serviceagreementprograms.com Open in urlscan Pro
3.27.162.33  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response serviceagreementprograms.com/	239 KB 60 KB	1635ms 209ms	Document text/html	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash f0a9b9122a7bc55d4b22d96f71c7b05302852344dd606c11edf925043285f9da Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 19:23:32 GMT vary Accept-Encoding x-server gophish
GET H/1.1	200 OK	Me.htm login.live.com/	0 0	1940ms 448ms	Other text/html	40.126.16.167 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.live.com/Me.htm?v=3 Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.16.167 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers
GET H2	404	ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	0 0	169ms 169ms	Script text/plain	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://serviceagreementprograms.com/?rid=wJcAa5c Origin https://serviceagreementprograms.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT x-content-type-options nosniff content-length 19 vary Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js Show response serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	107 KB 32 KB	175ms 174ms	Script text/javascript	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 174b35b592e6a4baeb40f3b6d06c9690b95dd6d264d1dc6ec6049f675094cd57 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/?rid=wJcAa5c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT content-encoding gzip last-modified Tue, 30 May 2023 06:54:38 GMT accept-ranges bytes vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	convergedlogin_pfetchsessionsprogress_02d6d4e9622aa130a29d.js Show response serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	15 KB 5 KB	179ms 177ms	Script text/javascript	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/convergedlogin_pfetchsessionsprogress_02d6d4e9622aa130a29d.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 40d1711754bf2820218ca654a9b1d8ccad7eb0786366bbe94124e2178849e7b0 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/?rid=wJcAa5c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT content-encoding gzip last-modified Tue, 30 May 2023 06:54:38 GMT accept-ranges bytes vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js Show response serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	111 KB 35 KB	187ms 186ms	Script text/javascript	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash d105df41fc2ac5fc8959647605e62c36916128452667ed3dd94328a4f8cf494f Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/?rid=wJcAa5c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT content-encoding gzip last-modified Tue, 30 May 2023 06:54:38 GMT accept-ranges bytes vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	convergedlogin_ppassword_fa267993751df2ebedba.js Show response serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	24 KB 7 KB	190ms 189ms	Script text/javascript	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/convergedlogin_ppassword_fa267993751df2ebedba.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 2bbb8ab7bb14d51665509c16a5e2b13735d84a71be1e7f98fb0281d4d317abe9 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/?rid=wJcAa5c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT content-encoding gzip last-modified Tue, 30 May 2023 06:54:38 GMT accept-ranges bytes vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	bannerlogo.png serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	8 KB 8 KB	169ms 169ms	Image image/png	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/bannerlogo.png Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash e95f29bbdab01a255f4bfb4f5a1450b70dbba9a713e4501efffe25ee70b2bd76 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/?rid=wJcAa5c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT content-encoding gzip last-modified Tue, 30 May 2023 06:54:38 GMT accept-ranges bytes vary Accept-Encoding content-type image/png
GET H2	200	arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	513 B 554 B	169ms 168ms	Image image/svg+xml	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/?rid=wJcAa5c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT last-modified Tue, 30 May 2023 06:54:38 GMT accept-ranges bytes content-length 513 vary Accept-Encoding content-type image/svg+xml
GET H2	404	ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	0 0	169ms 169ms	Script text/plain	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://serviceagreementprograms.com/?rid=wJcAa5c Origin https://serviceagreementprograms.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:32 GMT x-content-type-options nosniff content-length 19 vary Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Show response aadcdn.msauth.net/ests/2.1/content/cdnbundles/	117 KB 40 KB	848ms 172ms	Script application/x-javascript	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0 Request headers Referer https://serviceagreementprograms.com/ Origin https://serviceagreementprograms.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:33 GMT content-encoding gzip content-md5 HWW92uTq7vx3y5z+zFZbXQ== x-cache TCP_HIT content-length 40454 x-ms-lease-status unlocked last-modified Fri, 26 Feb 2021 06:13:13 GMT etag 0x8D8DA1D997CA245 x-azure-ref 0NfB4ZAAAAADxzrYPQSHuQrEqKdB8hU4sU1lEMDNFREdFMTgxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type application/x-javascript access-control-allow-origin * x-ms-request-id 2c44c5f0-801e-004f-46a1-8d6d7d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css aadcdn.msauth.net/ests/2.1/content/cdnbundles/	0 20 KB	844ms 169ms	Other text/css	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:33 GMT content-encoding gzip content-md5 my0Zhhbba7KnUZjS3cT6Wg== x-cache TCP_HIT content-length 20067 x-ms-lease-status unlocked last-modified Wed, 10 May 2023 02:52:54 GMT etag 0x8DB5101A70F4518 x-azure-ref 0NfB4ZAAAAABrY/j3FAORT6j7cpck04tYU1lEMDNFREdFMTIwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type text/css access-control-allow-origin * x-ms-request-id a1ca5a4e-c01e-0067-0ea2-8fa45f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	ux.converged.login.strings-en-gb.min_oqrgeeq7ksxvv_lfrvwrbq2.js aadcdn.msauth.net/ests/2.1/content/cdnbundles/	0 14 KB	1011ms 336ms	Other application/x-javascript	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_oqrgeeq7ksxvv_lfrvwrbq2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:33 GMT content-encoding gzip content-md5 talCdk+vq3oaMCAE/VQ0AA== x-cache TCP_HIT content-length 14342 x-ms-lease-status unlocked last-modified Mon, 01 May 2023 22:09:45 GMT etag 0x8DB4A90C5EC75ED x-azure-ref 0NfB4ZAAAAABSHocAj5YwRZvJUvVm9pv2U1lEMDNFREdFMTIwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type application/x-javascript access-control-allow-origin * x-ms-request-id d961a29b-d01e-0052-54c6-900244000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	illustration aadcdn.msauthimages.net/81d6b03a-ou9pioet6wcmbicegiafdp1pmyqrpvvdcivlay3zhyi/logintenantbranding/0/	129 KB 129 KB	1628ms 170ms	Image image/*	152.199.40.61 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauthimages.net/81d6b03a-ou9pioet6wcmbicegiafdp1pmyqrpvvdcivlay3zhyi/logintenantbranding/0/illustration?ts=638157362585807088 Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.40.61 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7C6) / Resource Hash 0a00576cadae87e861392dd608fef4ddc4bd2eb52451e94013265bdb2d98c09b Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:34 GMT last-modified Thu, 30 Mar 2023 01:24:18 GMT server ECAcc (nwa/E7C6) content-md5 N95FaJk4bo2ED03HJ/h84w== age 57269 etag 0x8DB30BD7BC81646 x-cache HIT content-type image/* x-ms-request-id e742bde1-001e-0025-3d39-947fac000000 cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes content-length 132086
GET H2	404	ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/	0 0	169ms 168ms	Script text/plain	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://serviceagreementprograms.com/?rid=wJcAa5c Origin https://serviceagreementprograms.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 19:23:33 GMT x-content-type-options nosniff content-length 19 vary Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	frameworksupport.min_oadrnc13magb009k4d20lg2.js Show response aadcdn.msauth.net/ests/2.1/content/cdnbundles/	12 KB 5 KB	169ms 169ms	Script application/x-javascript	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69 Request headers Referer https://serviceagreementprograms.com/ Origin https://serviceagreementprograms.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:33 GMT content-encoding gzip content-md5 A8dgUeRfi6/VknMbox6Cuw== x-cache TCP_HIT content-length 4880 x-ms-lease-status unlocked last-modified Thu, 22 Oct 2020 20:43:21 GMT etag 0x8D876CB1D67B929 x-azure-ref 0NfB4ZAAAAADtwc/HqfLDSaEVnhT4BsBsU1lEMDNFREdFMTgxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type application/x-javascript access-control-allow-origin * x-ms-request-id 44648351-601e-0015-70d4-8d005b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	watson.min_q5ptmu8aniymd4ftuqdkda2.js Show response aadcdn.msauth.net/ests/2.1/content/cdnbundles/	9 KB 4 KB	170ms 170ms	Script application/x-javascript	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6 Request headers Referer https://serviceagreementprograms.com/ Origin https://serviceagreementprograms.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:33 GMT content-encoding gzip content-md5 up2irhKVlrgd4fr/sCzQ9w== x-cache TCP_HIT content-length 3921 x-ms-lease-status unlocked last-modified Tue, 28 Jun 2022 20:27:38 GMT etag 0x8DA5944A4FF258E x-azure-ref 0NvB4ZAAAAAB6+wUqufYcSb7bcRk2Aml1U1lEMDNFREdFMTgxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type application/x-javascript access-control-allow-origin * x-ms-request-id 876b705d-301e-005c-49e0-91a059000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
POST H2	404	watson Show response serviceagreementprograms.com/common/handlers/	19 B 66 B	169ms 168ms	XHR text/plain	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/common/handlers/watson Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 client-request-id 13e6892c-d1d8-4d45-89a3-9f7e93757f35 canary PAQABAAEAAAD--DLA3VO7QrddgJg7WevrAfKI9jx-_b_fAe4ROdXDKBKCFEyKNKyojtwaPiKRIT9Nk5fmbXVvKyO5UsKb-bOBEI3o8YHts0Jvt7LXuTohWfLORhBM5xdWlDkrATm47pFhgZRG-c5ewIiKMqpNQhrmeNKrgngZmkK9hJbvFwTGvzcl4itTgijAttl1N_dwQm9IQEeuoCWuZJm1ISHke4U06ASPIwl3kADH6fr6QQKEGCAA Content-Type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://serviceagreementprograms.com/?rid=wJcAa5c X-Requested-With XMLHttpRequest hpgact 1800 Response headers date Thu, 01 Jun 2023 19:23:34 GMT x-content-type-options nosniff content-length 19 vary Accept-Encoding content-type text/plain; charset=utf-8
POST H2	404	watson Show response serviceagreementprograms.com/common/handlers/	19 B 43 B	168ms 167ms	XHR text/plain	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/common/handlers/watson Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 client-request-id 13e6892c-d1d8-4d45-89a3-9f7e93757f35 canary PAQABAAEAAAD--DLA3VO7QrddgJg7WevrAfKI9jx-_b_fAe4ROdXDKBKCFEyKNKyojtwaPiKRIT9Nk5fmbXVvKyO5UsKb-bOBEI3o8YHts0Jvt7LXuTohWfLORhBM5xdWlDkrATm47pFhgZRG-c5ewIiKMqpNQhrmeNKrgngZmkK9hJbvFwTGvzcl4itTgijAttl1N_dwQm9IQEeuoCWuZJm1ISHke4U06ASPIwl3kADH6fr6QQKEGCAA Content-Type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://serviceagreementprograms.com/?rid=wJcAa5c X-Requested-With XMLHttpRequest hpgact 1800 Response headers date Thu, 01 Jun 2023 19:23:34 GMT x-content-type-options nosniff content-length 19 vary Accept-Encoding content-type text/plain; charset=utf-8
POST H2	404	watson Show response serviceagreementprograms.com/common/handlers/	19 B 43 B	331ms 331ms	XHR text/plain	3.27.162.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serviceagreementprograms.com/common/handlers/watson Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.27.162.33 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-27-162-33.ap-southeast-2.compute.amazonaws.com Software / Resource Hash b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 client-request-id 13e6892c-d1d8-4d45-89a3-9f7e93757f35 canary PAQABAAEAAAD--DLA3VO7QrddgJg7WevrAfKI9jx-_b_fAe4ROdXDKBKCFEyKNKyojtwaPiKRIT9Nk5fmbXVvKyO5UsKb-bOBEI3o8YHts0Jvt7LXuTohWfLORhBM5xdWlDkrATm47pFhgZRG-c5ewIiKMqpNQhrmeNKrgngZmkK9hJbvFwTGvzcl4itTgijAttl1N_dwQm9IQEeuoCWuZJm1ISHke4U06ASPIwl3kADH6fr6QQKEGCAA Content-Type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://serviceagreementprograms.com/?rid=wJcAa5c X-Requested-With XMLHttpRequest hpgact 1800 Response headers date Thu, 01 Jun 2023 19:23:34 GMT x-content-type-options nosniff content-length 19 vary Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css aadcdn.msauth.net/ests/2.1/content/cdnbundles/	0 20 KB	172ms 169ms	Other text/css	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:34 GMT content-encoding gzip content-md5 my0Zhhbba7KnUZjS3cT6Wg== x-cache TCP_HIT content-length 20067 x-ms-lease-status unlocked last-modified Wed, 10 May 2023 02:52:54 GMT etag 0x8DB5101A70F4518 x-azure-ref 0NvB4ZAAAAABjWbHYwhoFRZ9ibEle0e3sU1lEMDNFREdFMTIwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type text/css access-control-allow-origin * x-ms-request-id a1ca5a4e-c01e-0067-0ea2-8fa45f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	ux.converged.login.strings-en-gb.min_oqrgeeq7ksxvv_lfrvwrbq2.js aadcdn.msauth.net/ests/2.1/content/cdnbundles/	0 14 KB	171ms 170ms	Other application/x-javascript	13.107.237.59 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_oqrgeeq7ksxvv_lfrvwrbq2.js Requested by Host: serviceagreementprograms.com URL: https://serviceagreementprograms.com/?rid=wJcAa5c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://serviceagreementprograms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 01 Jun 2023 19:23:34 GMT content-encoding gzip content-md5 talCdk+vq3oaMCAE/VQ0AA== x-cache TCP_HIT content-length 14342 x-ms-lease-status unlocked last-modified Mon, 01 May 2023 22:09:45 GMT etag 0x8DB4A90C5EC75ED x-azure-ref 0NvB4ZAAAAABiQY2FUWPiQpcvqR0F1H4cU1lEMDNFREdFMTIwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= content-type application/x-javascript access-control-allow-origin * x-ms-request-id d961a29b-d01e-0052-54c6-900244000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| StringRepository object| PROOF boolean| __ object| webpackJsonp boolean| __convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283 boolean| __convergedlogin_pfetchsessionsprogress_02d6d4e9622aa130a29d boolean| __convergedlogin_pstringcustomizationhelper_9877123961886facadfe boolean| __convergedlogin_ppassword_fa267993751df2ebedba function| $ function| jQuery object| $Api

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: ce0dd559a5044a588926708fdfc6c179
			.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1685647414&co=1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://serviceagreementprograms.com/?rid=wJcAa5c Message: Refused to execute script from 'https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://serviceagreementprograms.com/?rid=wJcAa5c Message: Refused to execute script from 'https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://serviceagreementprograms.com/?rid=wJcAa5c Message: Refused to execute script from 'https://serviceagreementprograms.com/static/48ecc55c-f742-4363-9503-f7caa997b46d/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://serviceagreementprograms.com/common/handlers/watson Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://serviceagreementprograms.com/common/handlers/watson Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://serviceagreementprograms.com/common/handlers/watson Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
login.live.com
serviceagreementprograms.com
13.107.237.59
152.199.40.61
3.27.162.33
40.126.16.167
0a00576cadae87e861392dd608fef4ddc4bd2eb52451e94013265bdb2d98c09b
174b35b592e6a4baeb40f3b6d06c9690b95dd6d264d1dc6ec6049f675094cd57
2bbb8ab7bb14d51665509c16a5e2b13735d84a71be1e7f98fb0281d4d317abe9
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
40d1711754bf2820218ca654a9b1d8ccad7eb0786366bbe94124e2178849e7b0
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
d105df41fc2ac5fc8959647605e62c36916128452667ed3dd94328a4f8cf494f
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95f29bbdab01a255f4bfb4f5a1450b70dbba9a713e4501efffe25ee70b2bd76
f0a9b9122a7bc55d4b22d96f71c7b05302852344dd606c11edf925043285f9da