us-login-officelive.pages.dev Open in urlscan Pro
172.66.47.36 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://us-login-officelive.pages.dev/0.9308724259076795
Effective URL:
https://us-login-officelive.pages.dev/0.9308724259076795
Submission: On April 04 via api (April 4th 2024, 10:46:46 pm UTC) from US — Scanned from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 172.66.47.36, located in United States and belongs to CLOUDFLARENET, US. The main domain is us-login-officelive.pages.dev.
TLS certificate: Issued by E1 on February 15th 2024. Valid for: 3 months.

This is the only time us-login-officelive.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
19	172.66.47.36 172.66.47.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	4

19 172.66.47.36 (United States)

ASN13335 (CLOUDFLARENET, US)

us-login-officelive.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.emailjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	pages.dev us-login-officelive.pages.dev	20 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2891	153 B
1	emailjs.com cdn.emailjs.com — Cisco Umbrella Rank: 580854	3 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 372	31 KB
22	4

	Domain	Requested by
19	us-login-officelive.pages.dev	us-login-officelive.pages.dev
1	api.ipify.org	us-login-officelive.pages.dev
1	cdn.emailjs.com	us-login-officelive.pages.dev
1	ajax.googleapis.com	us-login-officelive.pages.dev
22	4

This site contains no links.

Subject Issuer	Validity	Valid
us-login-officelive.pages.dev E1	`2024-02-15` - `2024-05-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn.emailjs.com GTS CA 1D4	`2024-03-27` - `2024-06-25`	3 months	crt.sh
ipify.org GTS CA 1P5	`2024-03-21` - `2024-06-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://us-login-officelive.pages.dev/0.9308724259076795
Frame ID: 32033B9B3A33F8C7853FAF3DD221D040
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

http://us-login-officelive.pages.dev/0.9308724259076795 HTTP 307
https://us-login-officelive.pages.dev/0.9308724259076795 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

55 kB
Transfer

149 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://us-login-officelive.pages.dev/0.9308724259076795 HTTP 307
https://us-login-officelive.pages.dev/0.9308724259076795 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request 0.9308724259076795 Show response
us-login-officelive.pages.dev/
Redirect Chain

http://us-login-officelive.pages.dev/0.9308724259076795
https://us-login-officelive.pages.dev/0.9308724259076795

8 KB
2 KB

135ms
58ms

Document
text/html

172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bc5f4de65856d1edac7dd480cec83980cc46a4b3dd62e53f4c84485e1b742e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fb9fac4bc9-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2024 22:46:41 GMT
etag: W/"790775b3bd70456067c2ba9b12031ff1"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oh3c0CwqeVCu95UVf7y1RRXVgiYsSJ1PP%2B4JT1vU%2B7fxEgR3W5kNnaSt9MnHEmFHysOkAYx5iMi9NcaFiouSAVLqOQcQCn%2F7%2BmF5cm5SMSTDUp%2B9gDE8ukgQN8h%2BEA%2BPamI4WaGXuJrrFs4QHNCv%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://us-login-officelive.pages.dev/0.9308724259076795
Non-Authoritative-Reason: HSTS

GET
H3 200 app.css
us-login-officelive.pages.dev/assets/ 5 KB
2 KB 123ms
121ms Stylesheet
text/css 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/assets/app.css

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ca0b548ae6810e936e345bd49af8748405d29c7d1c9852212ec545f6ca387f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"38abda349d2e714b69b460458aebe27b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BM4Z0cHIIYgNKS0nbvdhAcJfGB5Klc%2BMUQw%2FAGuChaee7kZwH4%2F0cipBCMDsTRmYBJuQEektl9tbGf%2BJEvgD4QOTgetuVUphiEP9bsiwVi4wrIKNn9PYv2sAEpAhB0LfIuIVu930NZdr5mVQx2Wa9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fc081e4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 addLogDetails.js Show response
us-login-officelive.pages.dev/ 169 B
677 B 125ms
118ms Script
text/javascript 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/addLogDetails.js

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b1e6f26016b44a3e46485295fa82564d1e26e219062671f5fa5fb9a5e5ed943

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d8131d8b5a271d902c0366ec9db60ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2FIAddiIIefs3jjxKkqPy2ws7IJqpPjXPqkF01Y3KZA6jJW3t1pP2Il311twSn7K%2BAs6Nx22XJhy4I9Q5sN1unkE0ZX1eywq43ny6wxcI91WXRf%2FzqOWwI5BtQCRTbSAlH%2Fu8JrJw6KHfB1lCAl%2BNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fc08404bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 135ms
39ms Script
text/javascript 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 10:15:33 GMT

GET
H2 200 email.min.js Show response
cdn.emailjs.com/dist/ 10 KB
3 KB 131ms
25ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.emailjs.com/dist/email.min.js

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15ca57b6eed6f0072717f2137c99f6aff32eb9c954873f9b5e1a1f16b6e7d6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-yyz4575-YYZ
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 04 Apr 2024 22:46:41 GMT
last-modified: Thu, 29 Feb 2024 15:56:50 GMT
x-timer: S1712270801.393785,VS0,VE1
etag: "af6e3f45307ee993cff68ec3ccc29fcc91c8510e7531d2e336e3cef949958183-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3059
x-cache-hits: 1

GET
H3 200 pageBossSender.js Show response
us-login-officelive.pages.dev/assets/ 12 KB
3 KB 122ms
121ms Script
text/javascript 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/assets/pageBossSender.js

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89a45327735f2607d23e29d8fc299ece3f69e07701ccf757015eb973ca47bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"548233b603cbf0a399c36a7ba7e5e8a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiCrHFyApzuuAo58f5yEBaIqSUCc7q%2FD%2Bb9Ivfi7BgxIc0zhrxwb6kuPqsVf500NuVLuKfkPpHmVgiwuDqxWGHrrCPcakzy4j73d0y73JujpEAupkLVpkNXpZutnD%2B4qTu8DBVaEhrfROUCc6m1bmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fc08434bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.svg
us-login-officelive.pages.dev/assets/ 4 KB
2 KB 124ms
123ms Image
image/svg+xml 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-login-officelive.pages.dev/assets/logo.svg

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b4d7a556445aa167d4959571a81c93db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKdcSpCwE6t325NT2E2Pu1C7apjrYdiDJFM5o0DBh5LjlHsFXDWFsYurNeXoFeU%2F%2Fo%2BnJ7KQ0N%2FofdJvJxljai2Bj0jdahlrtyhTxO9QODAnIVl9WoGlbphIGsqsRKp5aVndwyrQ%2Bp4ubdNhXX%2BSvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fc08454bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 key.png
us-login-officelive.pages.dev/assets/ 727 B
1 KB 238ms
237ms Image
image/png 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-login-officelive.pages.dev/assets/key.png

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f932cffc43a4a88d162ba92b1584965c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cUXBHv42qqyyHTS9y7wUzefhqkNXMArfEQfQX56JGyaoKFFw8clvQ1fpInV3Qn%2FDf7hOiW2gt19CPdy%2FBM56W0HkAah8lBKb6Y8NIcOPIkYYANdQHxW01kKL6CJCVM11WSKBMHc7%2FT8u2KLJwmz7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fc08484bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 727

GET
H3 200 back.png
us-login-officelive.pages.dev/assets/ 231 B
725 B 63ms
63ms Image
image/png 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-login-officelive.pages.dev/assets/back.png

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7801112419d0cf1a2055a329e6703e16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNRyFjP6ulz6%2FiSMsrpY0TCKnNw4ZoTMPQhFTJbOchHM%2BHeArmfSoDO3gFqy%2BotHuZa%2F5gshNI2hMUUIiLJZaD0XFbFp8ix1COEhcm6ZSJ%2BpLM1ZKTbYvE3c3cm%2BCB8OIO%2Bx1uwbkDrPlqR4rqaFIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fcd8fe4bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 231

GET
H3 200 amazonBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 240 B
623 B 63ms
62ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/amazonBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f596a40b1e6db91545cbfe65282aea349eb2b462ce1c35c9436f567c60087b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"729b66ecf8ac69fcf9efc5601b56066e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4C%2BgPvzeLoe0goRpMs2%2B67fD7lwHO6r4chOUC5hzxkJYeSJyDCLgjvobXle9jMXVY5VgI8WecNRk1SDGRkk4kyrshidiZdej5vZXDWsNXigPKxEC2UaSWYR3qWulEdD%2BDxam72lKGr6PCX8w4Si3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a154bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 appleBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 224 B
611 B 50ms
48ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/appleBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7186867cc79a5cab55079260efb7a46d9489d8131dc880d201529c326232110f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fc0a06fd059af2c9addb961a8d31ab85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poftkzKY1KCEojoGv8bcV8fsznlMF1Ro2MEV7jyK7TUdEpBqwlictE1aOHcmTmiaBdL7XEU4Mc%2FJCaWo7bn4W5sXiwXhUSH6AGBTNJW6hqJkAF1mRk5qDaAU%2FSBqU%2F8%2Be1y6tBCAyghi6cH22UTkSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a164bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 bingBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 693 B
743 B 159ms
156ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/bingBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

333957d55b9db9f7b0bc21ab8b4c3b952cffe2e59aa55d1725775ce14d2c484a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c2fdc848c5ee58c03d2d9a33bd14fb4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuz2DgWQS7vtM31SlWXAZzY6jKlG%2Bu4sVKQl2SFgnEHlw9IVu5kSg%2FhTDGREzwm1GTZHfXsWmG6HG%2BvO0TvGPBQH0f1LOPCn1ZM97FiCAeQq1pTGKnLJK%2F7ZHfXCO%2FhpvC5FDBleOQlW83ng%2B62qBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a174bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 cloudFlareBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 384 B
671 B 58ms
56ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/cloudFlareBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c49de878149a3ccc645e08fb405c17114189eebf5c316ffb855aa0fb2f35cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31245ff0986d4100d92ea8eee8f7d231"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJQswtsGDr%2FBQh7LeLeQSaRYs9dM2kCPoEnYyrrj%2BEE4JwZqX5YXmJiTFDySFB8qoHA8gwE%2FSvy7xKg7UfzeeAG%2BO0v3tfPNDQW5aML08DmxbxDnlY174LKpctyOpH4u%2BHZDoxnFL4m883csmPIDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a184bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 cookieBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 204 B
617 B 57ms
54ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/cookieBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d98385d92ef54d5450801f04d9e4d213f5a429bfdd436c1fb9c60c4e5c2d40ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fb2251ffb2b518ba1b962fd5c384463a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYnGDTimyr9QtPvH49vQRMm6%2BF0y06DzWKu8%2FtK%2BN1IKCk9bH%2B1yuqASYsdXcVQeWCoSLgKnvieleAmT3M2M9z%2FffDmvpHm0VlZsPZWhBFPZcQjjghFdcN0BzTJoe9YpozQyug5uqXsKL32%2Fdnhu3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a1a4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 googleBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 652 B
707 B 71ms
68ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/googleBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a227440b25ab6ee13c892a8ca61863b06eeae2b8a85bd3a3d31e155b9560107c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a52eb01f0a45e082f2203bf574ce49f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPntnc2YTYs9uopLlWrQfvdlllyJ4%2FhkhYbLy4F1h4wbbOlHs2ftTEmkzad0WKzAs8DH8VtT%2Bul85fZq0oDGPnPYAVyXgiaYh7x2pn5joa39XCBwjAGZhRzwqPLFRa6WfZ3KYj%2BKaXh3XV%2BXfNtSlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a1b4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 namecheapBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 684 B
720 B 66ms
64ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/namecheapBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e184ecaede7cbd5aeef13c00e632dd904e6e66863076cfc621078006b28494b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d1882c1e3dee030917acf400bd5e1af5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M87Duf696K015Hz8EAbKjOet91b%2BzkvOIzBQlUJjgHXohisXFj2Z6fR3WW7Nli0L1%2Fsp%2FFWVnXX6PVvrmKs9liRsns9vTYKTngBokkTitoSgPLMTW8f7%2FUIthGa%2Bvnv0Xr9K6BYQzhpk6FL%2FMZO3yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a1c4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 qualysBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 47 B
534 B 199ms
197ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/qualysBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc7cc29c5f09f59672497ad23a92a9a305e436a67c14dbc41c03dee2bd45037

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e20ce4f4774b0794492c920c153685ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diMK6njGONaY9eIc6YhvOcXvohyNkj0HCXD7pGjrhznU21tptqNZIMKZMU0pWgm7ZdkLUO0jWnqG2Mu1PGmN%2F9wOEVAWyOqRTaDyCW1XRsuo%2FC5byU216ixkSprct8TFk5BgcmJXEhav%2BqfeVp3gkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a1d4bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 47

GET
H3 200 syntheticBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 52 B
552 B 69ms
67ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/syntheticBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d7d73a165aa20f50ef0dc5f041e96495539b7d581826960811a05b8a0765255

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c13186754ef4f6a2f17db2482766d6d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=at6usexc1Nzt0FOPMw0eqdFO2M9ZV%2BqJHkvyocTXI%2FFY7NdpKvKl78OGLWYN7yUG61BGeELIJMeo8o7Hj6TEQyQQ8e1WxYi9xQY4qdwBb8l%2F%2Bg29nWkLtdgKdN8ZQ5XGcjA%2F2862dYJNWmB2a%2FSWFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a1e4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 yandexBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 205 B
597 B 67ms
66ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/yandexBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ff3722250561b3a9efc873ecfc92008b72eaff948e292f8f9d67b8def4b7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fe23f4ff4afd3c8f27054c8885bae34b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMe2%2FgyS7ixj06Bw7boDEudwweTrLf%2FFgNQZsNCoE6Geg1ziTlQPMt8fhRhH6ARpLxr63hIc0skdM6CISS76VEmL%2FxK6Oj355nqQd6r2kLOQ3NS6xQyD2aNc0uL%2Fbf2jWotB8UlMeF3kJBGYl5mWrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a1f4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 generalBotIPs.json Show response
us-login-officelive.pages.dev/antibot/ips/ 2 KB
962 B 68ms
66ms Fetch
application/json 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/antibot/ips/generalBotIPs.json

Requested by

Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01e9c45465857851fb2dedf57bdae350ac7b31d7aaea611831934366a689aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"54b89963e10e7b6c6d39c0429214d703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QXxMLSabivRQ%2BsALDHmovjzGEnr5RzJPDtyTSEuH7bioh8VYaU5r%2BpQxZFbIz9LjMJOZ8qIv3vW1BMuJPd33YdRAYbaWR1VrXjQwG5A4L4Z5%2FsQUKIZBwDAhKUsbFrhr3MwqtnFb3QtKlkuv8QH3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a204bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
us-login-officelive.pages.dev/assets/ 17 KB
983 B 168ms
167ms Other
image/x-icon 172.66.47.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-login-officelive.pages.dev/assets/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/0.9308724259076795
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b52ae8d8fe9d158bb668e6c4d9c14505"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9hbTRkWgnM8U6WhiobehFEPf8wouXTs8uH1zIx2H3pbmSMhQOg6VRDUuk3CH4%2BhuAzirQ2nuOhgR70aS9yuCuu9WmtanFE5shA21B5sSMXAspr7K0Q5063%2B983Ei3daR0wb8TtBurtn4%2FpVXfGKTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86f4d5fd9a224bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
api.ipify.org/ 20 B
153 B 164ms
78ms Fetch
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: us-login-officelive.pages.dev
URL: https://us-login-officelive.pages.dev/0.9308724259076795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 694ab0020370540c58bf79da7afdcd47fcf1d6a1adbdbf870adf9b03f07105fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://us-login-officelive.pages.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:46:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 86f4d5ff7c5e60a0-ORD
content-length: 20

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://us-login-officelive.pages.dev/0.9308724259076795 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://us-login-officelive.pages.dev/0.9308724259076795 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
cdn.emailjs.com
us-login-officelive.pages.dev
104.26.13.205
151.101.65.195
172.66.47.36
2607:f8b0:4006:80d::200a
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
15ca57b6eed6f0072717f2137c99f6aff32eb9c954873f9b5e1a1f16b6e7d6a6
1d7d73a165aa20f50ef0dc5f041e96495539b7d581826960811a05b8a0765255
2b1e6f26016b44a3e46485295fa82564d1e26e219062671f5fa5fb9a5e5ed943
333957d55b9db9f7b0bc21ab8b4c3b952cffe2e59aa55d1725775ce14d2c484a
3bc5f4de65856d1edac7dd480cec83980cc46a4b3dd62e53f4c84485e1b742e2
3ca0b548ae6810e936e345bd49af8748405d29c7d1c9852212ec545f6ca387f9
40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652
55c49de878149a3ccc645e08fb405c17114189eebf5c316ffb855aa0fb2f35cd
694ab0020370540c58bf79da7afdcd47fcf1d6a1adbdbf870adf9b03f07105fb
6f596a40b1e6db91545cbfe65282aea349eb2b462ce1c35c9436f567c60087b3
70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4
7186867cc79a5cab55079260efb7a46d9489d8131dc880d201529c326232110f
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9e184ecaede7cbd5aeef13c00e632dd904e6e66863076cfc621078006b28494b
a227440b25ab6ee13c892a8ca61863b06eeae2b8a85bd3a3d31e155b9560107c
b0ff3722250561b3a9efc873ecfc92008b72eaff948e292f8f9d67b8def4b7b5
d01e9c45465857851fb2dedf57bdae350ac7b31d7aaea611831934366a689aea
d98385d92ef54d5450801f04d9e4d213f5a429bfdd436c1fb9c60c4e5c2d40ca
ddc7cc29c5f09f59672497ad23a92a9a305e436a67c14dbc41c03dee2bd45037
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89a45327735f2607d23e29d8fc299ece3f69e07701ccf757015eb973ca47bd8

us-login-officelive.pages.dev Open in urlscan Pro 172.66.47.36 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

55 kBTransfer

149 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

us-login-officelive.pages.dev Open in urlscan Pro
172.66.47.36 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

55 kB
Transfer

149 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!