Report - 4hw8kcdcxccxve50.adamandco.co.uk/co/SEVfSUxBX0JVU0lORVNTX1NVUFBPUlRAYWRpZGFzLWdyb3VwLmNvbQ==

Report Overview

Visited public
2023-11-01 06:34:11
Tags
phishing microsoft outlook
URL
4hw8kcdcxccxve50.adamandco.co.uk/co/SEVfSUxBX0JVU0lORVNTX1NVUFBPUlRAYWRpZGFzLWdyb3VwLmNvbQ==
Finishing URL
pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
IP / ASN
91.103.219.224
#20738 Host Europe GmbH
Title
Sign in to your Microsoft account
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.ipify.org	3267	2014-01-05	2014-10-06 14:38:43	2023-10-31 05:30:13	450 B	205 B	173.231.16.77
login.microsoftonline.com	25	2002-07-09	2017-02-19 08:06:40	2019-07-18 10:58:27	4.0 kB	40 kB	20.190.177.21
aadcdn.msauth.net	1421	2018-10-25	2018-11-19 11:50:03	2023-10-31 05:11:15	8.9 kB	355 kB	13.107.213.53
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-10-31 13:44:23	330 B	963 B	104.18.38.233
www.office.com	2755	1999-04-20	2014-02-12 02:02:36	2023-10-31 18:02:08	1.1 kB	2.7 kB	13.107.6.156
smtpjs.com	309535	2016-01-30	2016-02-01 17:59:05	2023-10-31 22:06:03	425 B	1.2 kB	109.169.71.112
4hw8kcdcxccxve50.adamandco.co.uk	unknown	2010-03-18	2023-10-21 20:00:53	2023-10-31 14:25:21	464 B	561 B	91.103.219.224
pub-d89e3188311c46f49978b9555d4c9596.r2.dev	unknown	2022-08-23	2023-07-11 08:36:29	2023-10-31 23:03:17	1.1 kB	131 kB	104.18.2.35
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-10-31 08:16:05	439 B	31 kB	151.101.130.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-01 06:33:54	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-11-01 06:33:54	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-11-01 06:33:55	low	Client IP	173.231.16.77	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-10-21	medium	4hw8kcdcxccxve50.adamandco.co.uk/co/SEVfSUxBX0JVU0lORVNTX1NVUFBPUlRAYWRpZGFzLWdyb3VwLmNvbQ==	Outlook
2023-10-20	medium	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html	Outlook
2023-10-20	medium	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html	Outlook

PhishTank

Scan Date	Severity	Indicator	Alert
2023-10-22	medium	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html	Other
2023-10-22	medium	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	11 kB	2024-08-20	2024-08-20
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 21:32 Last Seen2024-08-20 21:32 Times Seen1 Hash 95ef9ae18d50ad65a1fb4adfb8f419dc 974cb56a3f26dac421c74786aac010a4e28001f8 e07f782fa2282c61365b9728d0eef92b4a9ee721e434248b1e1e2abd5bcc748c Loading...

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js	ScriptElement	183 kB	2023-03-08	2023-11-15
Pretty URL aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:03 Last Seen2023-11-15 09:11 Times Seen392 Hash 917d5d03b2f6773ea71def64520935f4 281282d233fd6dd4185df486f31a2ba38aaf5f85 585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	ScriptElement	11 kB	2024-08-20	2024-08-20
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 21:32 Last Seen2024-08-20 21:32 Times Seen1 Hash 84363dc6c5cda683b2607c9930391ac8 96805e19e041d775a24cce1a2a574359d1b80cd3 b1f5133ac891d5b30d112a44154319c0eae26b107d91bff1969a5982ecc4c6f8 Loading...

	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	11 kB	2024-08-20	2024-08-20
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 21:32 Last Seen2024-08-20 21:32 Times Seen1 Hash ab1b785393463a0c3cba97ce45bcdf14 8027b186c0c855ec86e3dcc1fba2c41c7cab9003 de48b2cc301822dddd34661fccb7b4470c752ba6fc5fdbb7b6702dfba1168664 Loading...

	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	12 kB	2023-06-14	2025-04-25
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-14 21:58 Last Seen2025-04-25 11:23 Times Seen11521 Hash bbcef4a154c1228c1c97c4ef01a30ada 23daa3a4d9b0a6310edd3882191ec6ab51ce6b4f 6fa6c39c879b2fb55cfd9d0258916c68b5f750ae42312f510e44a4451f06e272 Loading...

	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com	ScriptElement	3.2 kB	2023-10-20	2024-08-21
Pretty URL pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-20 05:18 Last Seen2024-08-21 04:04 Times Seen40 Hash 031faf97f3145bdf740fcb706e100d84 46dfcf78648d16641715085a25fc9ab7e5858ed1 4a734c31165c2ce2d366102648ed75daae19fea31dcc9c33de124c2e9cc12ff2 Loading...

	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	402 B	2023-03-26	2025-05-09
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 06:26 Last Seen2025-05-09 09:40 Times Seen55139 Hash 87efd6715519349131af142156db73f5 c97a4e521b65745b007efc70d310bc3d881592e7 03bde50da68e75d14367644f9f52809af9b55dbba6c171ce2c7b93523cdc5578 Loading...

	unknown	DomTimer	181 B	2023-06-21	2024-08-21
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-06-21 13:07 Last Seen2024-08-21 09:27 Times Seen389 Hash 078aa0c0095bf30146cec4488ac9fc95 456db9ce2d4bc93494e522b80f1cc42345278cd4 15aaa7575c45564fca086bbc3ef04bef2758533deaa42c35d41a614136bc2874 Loading...

	api.ipify.org/?format=jsonp&callback=getPublic	ScriptElement	33 B	2023-03-07	2025-05-08
Pretty URL api.ipify.org/?format=jsonp&callback=getPublic IP 173.231.16.77 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-05-08 17:41 Times Seen1523 Hash b1fdb43145cf7c3f6f2a1370889232f1 19cd287ba1ffae5908cf8d53d13abc302dac6f9c 9a751b74811a7c42413bc5109600706395ac8a8c057f7e6a55fc45b7ea41b191 Loading...

	smtpjs.com/v3/smtp.js	ScriptElement	868 B	2023-03-07	2025-05-08
Pretty URL smtpjs.com/v3/smtp.js IP 109.169.71.112 ASN #20860 Iomart Cloud Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-08 17:41 Times Seen1901 Hash 73572da03234fa6d561c64b59c152230 5de5efc900b7eaf2b93b02f7c4c260fa938ef983 1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776 Loading...

	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	2.3 kB	2023-06-21	2024-08-21
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 13:07 Last Seen2024-08-21 09:27 Times Seen389 Hash 45efb547fcc8b51f4404e8fe36669c19 b476cafea5c8e99f1d8f0012918cbfcd6d2450e6 6d0c15cf4c9b369fd07e435e929a70d3d7a2d18853d18beb4fdff69b7d62c3ee Loading...

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js	ScriptElement	120 kB	2023-03-08	2025-05-08
Pretty URL aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:03 Last Seen2025-05-08 17:41 Times Seen13853 Hash 75cf78d0e38c65a538ad253ca9e48dbe bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6 df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0 Loading...

	code.jquery.com/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:31 Times Seen112198 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	ScriptElement	4.2 kB	2023-10-31	2025-05-08
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 23:10 Last Seen2025-05-08 17:41 Times Seen1175 Hash 50eb9faffcfc4f56e8d5babbbd9cfe96 f35f8ca2245390b09199e6f3aeb76480b2c540a0 7ad506113198d4fdd9774dce119a61881bf39ffd1da7b92eec5b290c96a01a90 Loading...

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_vmmoyj1-4wcgq_4ljx53-q2.js	ScriptElement	183 kB	2023-10-31	2024-09-20
Pretty URL aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_vmmoyj1-4wcgq_4ljx53-q2.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 23:10 Last Seen2024-09-20 20:14 Times Seen1170 Hash be630e623d7ee30720abfe258d7e77f9 28e1655eac90fc1f5a93f16366739ddfc9f04638 87e738d94f83503f243a4544d7c78a6dadd01c261a6a58fa5085715652029ab9 Loading...

	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	504 B	2023-03-07	2024-08-21
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2024-08-21 09:27 Times Seen389 Hash ce50805b79c6d18b0569746ce1c1813d 5dba06a968e892018fa56719a2122fb9c2dbe073 db7fef64c3f5bd639bfec0be3af1779dac1f7238780320ecd06d478959da8495 Loading...

	login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0	ScriptElement	106 B	2023-06-21	2025-05-08
Pretty URL login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 13:07 Last Seen2025-05-08 17:41 Times Seen1561 Hash b524b1297911a39f4a4d5165b932f781 ab75fee67b6089f129830917a2e8c2fda6a23582 7061d39ee40e8f7a47e5a0efb673e446080fbbfcbd38c4fdeaf37deb0c6df605 Loading...

	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com	ScriptElement	235 B	2023-03-07	2025-05-08
Pretty URL pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-08 17:41 Times Seen1518 Hash d5663ca14896beb4426cb2b7d4d1f91a b13ce03a3f77e79bd161408887f4678d351efa02 fe682d3a5bc92582598075d4fdce81ab9b112e785eaaf855f841f78f33dd3080 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	ScriptElement	593 B	2023-10-31	2025-05-08
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 20.190.177.21 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 23:10 Last Seen2025-05-08 17:41 Times Seen1175 Hash 130d91ea1e7ea7721687440cd741e93e 4883e88e0b99498d9cf23331dc9fee04b36a4162 4db3ace66daacec4548d13dd8f9124459a2ba4dc539ca5ab03b725e0486a14e3 Loading...

	pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:44 Times Seen4635144 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	DomTimer	241 B	2023-10-31	2025-01-09
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-10-31 23:10 Last Seen2025-01-09 12:29 Times Seen1168 Hash 5cb28f4fb234a13e4ef72986a4191561 aadcaab83ba6a7bfcf718eecd4177595cc45c562 f5b5b00c6360e697fd33fd27b2171e49a65a8b8c49b9ddc6107940cb607ac123 Loading...

HTTP Transactions (29)

URL IP Response Size

4hw8kcdcxccxve50.adamandco.co.uk/co/SEVfSUxBX0JVU0lORVNTX1NVUFBPUlRAYWRpZGFzLWdyb3VwLmNvbQ==

91.103.219.224

167 B

URL
4hw8kcdcxccxve50.adamandco.co.uk/co/SEVfSUxBX0JVU0lORVNTX1NVUFBPUlRAYWRpZGFzLWdyb3VwLmNvbQ==
IP
91.103.219.224:0
ASN
#20738 Host Europe GmbH

File type
HTML document, ASCII text
Size
167 B (167 bytes)
Hash
cf6397e5607b73e7446f1f11dca6d92f
3bdc2f4be3a699ba4444abc2854f294f44786d1c
8852555e7f1d458dad20ec63cca39e60eb655c83c9a2d473cc7453a4e12d0de5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Outlook

HTTP Headers

GET /co/SEVfSUxBX0JVU0lORVNTX1NVUFBPUlRAYWRpZGFzLWdyb3VwLmNvbQ== HTTP/1.1
Host: 4hw8kcdcxccxve50.adamandco.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 06:33:52 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=4f2c53677d75bc44ff23edccacd4e973; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html

104.18.2.35

21 kB

URL
pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html
IP
104.18.2.35:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (64651), with CRLF line terminators
Size
21 kB (20705 bytes)
Hash
68b6546b9951a8c0a001f05ad8333c8f
1d1d9b3c32ebf535aa0b18a341adca12111f2264
edddf0317dab4384aea7bf82a0643476f4b66341f5cd401fcf27aaec77d3688d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Outlook
PhishTank	phishing	Other

HTTP Headers

GET /ave.html HTTP/1.1
Host: pub-d89e3188311c46f49978b9555d4c9596.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://4hw8kcdcxccxve50.adamandco.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 06:33:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"68b6546b9951a8c0a001f05ad8333c8f"
Last-Modified: Wed, 18 Oct 2023 10:07:33 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 81f21bdb598d56b4-OSL
Content-Encoding: gzip

code.jquery.com/jquery-3.1.1.min.js

151.101.130.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.1.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32030)
Size
30 kB (30070 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 01 Nov 2023 06:33:54 GMT
age: 4019833
x-served-by: cache-lga21947-LGA, cache-bma1645-BMA
x-cache: HIT, HIT
x-cache-hits: 119, 4843
x-timer: S1698820434.049311,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2

20.190.177.21

200 OK

11 kB

URL GET HTTP/1.1
login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
IP
20.190.177.21:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectstamp2.login.microsoftonline.com
FingerprintB8:EC:FA:34:DB:AA:B7:DE:F3:A0:CE:69:06:5C:14:E0:D0:28:69:40
ValidityTue, 22 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10864), with CRLF, LF line terminators
Size
11 kB (11145 bytes)
Hash
ae235c19e5366a70f23d14d5922528b7
2955976f411ab657d5b803d328a3690e833c570f
30e1ad310ac03ecbdf21103e5adc8458c348dfe5f5c72f05ddb92fcb8bce9bd1

HTTP Headers

GET /logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 70c7a2a5-3da0-4163-b800-021517330b00
x-ms-ests-server: 2.1.16693.3 - WEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P9BF6BOTurSgouhD2GXIvmYDPOa_8Lyixw2ULxfApV0Ev4NC0Dyqu87f-pkkuy48j77PjdVlYbwYw; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSSSOTILES=1; expires=Tue, 01-Nov-2033 06:33:54 GMT; path=/; secure; SameSite=None
AADSSOTILES=1; expires=Tue, 01-Nov-2033 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8qMunBYGtxTBp5Z_ODpfLXKJCdhls4SZTgkGaw-cJnbha7IGjyoATG9rIyrbAh_bM9Sll6MK6KKA; domain=.login.microsoftonline.com; expires=Tue, 30-Jan-2024 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P99CzlpBYCnqZ5svAzpWW4bc3sGCzx0jLsoq38u1LLQBP5fJSzSRogD9tI4MVo9MJlXYEIZ-1Q9GQ; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHLIGHT=+; path=/; secure; SameSite=None
buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPeKd7Gj_0MIiSH3SScfTZhMjLEwX2fBNtdgaYYkeSDZmnyEMfgV2ebVJmB60lWqzLyMgMI2WlcJJOtRLNNNjvq_sokHOj9yfkvHT_WBfrFUwgAA; expires=Fri, 01-Dec-2023 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Aipt4Fm50FtFvOl-fTO7qyM; expires=Fri, 01-Dec-2023 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPc2rEmR_T93CzJgs8RGFS9hxD8sACROrOXZBSKbHTLbRC-IiHxnzu7GC45jeftaeItyyV6CwYJzAx53_blgUHMomT-8t7nB6mS6QtzUeKx5nttDztkYn6zZAzq13fda5YKjrOiwDwVqF51omDpcB2IaBLbs7MIhFqlWbSkOSd6O8gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Wed, 01 Nov 2023 06:33:54 GMT
Content-Length: 11145

www.office.com/estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F

13.107.6.156

302 Found

0 B

URL GET HTTP/2
www.office.com/estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F
IP
13.107.6.156:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerMicrosoft Corporation
Subjectportal.office.com
Fingerprint13:5B:CB:71:C9:C4:5D:B5:78:0C:8B:88:FD:74:B6:7A:C3:F0:C8:B4
ValidityWed, 13 Sep 2023 22:45:31 GMT - Sat, 07 Sep 2024 22:45:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /estslogout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F HTTP/1.1
Host: www.office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
location: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
vary: Accept-Encoding
set-cookie: OH.SID=36396c36-46f1-4a69-bc6b-2edf837fff21; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-noe; expires=Wed, 01 Nov 2023 14:33:54 GMT; path=/; secure; samesite=none; httponly
OH.FLID=3c931068-2980-4aba-843f-0a9e548e6547; expires=Fri, 01 Nov 2024 06:33:54 GMT; path=/; secure; samesite=none; httponly
MUID=0403C58609C466AB37BFD63A08CA6755; path=/; secure; expires=Mon, 25-Nov-2024 06:33:54 GMT; domain=office.com
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ECAB291AE5E04FC0AB29C7E429A51697 Ref B: SVG20EDGE0412 Ref C: 2023-11-01T06:33:54Z
date: Wed, 01 Nov 2023 06:33:53 GMT
content-length: 0
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

13.107.213.53

200 OK

673 B

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Size
673 B (673 bytes)
Hash
bc3d32a696895f78c19df6c717586a5d
9191cb156a30a3ed79c44c0a16c95159e8ff689d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

HTTP Headers

GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Thu, 13 Feb 2020 02:05:12 GMT
etag: 0x8D7B0292911C366
x-cache: TCP_HIT
x-ms-request-id: 3fc16e43-601e-0029-36f9-08d553000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 013w9ZQAAAAC5IormEMaqQokrYr1PazpSQU1TMDRFREdFMTkxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAADSR/N/4dSyRLYv/w+wB9DbU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png

13.107.213.53

200 OK

1.1 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

HTTP Headers

GET /ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 1057
content-type: image/png
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
last-modified: Fri, 02 Nov 2018 20:25:31 GMT
etag: 0x8D641015620C409
x-cache: TCP_HIT
x-ms-request-id: aa435026-901e-0086-20bb-099a2a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 07uk+ZQAAAABKGQYmHf4ORL34kKmubhYcQU1TMDRFREdFMTgwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAAChbtXlVNorTb0dTAdHjmw8U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

www.office.com/estslogout?ru=/

13.107.6.156

302 Found

0 B

URL GET HTTP/2
www.office.com/estslogout?ru=/
IP
13.107.6.156:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerMicrosoft Corporation
Subjectportal.office.com
Fingerprint13:5B:CB:71:C9:C4:5D:B5:78:0C:8B:88:FD:74:B6:7A:C3:F0:C8:B4
ValidityWed, 13 Sep 2023 22:45:31 GMT - Sat, 07 Sep 2024 22:45:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /estslogout?ru=/ HTTP/1.1
Host: www.office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
location: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
vary: Accept-Encoding
set-cookie: OH.SID=073c9204-a505-4831-9c2b-28826012d218; path=/; secure; samesite=none; httponly
OH.DCAffinity=OH-noe; expires=Wed, 01 Nov 2023 14:33:54 GMT; path=/; secure; samesite=none; httponly
OH.FLID=cc5586db-4db9-4ba8-95dc-210cefbdff12; expires=Fri, 01 Nov 2024 06:33:54 GMT; path=/; secure; samesite=none; httponly
MUID=3269C55AF4CE6CBD1B6CD6E6F5C06D0F; path=/; secure; expires=Mon, 25-Nov-2024 06:33:54 GMT; domain=office.com
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C57BD750B6FB425DAAE5FAE140EF9D05 Ref B: SVG20EDGE0412 Ref C: 2023-11-01T06:33:54Z
date: Wed, 01 Nov 2023 06:33:53 GMT
content-length: 0
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png

13.107.213.53

200 OK

207 B

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
207 B (207 bytes)
Hash
0ad43084800fd8b50a2576b5173746fe
97c08e6062ff37f6e7a6c65e94d693ccc9ccd443
2c03ee38a4eba6a047c3a5bacb3eb461efe14be8acd46ae772350a4dea2f0175

HTTP Headers

GET /ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 207
content-type: image/png
content-md5: CtQwhIAP2LUKJXa1FzdG/g==
last-modified: Fri, 02 Nov 2018 20:25:24 GMT
etag: 0x8D6410151EBB082
x-cache: TCP_HIT
x-ms-request-id: 95b65e2f-a01e-0061-26bf-0a5e53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 07uk+ZQAAAAADMPQm8fl6SqO3X7aFJa2VQU1TMDRFREdFMTgxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAACECvEjR7uNQJdavvnDi5K7U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png

13.107.213.53

200 OK

240 B

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
240 B (240 bytes)
Hash
7cc096da6aa2dba3f81fcc1c8262157c
a50776316f0220ed7cd7882a68c742a8861c999d
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

HTTP Headers

GET /ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 240
content-type: image/png
content-md5: fMCW2mqi26P4H8wcgmIVfA==
last-modified: Fri, 02 Nov 2018 20:25:10 GMT
etag: 0x8D64101494D74DC
x-cache: TCP_HIT
x-ms-request-id: 3ad844a0-f01e-0050-04bf-0a5440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 07uk+ZQAAAAAuymAstOCCSJs0YChclaa8QU1TMDRFREdFMTkyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAAB1ZZg6ihw+S5bb/J5jWPtvU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

smtpjs.com/v3/smtp.js

109.169.71.112

200 OK

871 B

URL GET HTTP/2
smtpjs.com/v3/smtp.js
IP
109.169.71.112:443
ASN
#20860 Iomart Cloud Services Limited

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerLet's Encrypt
Subjectsmtpjs.com
Fingerprint42:B0:F7:8A:8B:22:F8:B1:73:FF:5D:9A:16:9A:DD:91:6A:15:FC:99
ValidityThu, 12 Oct 2023 02:12:56 GMT - Wed, 10 Jan 2024 02:12:55 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (841), with CRLF line terminators
Size
871 B (871 bytes)
Hash
3834e1b9e65ca954b7479464ea1e5118
437df45dbf59c3a3414236f44e3bcd5045bfe314
fc33c6b2c79aafa930e841962ae3c25bf8f56cbc20ec48fc2b0ddd0aa6ee23b6

HTTP Headers

GET /v3/smtp.js HTTP/1.1
Host: smtpjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 17:17:51 GMT
accept-ranges: bytes
etag: "162f436b85b7d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Wed, 01 Nov 2023 06:33:53 GMT
content-length: 871
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css

13.107.213.53

200 OK

20 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (61177)
Size
20 kB (20208 bytes)
Hash
2ed8d5b2f2b901e92d03f9068812341a
8470214fc8e246c3910bcb0eae9070d4abe3a389
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 20208
content-type: text/css
content-encoding: gzip
content-md5: znAMuOwBXwRYMjVZ8p4wCw==
last-modified: Wed, 06 Sep 2023 21:22:45 GMT
etag: 0x8DBAF1F69A21EAA
x-cache: TCP_HIT
x-ms-request-id: af1f1e21-301e-005c-6f72-0ca059000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 08cpBZQAAAAA+LeV1gHkDR4dIcb/3bAe5QU1TMDRFREdFMTkwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAADvQb+SHPw4SaP2vO7DUrKdU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

13.107.213.53

200 OK

40 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
40 kB (40454 bytes)
Hash
75cf78d0e38c65a538ad253ca9e48dbe
bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

HTTP Headers

GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 40454
content-type: application/x-javascript
content-encoding: gzip
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
last-modified: Fri, 26 Feb 2021 06:12:05 GMT
etag: 0x8D8DA1D70FBDD97
x-cache: TCP_HIT
x-ms-request-id: 66f91106-701e-0020-2ebe-08a640000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ORY8ZQAAAAA+oyyZadW9SrmhAUUEmv+6QU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAAD6MCBqEy5JRIOxOKyGIF06U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.38.233

471 B

URL
ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
68018709cc44417b958ddb13e1bfa9fb
472072c7d6db8bf38abbce9abd731c828a97e0b3
430162e63dbfbfca2138b888332a0bb49f66ef1aa96d8bc358bec3d0b244af17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 06:33:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Oct 2023 23:45:30 GMT
Expires: Sat, 04 Nov 2023 23:45:29 GMT
Etag: "472072c7d6db8bf38abbce9abd731c828a97e0b3"
Cache-Control: max-age=321042,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f21be2ef8fb4fa-OSL

aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_vmmoyj1-4wcgq_4ljx53-q2.js

13.107.213.53

200 OK

45 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_vmmoyj1-4wcgq_4ljx53-q2.js
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (778)
Size
45 kB (44809 bytes)
Hash
be630e623d7ee30720abfe258d7e77f9
28e1655eac90fc1f5a93f16366739ddfc9f04638
87e738d94f83503f243a4544d7c78a6dadd01c261a6a58fa5085715652029ab9

HTTP Headers

GET /ests/2.1/content/cdnbundles/aad.login.min_vmmoyj1-4wcgq_4ljx53-q2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 44809
content-type: application/x-javascript
content-encoding: gzip
content-md5: gkCQOa5xTExKUB2dlzn2rA==
last-modified: Thu, 12 Oct 2023 21:23:59 GMT
etag: 0x8DBCB698CEF3B25
x-cache: TCP_HIT
x-ms-request-id: 1e90607e-701e-0030-3ac4-081662000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0E847ZQAAAAD3NfZTZlrqTbuzI/sP73atQU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAADc6/Ex1+w0QLq6575LPcR0U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png

13.107.213.53

200 OK

1.1 kB

URL GET HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1057
content-type: image/png
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F48FD7E08
x-cache: TCP_HIT
x-ms-request-id: 2dd5b984-f01e-0040-5828-08e462000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 00vw7ZQAAAACt0rtGhEoJQZA4bT6AGmq1QU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAAAQ9/WlnSqLS49MsuPmPgYKU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0

20.190.177.21

200 OK

11 kB

URL GET HTTP/1.1
login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
IP
20.190.177.21:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectstamp2.login.microsoftonline.com
FingerprintB8:EC:FA:34:DB:AA:B7:DE:F3:A0:CE:69:06:5C:14:E0:D0:28:69:40
ValidityTue, 22 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11052), with CRLF, LF line terminators
Size
11 kB (10935 bytes)
Hash
bd02cdcbe5a0fad5ecd2f4f8b061255c
275a88d5e5d2b0430ba4aab559dfda153161049a
268d7133904f6e6b4f30e0b83e2a6ae6f73c2066f2500dc444b4ff76f635429b

HTTP Headers

GET /common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=fFr9MGYFzhol_hqdnE-kcmX0offawhxqVDogksLmljUD6BhEfQFfIKaYhyromIwMisCsMQT3N5Eu_8JWJqSual3T3svsTl9wW35rnkr49Bi9xpP3bxAk-E5eH4Na-uvq&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
DNT: 1
Connection: keep-alive
Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P9BF6BOTurSgouhD2GXIvmYDPOa_8Lyixw2ULxfApV0Ev4NC0Dyqu87f-pkkuy48j77PjdVlYbwYw; ESTSSSOTILES=1; AADSSOTILES=1; ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8qMunBYGtxTBp5Z_ODpfLXKJCdhls4SZTgkGaw-cJnbha7IGjyoATG9rIyrbAh_bM9Sll6MK6KKA; ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P99CzlpBYCnqZ5svAzpWW4bc3sGCzx0jLsoq38u1LLQBP5fJSzSRogD9tI4MVo9MJlXYEIZ-1Q9GQ; ESTSAUTHLIGHT=+; buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPeKd7Gj_0MIiSH3SScfTZhMjLEwX2fBNtdgaYYkeSDZmnyEMfgV2ebVJmB60lWqzLyMgMI2WlcJJOtRLNNNjvq_sokHOj9yfkvHT_WBfrFUwgAA; fpc=Aipt4Fm50FtFvOl-fTO7qyM; esctx=PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPc2rEmR_T93CzJgs8RGFS9hxD8sACROrOXZBSKbHTLbRC-IiHxnzu7GC45jeftaeItyyV6CwYJzAx53_blgUHMomT-8t7nB6mS6QtzUeKx5nttDztkYn6zZAzq13fda5YKjrOiwDwVqF51omDpcB2IaBLbs7MIhFqlWbSkOSd6O8gAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 3d92e68d-2314-4761-8096-1abd715f1800
x-ms-ests-server: 2.1.16651.6 - WEULR1 ProdSlices
x-ms-clitelem: 1,0,0,,
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8O6696pE4QuWnrhNVmM72F1XcgJAtv08xsorj469SJs9vKlVs9TICga-aqoI9KK7kRznq1nfDSIw; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSSSOTILES=1; expires=Tue, 01-Nov-2033 06:33:54 GMT; path=/; secure; SameSite=None
AADSSOTILES=1; expires=Tue, 01-Nov-2033 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P-H4RvTJ40dWAw-6AlRXrvv4v4Rr4gZTtIWZAkS4NFva_PAmhag2dB5Wl_mzZB_BwEeEh_FuaqEcw; domain=.login.microsoftonline.com; expires=Tue, 30-Jan-2024 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_tOgpKpfVr2UTQ3nU66jtZglMwG736sowpE2SBRkdsAwvsAQ9cboO5bpwZwRMF0TmvuyQKoIbpLw; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHLIGHT=+; path=/; secure; SameSite=None
buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPWeghTFIdMwLslXQf5u3L51MJ_H79Sms6OuGjXRSTKduI19z_6E_xFlARFNYQOmy6VL1gg4lofWyoJjgLm-GHsDTodrlI9IE_AglN7nRN_oUgAA; expires=Fri, 01-Dec-2023 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Aipt4Fm50FtFvOl-fTO7qyM; expires=Fri, 01-Dec-2023 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Date: Wed, 01 Nov 2023 06:33:54 GMT
Content-Length: 10935

aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css

13.107.213.53

200 OK

20 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (61177)
Size
20 kB (20208 bytes)
Hash
2ed8d5b2f2b901e92d03f9068812341a
8470214fc8e246c3910bcb0eae9070d4abe3a389
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 20208
content-type: text/css
content-encoding: gzip
content-md5: znAMuOwBXwRYMjVZ8p4wCw==
last-modified: Wed, 06 Sep 2023 21:22:45 GMT
etag: 0x8DBAF1F69A21EAA
x-cache: TCP_HIT
x-ms-request-id: af1f1e21-301e-005c-6f72-0ca059000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 08cpBZQAAAAA+LeV1gHkDR4dIcb/3bAe5QU1TMDRFREdFMTkwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAACNySL+Oh+sS4va3Iy/fRn0U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

13.107.213.53

200 OK

40 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
40 kB (40454 bytes)
Hash
75cf78d0e38c65a538ad253ca9e48dbe
bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

HTTP Headers

GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 40454
content-type: application/x-javascript
content-encoding: gzip
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
last-modified: Fri, 26 Feb 2021 06:12:05 GMT
etag: 0x8D8DA1D70FBDD97
x-cache: TCP_HIT
x-ms-request-id: 66f91106-701e-0020-2ebe-08a640000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ORY8ZQAAAAA+oyyZadW9SrmhAUUEmv+6QU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAACnsRwhTEn9RZJ4lUCs+3skU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js

13.107.213.53

200 OK

45 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (778)
Size
45 kB (44785 bytes)
Hash
917d5d03b2f6773ea71def64520935f4
281282d233fd6dd4185df486f31a2ba38aaf5f85
585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708

HTTP Headers

GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 44785
content-type: application/x-javascript
content-encoding: gzip
content-md5: upI7aPOzsdXSeL+Vv8o5ww==
last-modified: Wed, 20 Apr 2022 04:33:13 GMT
etag: 0x8DA2286E1DA9029
x-cache: TCP_HIT
x-ms-request-id: 02947ea9-d01e-0052-1321-0b0244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0Lo4/ZQAAAAA0LFz8jGePRJ3lcp8fmYpZQU1TMDRFREdFMTgxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAAA4ANciWklgTKlJSVtF6SteU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0

20.190.177.21

200 OK

11 kB

URL GET HTTP/1.1
login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
IP
20.190.177.21:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectstamp2.login.microsoftonline.com
FingerprintB8:EC:FA:34:DB:AA:B7:DE:F3:A0:CE:69:06:5C:14:E0:D0:28:69:40
ValidityTue, 22 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11052), with CRLF, LF line terminators
Size
11 kB (10936 bytes)
Hash
9c3f0c62f27c12bd3e206b1f17a0a27c
99d744df3bb9130bc8cc19b63185b5cb263931fe
4cf94753e5d8dc0698b748bf1283b3cde5f464baf3920a716673f58325184a48

HTTP Headers

GET /common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
DNT: 1
Connection: keep-alive
Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P9BF6BOTurSgouhD2GXIvmYDPOa_8Lyixw2ULxfApV0Ev4NC0Dyqu87f-pkkuy48j77PjdVlYbwYw; ESTSSSOTILES=1; AADSSOTILES=1; ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P8qMunBYGtxTBp5Z_ODpfLXKJCdhls4SZTgkGaw-cJnbha7IGjyoATG9rIyrbAh_bM9Sll6MK6KKA; ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P99CzlpBYCnqZ5svAzpWW4bc3sGCzx0jLsoq38u1LLQBP5fJSzSRogD9tI4MVo9MJlXYEIZ-1Q9GQ; ESTSAUTHLIGHT=+; buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPeKd7Gj_0MIiSH3SScfTZhMjLEwX2fBNtdgaYYkeSDZmnyEMfgV2ebVJmB60lWqzLyMgMI2WlcJJOtRLNNNjvq_sokHOj9yfkvHT_WBfrFUwgAA; fpc=Aipt4Fm50FtFvOl-fTO7qyM; esctx=PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPc2rEmR_T93CzJgs8RGFS9hxD8sACROrOXZBSKbHTLbRC-IiHxnzu7GC45jeftaeItyyV6CwYJzAx53_blgUHMomT-8t7nB6mS6QtzUeKx5nttDztkYn6zZAzq13fda5YKjrOiwDwVqF51omDpcB2IaBLbs7MIhFqlWbSkOSd6O8gAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 8bf51ed3-86b2-403a-8d7d-045b5d061e00
x-ms-ests-server: 2.1.16651.6 - NEULR1 ProdSlices
x-ms-clitelem: 1,0,0,,
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: SignInStateCookie=CAgABAAIAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P_6TQoJ1GMQOcnQTmYWQjX82Zy-VYeP9AsvMf9E63C1pughQ0K1Ugjnlb1pWO4FMOlB1pH0qI_yew; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSSSOTILES=1; expires=Tue, 01-Nov-2033 06:33:54 GMT; path=/; secure; SameSite=None
AADSSOTILES=1; expires=Tue, 01-Nov-2033 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHPERSISTENT=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P-8mmmfBKzJfA8bf4bAWGMPsjRPJXB-9Y3pDLYMQLeDk93fdFJMOpGMQ46K3qrSEIxEXjcTUcliUg; domain=.login.microsoftonline.com; expires=Tue, 30-Jan-2024 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTH=AgABAAQAAAAtyolDObpQQ5VtlI4uGjEPAgDs_wUA9P9JMsln1R0NmuGfh2NEOZKUH6e2tK6Zi4dKJg2yLLW-Se2o7sBoHpInceD1O0FcJoTXv7JsOIC9Eg; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHLIGHT=+; path=/; secure; SameSite=None
buid=AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPKGCznGqO3z0l1K3pBY9W4oj9KsVxMKGGAVUBtceDOvIVgXahMh-a2BpPurVQ7JOFVlYO1q0EvfMUQNSP8zDWQSuDWxR0kB4BcfM_sqGv8S4gAA; expires=Fri, 01-Dec-2023 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Aipt4Fm50FtFvOl-fTO7qyM; expires=Fri, 01-Dec-2023 06:33:54 GMT; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Date: Wed, 01 Nov 2023 06:33:54 GMT
Content-Length: 10936

api.ipify.org/?format=jsonp&callback=getPublic

173.231.16.77

200 OK

33 B

URL GET HTTP/1.1
api.ipify.org/?format=jsonp&callback=getPublic
IP
173.231.16.77:443
ASN
#18450 WEBNX

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
b1fdb43145cf7c3f6f2a1370889232f1
19cd287ba1ffae5908cf8d53d13abc302dac6f9c
9a751b74811a7c42413bc5109600706395ac8a8c057f7e6a55fc45b7ea41b191

HTTP Headers

GET /?format=jsonp&callback=getPublic HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Wed, 01 Nov 2023 06:33:54 GMT
Content-Type: application/javascript
Content-Length: 33
Connection: keep-alive
Vary: Origin

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png

13.107.213.53

200 OK

1.1 kB

URL GET HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1057
content-type: image/png
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F48FD7E08
x-cache: TCP_HIT
x-ms-request-id: 2dd5b984-f01e-0040-5828-08e462000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 00vw7ZQAAAACt0rtGhEoJQZA4bT6AGmq1QU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAABTMPZ02iL7RoZMZ5fLHaO4U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico

13.107.213.53

200 OK

17 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html#HE_ILA_BUSINESS_SUPPORT@adidas-group.com
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-d89e3188311c46f49978b9555d4c9596.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Fri, 02 Nov 2018 20:25:25 GMT
etag: 0x8D6410152A9D7E1
x-cache: TCP_HIT
x-ms-request-id: 2a7ef2ca-401e-0017-5423-09565f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0FTo8ZQAAAAD5eVEP/xImTJhTCyDp0CMqQU1TMDRFREdFMTkwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAAB+bzPQlpXVSLrWMCeXlBxxU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css

13.107.213.53

200 OK

20 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (61177)
Size
20 kB (20208 bytes)
Hash
2ed8d5b2f2b901e92d03f9068812341a
8470214fc8e246c3910bcb0eae9070d4abe3a389
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 20208
content-type: text/css
content-encoding: gzip
content-md5: znAMuOwBXwRYMjVZ8p4wCw==
last-modified: Wed, 06 Sep 2023 21:22:45 GMT
etag: 0x8DBAF1F69A21EAA
x-cache: TCP_HIT
x-ms-request-id: af1f1e21-301e-005c-6f72-0ca059000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 08cpBZQAAAAA+LeV1gHkDR4dIcb/3bAe5QU1TMDRFREdFMTkwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAACrkQhLKy2JS6TPju6b4N8VU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

13.107.213.53

200 OK

40 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
40 kB (40454 bytes)
Hash
75cf78d0e38c65a538ad253ca9e48dbe
bf0452e4a42a9af3b69d5d8c3a3a0433f14921b6
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

HTTP Headers

GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 40454
content-type: application/x-javascript
content-encoding: gzip
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
last-modified: Fri, 26 Feb 2021 06:12:05 GMT
etag: 0x8D8DA1D70FBDD97
x-cache: TCP_HIT
x-ms-request-id: 66f91106-701e-0020-2ebe-08a640000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ORY8ZQAAAAA+oyyZadW9SrmhAUUEmv+6QU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAABSAM0k8x6dTolwIwuRLL75U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js

13.107.213.53

200 OK

45 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (778)
Size
45 kB (44785 bytes)
Hash
917d5d03b2f6773ea71def64520935f4
281282d233fd6dd4185df486f31a2ba38aaf5f85
585c15f044d19a1f0a1ba994b70992ce92e30cfd9443bab663d3f17b13d69708

HTTP Headers

GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 44785
content-type: application/x-javascript
content-encoding: gzip
content-md5: upI7aPOzsdXSeL+Vv8o5ww==
last-modified: Wed, 20 Apr 2022 04:33:13 GMT
etag: 0x8DA2286E1DA9029
x-cache: TCP_HIT
x-ms-request-id: 02947ea9-d01e-0052-1321-0b0244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0Lo4/ZQAAAAA0LFz8jGePRJ3lcp8fmYpZQU1TMDRFREdFMTgxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAADqiXBJtkrASIEmLDlV6p63U1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png

13.107.213.53

200 OK

1.1 kB

URL GET HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fwww.office.com%2F&state=_hD8BwNYgCm5HjrsjMxVYrKNNAp7kzM3EIrSQ5kg8j2JxqyzzCsOH-xBh2XyVHKCymLaEJjckXZfi8Szz-gkKRe8x1tpP7thXktgCXRnuZvESb35xooL2zBoCq2vuIr4&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint88:95:0C:FA:9D:33:AA:BF:A4:FD:9D:84:A6:E8:02:06:58:50:AD:8C
ValiditySun, 29 Oct 2023 00:00:00 GMT - Tue, 29 Oct 2024 23:59:59 GMT

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ea19b2112f4dfd8e90b4505ef7dcb4f9.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1057
content-type: image/png
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F48FD7E08
x-cache: TCP_HIT
x-ms-request-id: 2dd5b984-f01e-0040-5828-08e462000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 00vw7ZQAAAACt0rtGhEoJQZA4bT6AGmq1QU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0UvFBZQAAAABXD2zmhU1ATJYLXzhuYR7LU1ZHMjBFREdFMDYxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 01 Nov 2023 06:33:54 GMT
X-Firefox-Spdy: h2

pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html

104.18.2.35

200 OK

110 kB

URL User Request GET HTTP/1.1
pub-d89e3188311c46f49978b9555d4c9596.r2.dev/ave.html
IP
104.18.2.35:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF
ValidityWed, 11 Oct 2023 17:13:53 GMT - Tue, 09 Jan 2024 17:13:52 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (64651), with CRLF line terminators
Size
110 kB (110090 bytes)
Hash
68b6546b9951a8c0a001f05ad8333c8f
1d1d9b3c32ebf535aa0b18a341adca12111f2264
edddf0317dab4384aea7bf82a0643476f4b66341f5cd401fcf27aaec77d3688d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Outlook
PhishTank	phishing	Other

HTTP Headers

GET /ave.html HTTP/1.1
Host: pub-d89e3188311c46f49978b9555d4c9596.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://4hw8kcdcxccxve50.adamandco.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 06:33:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"68b6546b9951a8c0a001f05ad8333c8f"
Last-Modified: Wed, 18 Oct 2023 10:07:33 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 81f21bdb598d56b4-OSL
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash