| aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png |  13.107.213.53 | 200 OK | 1.1 kB |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://85srs5e.d831920d2024835a5639fc55.workers.dev/cookiesdisabled CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typePNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced Hashed9c9eb0dce17d752bedea6b5acda6d9 eca56c4904354eed5da0debcd6bd66856ab4784d f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://85srs5e.d831920d2024835a5639fc55.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:21 GMT
content-type: image/png
content-length: 1057
cache-control: public, max-age=31536000
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F48FD7E08
x-ms-request-id: b629243e-401e-004e-4e74-7c9492000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240329T043821Z-uwqtx2u22h60z2vwkpafvtfhks000000010000000000110w
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css | 13.107.213.53 | 200 OK | 20 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://85srs5e.d831920d2024835a5639fc55.workers.dev/cookiesdisabled CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (61177) Hashd62b4edeb512b07abef4688e27ecdde3 981a7825da5e29938ab6fe0cbfe2db622f7b8333 4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://85srs5e.d831920d2024835a5639fc55.workers.dev/
Origin: https://85srs5e.d831920d2024835a5639fc55.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:21 GMT
content-type: text/css
content-length: 20314
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 27 Dec 2023 18:18:12 GMT
etag: 0x8DC07082FBB8D2B
x-ms-request-id: 4be3e832-501e-0047-3d75-7ce781000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240329T043821Z-80cbauu99h76za0ar8cs1byhas0000000a00000000004dx0
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 13.107.213.53 | 200 OK | 17 kB |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://85srs5e.d831920d2024835a5639fc55.workers.dev/cookiesdisabled CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://85srs5e.d831920d2024835a5639fc55.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:21 GMT
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=31536000
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
x-ms-request-id: 9a7841ca-e01e-0010-373f-7a55bc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240329T043821Z-uwqtx2u22h60z2vwkpafvtfhks000000010000000000110y
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 85srs5e.d831920d2024835a5639fc55.workers.dev/cookiesdisabled |  188.114.96.1 | 200 OK | 2.7 kB |
URL User Request GET HTTP/285srs5e.d831920d2024835a5639fc55.workers.dev/cookiesdisabled IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectd831920d2024835a5639fc55.workers.dev Fingerprint32:03:66:D0:95:06:E9:50:00:63:28:D2:5D:B8:74:CC:2F:EA:CC:1E ValiditySun, 24 Mar 2024 20:04:15 GMT - Sat, 22 Jun 2024 20:04:14 GMT
File typeHTML document, ASCII text, with very long lines (2869), with no line terminators Hashedb52f70e6156450bde517c362303a96 4e4239a6aa1a5b1e6d45a37c412e582a0815b40f 56e24682f9ca16683ae26f3090e6e5e0a5fb1747ac005249b2e309c53272f786
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Outlook |
GET /cookiesdisabled HTTP/1.1
Host: 85srs5e.d831920d2024835a5639fc55.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:21 GMT
content-type: text/html; charset=utf-8
cf-ray: 86bd2b7eef0656a9-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: no-store, no-cache
expires: -1
link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
set-cookie: fpc=AuFaMCYJrRlEmidHpwGo8ZU; expires=Sun, 28-Apr-2024 04:38:21 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8hCVosjIUAR_4Aw1Zkx266AK33J2qxkTMcaIjj8SOgQIfCW-IftvKS9Qvieq9juBCD_USfyO6YOS6jnDrhqD_4awOibid024vmj50gT2hNQqs9en67ozh5f5khBSVCcp4MQH9gsrijm1HfaySWVQLwvfJFJ4gbNKpd73uyNHJNnYgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
fpc=AuFaMCYJrRlEmidHpwGo8ZU; expires=Sun, 28-Apr-2024 04:38:21 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8hCVosjIUAR_4Aw1Zkx266AK33J2qxkTMcaIjj8SOgQIfCW-IftvKS9Qvieq9juBCD_USfyO6YOS6jnDrhqD_4awOibid024vmj50gT2hNQqs9en67ozh5f5khBSVCcp4MQH9gsrijm1HfaySWVQLwvfJFJ4gbNKpd73uyNHJNnYgAA; domain=.85srs5e.d831920d2024835a5639fc55.workers.dev; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-ms-ests-server: 2.1.17615.12 - NEULR1 ProdSlices
x-ms-request-id: 3ac9a961-0494-45ec-a82f-8013f14e0700
x-ms-srs: 1.P
x-xss-protection: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnxG1bG%2BV3Y1oClDwCjtxv38omAksLOY%2Ba6fxEXA9TN3RsSUaErmdZLWYERlzFO%2FwHjGMVMZEONxNQuTw085XVhfu4B%2BvGHNSVE6MBYXfY4dMpQhiwKL6KfA%2FEPamgLbJ4nD2OSEnkm4BtiqK9D2%2FXA0TfiKulaxyQlPUC%2BS5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|