| signup-live-com.o365.ams.skyfencenet.com/MobileError.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e | 157.167.155.85 | 302 Found | 238 B |
URL User Request GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/MobileError.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e IP157.167.155.85:443
CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash43262f7a6357a696c7820d8899230074 01d3e0f279410b649a98b81f4c38f30a7f20c68d f4d7cd024a719e0760959cc2f79714e3214ad9198882dfed2b33bffd8b9d3323
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /MobileError.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
X-UA-Compatible: IE=edge, chrome=1
x-ms-amserver: eusXXXX00LG (2.0.3302.0)
x-ms-amserver-tm: 0ms
x-ms-request-id: 9b4330be-624e-4ca1-a347-76f9861630fd
Referrer-Policy: strict-origin-when-cross-origin
AMServer: eusXXXXgn0000LG
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 6893A500F57A469BA23D198D6668856E Ref B: LON04EDGE0816 Ref C: 2024-04-24T19:27:24Z
Date: Wed, 24 Apr 2024 19:27:24 GMT
Set-Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; Domain=.o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 | 157.167.155.85 | 200 OK | 99 kB |
URL User Request GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 IP157.167.155.85:443
CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10314), with CRLF, LF line terminators Hash3f25de3c9eb97466f6977cbf539de90c b997a3900e916bb37a921bf9bb1c0a92cc6a914a 376bc93edab614dbdd93ce235fc7e94689a83a29fe37dcea39d6fd03c25495d8
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
X-UA-Compatible: IE=edge, chrome=1
x-ms-amserver: SCUXXXX0008 (2.0.3311.1)
x-ms-amserver-tm: 62ms
x-ms-request-id: f370a8f1-4a4d-4f62-9b97-7c69a1d971b0
Link: <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=dns-prefetch, <https://acctcdn.msauth.net>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
Referrer-Policy: strict-origin-when-cross-origin
AMServer: SCUXXXXIG000008
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: F370A8F14A4D4F629B977C69A1D971B0 Ref B: LON04EDGE0816 Ref C: 2024-04-24T19:27:24Z
Date: Wed, 24 Apr 2024 19:27:24 GMT
Content-Security-Policy-Report-Only: frame-src cert.ams.skyfencenet.com auth.ams.skyfencenet.com 'self'; base-uri 'self'; report-uri https://csp-microsoft-com.o365.ams.skyfencenet.com/report/MSA-UX-All
Set-Cookie: amcanary=0; path=/; secure; HttpOnly; SameSite=None
__SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:25 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_event_listener_hook.js | 157.167.155.85 | 200 OK | 1.8 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_event_listener_hook.js IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash1f737f56e7bdc64e8b061b77939eee2a e6f0b0fb1d97fbf1ad5b269ecdec27ca321c8da5 a860b9561b1615b3dca00ef253ebc8f398b346e13042dc6bef68ccac5da536ad
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /__sf_resource/_/__sf_event_listener_hook.js HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; amcanary=0; __SF__sfbid=1YwFpONcuzcf9b0f00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Cache-Control: max-age=21600
X-Content-Type-Options: nosniff
Content-Length: 1849
|
|
| signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_ajax_hook.js | 157.167.155.85 | 200 OK | 6.3 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/__sf_resource/_/__sf_ajax_hook.js IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashf969bab2aeac15ae39a5d1f81e7b5b76 3b2c77372698e7d3bc391f11d1c6632464973e33 198126ad3f4d583b32e828ed9c86a9ef0a3b7e2c8292b1422cd931a722da5418
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /__sf_resource/_/__sf_ajax_hook.js HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; amcanary=0; __SF__sfbid=1YwFpONcuzcf9b0f00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Cache-Control: max-age=21600
X-Content-Type-Options: nosniff
Content-Length: 6334
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/images/favicon.ico?v=2 | 157.167.155.85 | 200 OK | 17 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/images/favicon.ico?v=2 IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /images/favicon.ico?v=2 HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; __SF__sfbid=1YwFpONcuzcf9b0f00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 308695
Cache-Control: public, max-age=604800
Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
Content-Type: image/x-icon
Date: Wed, 24 Apr 2024 19:27:25 GMT
Etag: 0x8DC61C017611702
Last-Modified: Sun, 21 Apr 2024 05:01:23 GMT
Server: ECAcc (lhc/78AE)
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 0ad754d0-601e-00d9-2dae-931d53000000
x-ms-version: 2009-09-19
Content-Length: 17174
Set-Cookie: __SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:25 GMT; SameSite=Lax; Secure; HttpOnly
|
|
| signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico | 157.167.155.85 | 200 OK | 17 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Resources/images/favicon.ico HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; amcanary=0; __SF__sfbid=1YwFpONcuzcf9b0f00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=31536000
Content-Length: 17174
Content-Type: image/x-icon
Last-Modified: Wed, 10 Apr 2024 03:41:32 GMT
Accept-Ranges: bytes
ETag: "0fe7efaf88ada1:0"
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
AMServer: eusXXXXgn0000LD
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2746471A3B5B43C088BDBC2544232286 Ref B: LON04EDGE0816 Ref C: 2024-04-24T19:27:25Z
Date: Wed, 24 Apr 2024 19:27:25 GMT
Set-Cookie: __SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:25 GMT; SameSite=Lax; Secure; HttpOnly
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js | 157.167.155.85 | 200 OK | 3.7 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (746) Hash87effb0bb533c1d79f5c94fd9e30c14d 4e4f5f3cddddbfddb46a1626d7ce579a639de389 617e32ca57507098771fd30af6b9dcab063448f6d7e0bc6d6557dd1895f80543
GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 309014
Cache-Control: public, max-age=604800
Content-MD5: GpB463eVzCq5vobQLSGoUw==
Content-Type: application/javascript
Date: Wed, 24 Apr 2024 19:27:25 GMT
Etag: 0x8DC61C00E1BF22D
Last-Modified: Sun, 21 Apr 2024 05:01:07 GMT
Server: ECAcc (lhc/7914)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f51be461-301e-007c-7cad-935c3f000000
x-ms-version: 2009-09-19
Set-Cookie: __SF__sessionId=5b5a2a9a1b76a64362e1bb8dcdf64d; Domain=.o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| acctcdn-msftauth-net.o365.ams.skyfencenet.com/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 | 157.167.155.85 | 200 OK | 119 kB |
URL GET HTTP/1.1acctcdn-msftauth-net.o365.ams.skyfencenet.com/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (54994), with CRLF, LF line terminators Size119 kB (119321 bytes) Hashafba278001bec18bb958b37906f3e761 62249fd3f29df66c5d496f790640091b82d5fef2 59ab8a81f52e7786ef4e7e5a7b717295b8b1f9d633a790f5ac820fabc98699ab
GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1
Host: acctcdn-msftauth-net.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; __SF__sfbid=1YwFpONcuzcf9b0f00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Age: 308726
Cache-Control: public, max-age=604800
Content-MD5: aLM4Wm3/yNZOAZgyrMkY7Q==
Content-Type: application/javascript
Date: Wed, 24 Apr 2024 19:27:25 GMT
Etag: 0x8DC61C024BDDFEE
Last-Modified: Sun, 21 Apr 2024 05:01:45 GMT
Server: ECAcc (lhc/792B)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a8b75949-d01e-00f6-6bae-93057f000000
x-ms-version: 2009-09-19
Set-Cookie: __SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:25 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/API/ReportClientEvent?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 | 157.167.155.85 | 200 OK | 499 B |
URL POST HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/API/ReportClientEvent?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash002d0d59c0c6409e8e98ee6806d07044 16c701b3fa469589951c6d610054b6cd19121b09 cfd724685f080b3d942523f62813843f91d94d54b473100a745a450aa527a0b8
POST /API/ReportClientEvent?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
Content-Type: application/json
canary: Z/Jc3s8jJwdfKy56I42eQrCihdPy20yc30nUVDbDnrXozDoApQWNx+e2MCjF+rqw2eR1w7tBiABCz2Lr4hXCwf780URxhxGgXitNOp5BvVX7urDzTw53SoI8azVrecu0hmcfLra5d5J6EjBj6QciruupOkqeTgmvS/hR9cN37x3sn6WKLw3KX6HRPTP0l871p9YW5y/nMMrVxnCkBu9aumkXIVlgS9EgzUM2Go2UsAKx2thm+6hp4O5cI4YTf4CJ:2:3c
x-ms-apiVersion: 2
x-ms-apiTransport: xhr
uiflvr: 1001
scid: 100145
hpgid: 200202
uaid: 3af78085f773465f9635760a38b9ca9e
tcxt: aljTB39hoRh150NBCZyQQSlaSh6J2PAqfuldYp7nRMQlP1R/kLDwm1hldPVdVRkGjzlBak2xpKYUxUYfalQJkOdLzdx9WCucqcoovWrBxiwtL8Dad5+mOfO73WWmtfWXv/ol9Ie334O6Fc/NmH9JVA==:2:3
Content-Length: 575
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; amcanary=0; __SF__sfbid=1YwFpONcuzcf9b0f00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
x-ms-amserver: WUSXXXX009C (2.0.3302.0)
x-ms-amserver-tm: 140ms
x-ms-request-id: 3387b4ec-2afe-49e5-b955-70856aeac32a
Referrer-Policy: strict-origin-when-cross-origin
AMServer: WUSXXXXIG00009C
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 3387B4EC2AFE49E5B95570856AEAC32A Ref B: LON04EDGE0816 Ref C: 2024-04-24T19:27:25Z
Date: Wed, 24 Apr 2024 19:27:25 GMT
Set-Cookie: __SF__.live.com/amsc=T4j4vbs8UIeKKOCS6rwxBr20d5yYnBUldmmcC+zhpEhzx5TsmhkczUwEGaIldjXjxU0h6Pvmh8GgrBi9qOIU8JoGhqqkQdQGVOF4L9aqPa/h1nICOL2EoKk/tABnWJAOf67x4BYViAlc8WAT3APaHdVXi4ouXXpCEqhGV5hCXi+uySzpkqrPoaePW4kCvfDNoJah42zZFYW6ueDslMcdMM61Yyst8XEA6hgW3qMZnXE9UjM85uQmMtUrHSC72u5UBd2C0NrmFEy5YgcEvIZZfRGLOs49sUymQKRoLXGEwiScjeG78kAXkeuR2Cyx0W+U:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:25 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/API/ClientEvents | 157.167.155.205 | 200 OK | 611 B |
URL POST HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/API/ClientEvents IP157.167.155.205:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
Hash8cc15c14153eeda083cc5824145b06c9 807d46317e4a399b2925a705fd713a384d31915c 7f8ebd9f2f1f5e771f369b8ee74f606f2871291bf349592c93f24bdf84b39157
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
POST /API/ClientEvents HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
hpgid: 200202
canary: Z/Jc3s8jJwdfKy56I42eQrCihdPy20yc30nUVDbDnrXozDoApQWNx+e2MCjF+rqw2eR1w7tBiABCz2Lr4hXCwf780URxhxGgXitNOp5BvVX7urDzTw53SoI8azVrecu0hmcfLra5d5J6EjBj6QciruupOkqeTgmvS/hR9cN37x3sn6WKLw3KX6HRPTP0l871p9YW5y/nMMrVxnCkBu9aumkXIVlgS9EgzUM2Go2UsAKx2thm+6hp4O5cI4YTf4CJ:2:3c
uaid: 3af78085f773465f9635760a38b9ca9e
tcxt: aljTB39hoRh150NBCZyQQSlaSh6J2PAqfuldYp7nRMQlP1R/kLDwm1hldPVdVRkGjzlBak2xpKYUxUYfalQJkOdLzdx9WCucqcoovWrBxiwtL8Dad5+mOfO73WWmtfWXv/ol9Ie334O6Fc/NmH9JVA==:2:3
x-ms-apiVersion: 3
x-ms-apiTransport: fetch
Content-Type: application/json; charset=utf-8
Content-Length: 5084
Origin: https://signup-live-com.o365.ams.skyfencenet.com
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=ti2Kc02hCFQ8Ylj5ctuTWyBW4Lglsr2y3m9hTPztiWgNhyEqERA5MzaOF4/PlL7GOrYxS/fFCKqwxpnvB4u/ilU2obkUnkUjyVEK+RMj7bewfWUnqCdnPwXCG9O/wTn/jwYkm44Gh2SQ5xuhv8ehK3+++l5VQaYLWaQxoLvBZz7GbwkMOI2GI2zaqcTDFhbgzVwwuGDKkQ+40XsGoWGodncT0ehY4kE2anH/Dqdq36NsAeBMoYMT2+5dz1aDUNER:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; amcanary=0; __SF__sfbid=1YwFpONcuzcf9b0f00; MicrosoftApplicationsTelemetryDeviceId=1e5b4bed-d27d-486e-ab65-0be91b9b8a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
X-Frame-Options: deny
x-ms-amserver: wusXXXX000E (2.0.3302.0)
x-ms-amserver-tm: 203ms
x-ms-request-id: 40f14b21-71a3-4031-96a1-0372bc60e0a6
Referrer-Policy: strict-origin-when-cross-origin
AMServer: wusXXXXig00000E
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 40F14B2171A3403196A10372BC60E0A6 Ref B: LTSEDGE1817 Ref C: 2024-04-24T19:27:26Z
Date: Wed, 24 Apr 2024 19:27:25 GMT
Set-Cookie: __SF__.live.com/amsc=CQILjcZOCqYXYIvkKqUnyX7H12wHCJipDmSMTRcZfmPkILO14kxd57HkRnlwhwRxNX3BpC40c9JbielTBcxNpesj98J4/tZGHGjoJWitSqq9nI00w3xy9OthKAzOARAlXa8GfosBpjqfRSKlYx+qPLZ+FwYVlHtKl00lZJWzXONEul2OA7RHXHq5c7YQg5kDlUr1aPISVGBC+ICj5XweLCpb46nhq0UoshGO25/mQnXxgr5QT1m5jWrTnmn2rLpnUq+50KPnr3RfLPXQDac6u+BeuoDkVCsuonAC6q2QdC1uIJyLLcS/TtPC7Flj8PpM:2:3c; Domain=o365.ams.skyfencenet.com; Path=/; Secure; HttpOnly
__SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:26 GMT; SameSite=Lax; Secure; HttpOnly
Transfer-Encoding: chunked
|
|
| signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico | 157.167.155.85 | 200 OK | 17 kB |
URL GET HTTP/1.1signup-live-com.o365.ams.skyfencenet.com/Resources/images/favicon.ico IP157.167.155.85:443
Requested byhttps://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404 CertificateIssuerSectigo Limited Subjectskyfencenet.com Fingerprint78:7F:A3:D7:B5:99:CA:23:86:A4:0D:AC:53:D4:50:74:9C:31:2E:50 ValidityThu, 28 Sep 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Resources/images/favicon.ico HTTP/1.1
Host: signup-live-com.o365.ams.skyfencenet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://signup-live-com.o365.ams.skyfencenet.com/error.aspx?sru=https&uaid=3af78085f773465f9635760a38b9ca9e&e=404
DNT: 1
Connection: keep-alive
Cookie: __SF__.live.com/amsc=CQILjcZOCqYXYIvkKqUnyX7H12wHCJipDmSMTRcZfmPkILO14kxd57HkRnlwhwRxNX3BpC40c9JbielTBcxNpesj98J4/tZGHGjoJWitSqq9nI00w3xy9OthKAzOARAlXa8GfosBpjqfRSKlYx+qPLZ+FwYVlHtKl00lZJWzXONEul2OA7RHXHq5c7YQg5kDlUr1aPISVGBC+ICj5XweLCpb46nhq0UoshGO25/mQnXxgr5QT1m5jWrTnmn2rLpnUq+50KPnr3RfLPXQDac6u+BeuoDkVCsuonAC6q2QdC1uIJyLLcS/TtPC7Flj8PpM:2:3c; __SF__sessionId=5b5a2a9a903ba64362e1bb8dcdf30a; amcanary=0; __SF__sfbid=1YwFpONcuzcf9b0f00; MicrosoftApplicationsTelemetryDeviceId=1e5b4bed-d27d-486e-ab65-0be91b9b8a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=31536000
Content-Length: 17174
Content-Type: image/x-icon
Last-Modified: Wed, 10 Apr 2024 03:41:32 GMT
Accept-Ranges: bytes
ETag: "0fe7efaf88ada1:0"
P3P: CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAM BUS DEM NAV STA UNI COM INT PHY ONL FIN PRE PUR
AMServer: eusXXXXgn0000LG
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: EBA71EB4F4FB4ED29CBE8CD3975960DC Ref B: LON04EDGE0816 Ref C: 2024-04-24T19:27:33Z
Date: Wed, 24 Apr 2024 19:27:32 GMT
Set-Cookie: __SF__sfbid=1YwFpONcuzcf9b0f00; Domain=ams.skyfencenet.com; Path=/; Expires=Sat, 22 Apr 2034 19:27:33 GMT; SameSite=Lax; Secure; HttpOnly
|
|