 Apr 2026 17:51:34 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9e59714fdf224c11-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":290479,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65222)","md5":"b23c3a8321c5734e7858b3f877153968","sha1":"90b29d4f1139e6e3a6d3423d938bc464a3fc1b21","sha256":"a2fbaeb839f7b66610367c439cbe906e790458a4564dae206a901ac84e4df0a2","sha512":"7e16373c5ce795893af348f717c62db0a3d788d029df86ab40ea31c1e401bfe702908c09e55be11ac2ca2c0517c754ed36dacb2bf19ae7c9b0202c405fccf7cc","ssdeep":"6144:4NdDj05sY1N6YsmTYP9HqRG/ce8qkvX+N0KI7N8rrZy:KE1R49KI/cSN0/ey","tlshash":"ca54e280ee077b1df360444bbadc2dcd77be97245876a2dbef2d6509210d8ba49b085c","first_seen":"2026-04-01T17:51:59.353714Z","last_seen":"2026-04-01T17:53:53.755857Z","times_seen":2,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":186,"receive":119,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}