| secverifera.redirectme.net/error_docs/styles.css | 165.232.152.251 | | 8.3 kB |
URL secverifera.redirectme.net/error_docs/styles.css IP165.232.152.251:0 ASN#14061 DIGITALOCEAN-ASN
Hash37bad995c7d2b944ed19b2f70bee94ee 96558654b0b86c6094e8e56d9803fe7fe422be1d 6b93df5613a6b28fa3aaa6a34a9d05cdfe7382fd09f52c38b3a29a936edb786c
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /error_docs/styles.css HTTP/1.1
Host: secverifera.redirectme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secverifera.redirectme.net/RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=http://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+http://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 02:11:44 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 12:38:25 GMT
etag: W/"aa0-614b7ccabfc2c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
| secverifera.redirectme.net/RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+https://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 | 165.232.152.251 | | 7.9 kB |
URL secverifera.redirectme.net/RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+https://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 IP165.232.152.251:0 ASN#14061 DIGITALOCEAN-ASN
File typeHTML document, ASCII text Hasha943672a32297727bab01c3e76977550 3a667c4b7a457ef6c586cc581d533c128737bf53 b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+https://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 HTTP/1.1
Host: secverifera.redirectme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Fri, 29 Mar 2024 02:11:43 GMT
content-type: text/html
last-modified: Thu, 28 Mar 2024 12:38:25 GMT
etag: W/"328-614b7ccabf074"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
|
| secverifera.redirectme.net/favicon.ico | 165.232.152.251 | 404 Not Found | 808 B |
URL GET HTTP/2secverifera.redirectme.net/favicon.ico IP165.232.152.251:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://secverifera.redirectme.net/RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=http://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+http://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 CertificateIssuerLet's Encrypt Subjectsecverifera.redirectme.net Fingerprint2E:30:3C:2E:B9:5E:68:85:15:2A:56:8F:10:77:8B:5F:56:B6:42:CB ValidityThu, 28 Mar 2024 21:23:21 GMT - Wed, 26 Jun 2024 21:23:20 GMT
File typeHTML document, ASCII text, with very long lines (866), with no line terminators Hashb45bdabc5c2538b0c4e5f352bcdfb585 5a97ce87ce8d3d86a043c1a5e68e968e20a1e146 c96189c857253fcdbe13dfcbc7f919050fae21ccb7116c3078ee3c8d8d0f12c7
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /favicon.ico HTTP/1.1
Host: secverifera.redirectme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secverifera.redirectme.net/RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=http://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+http://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Fri, 29 Mar 2024 02:11:44 GMT
content-type: text/html
last-modified: Thu, 28 Mar 2024 12:38:25 GMT
etag: W/"328-614b7ccabf074"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
|
| secverifera.redirectme.net/error_docs/server.svg | 165.232.152.251 | 200 OK | 7.4 kB |
URL GET HTTP/2secverifera.redirectme.net/error_docs/server.svg IP165.232.152.251:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://secverifera.redirectme.net/RBFCU/login.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=http://www.office.com/landingv2&response_type=code+id_token&scope=openid+profile+http://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 CertificateIssuerLet's Encrypt Subjectsecverifera.redirectme.net Fingerprint2E:30:3C:2E:B9:5E:68:85:15:2A:56:8F:10:77:8B:5F:56:B6:42:CB ValidityThu, 28 Mar 2024 21:23:21 GMT - Wed, 26 Jun 2024 21:23:20 GMT
File typeSVG Scalable Vector Graphics image Hashcc0f4fa7bf317f8726af29b6c691935f 0e57cf27b5daa6a2ea9fcf485af4c7e1c1dc5d11 93da7df336460eaf1825b3204bb98e63df4996bcf2b427ea0984037c991d6dbf
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /error_docs/server.svg HTTP/1.1
Host: secverifera.redirectme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secverifera.redirectme.net/error_docs/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 02:11:44 GMT
content-type: image/svg+xml
content-length: 7416
last-modified: Thu, 28 Mar 2024 12:38:25 GMT
etag: "1cf8-614b7ccabf844"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|