urlscan.io logo urlscan.io
SecurityTrails logo

crownpointrugauction.com Open in urlscan Pro
69.73.184.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aldeiadigitalweb.com.br/?e=a@a.com
Effective URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn...
Submission: On January 14 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 11 HTTP transactions. The main IP is 69.73.184.9, located in Spring, United States and belongs to NTHL - NETWORK TRANSIT HOLDINGS LLC, US. The main domain is crownpointrugauction.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 16th 2018. Valid for: 3 months.
This is the only time crownpointrugauction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 177.11.51.173 53243 (Brasil Si...)
2 3 69.73.184.9 11042 (NTHL)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
4 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 13.107.42.13 8068 (MICROSOFT...)
1 93.115.38.30 44901 (BELCLOUD)
11 8
1    177.11.51.173 (Brazil)

ASN53243 (Brasil Site Informatica LTDA, BR)
PTR: host-51-173.sdmservidores.com
aldeiadigitalweb.com.br
3    69.73.184.9 (Spring, United States)

ASN11042 (NTHL - NETWORK TRANSIT HOLDINGS LLC, US)
PTR: whiteout.nocdirect.com
crownpointrugauction.com
1    2a02:26f0:eb:397::35c1 (European Union)

ASN20940 (AKAMAI-ASN1, US)
secure.aadcdn.microsoftonline-p.com
4    2a02:26f0:eb:3ad::34ef (European Union)

ASN20940 (AKAMAI-ASN1, US)
auth.gfx.ms
msagfx.live.com
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
upload.wikimedia.org
1    2a02:26f0:eb:397::34ef (European Union)

ASN20940 (AKAMAI-ASN1, US)
auth.gfx.ms
1    13.107.42.13 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
onedrive.live.com
1    93.115.38.30 (Sofia, Bulgaria)

ASN44901 (BELCLOUD, BG)
PTR: cphost07.qhoster.net
93.115.38.30
Domain Requested by
4 auth.gfx.ms crownpointrugauction.com
3 crownpointrugauction.com 2 redirects aldeiadigitalweb.com.br
1 onedrive.live.com crownpointrugauction.com
1 msagfx.live.com crownpointrugauction.com
1 upload.wikimedia.org crownpointrugauction.com
1 secure.aadcdn.microsoftonline-p.com crownpointrugauction.com
1 aldeiadigitalweb.com.br
11 7

This site contains links to these domains. Also see Links.

Domain
signup.live.com
login.live.com
Subject Issuer Validity Valid
crownpointrugauction.com
Let's Encrypt Authority X3		 2018-11-16 -
2019-02-14		 3 months crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft IT TLS CA 1		 2017-08-15 -
2019-08-15		 2 years crt.sh
msagfx.live.com
Microsoft IT TLS CA 4		 2017-07-27 -
2019-07-17		 2 years crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA		 2017-12-21 -
2019-01-24		 a year crt.sh
onedrive.com
Microsoft IT TLS CA 1		 2017-08-02 -
2019-08-02		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: B2885A2E1BF5EFC45BF4EFAFC021960F
Requests: 10 HTTP requests in this frame

Frame: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Frame ID: 473459F6BC24F67CB367D7F8CBE9A46B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://aldeiadigitalweb.com.br/?e=a@a.com Page URL
  2. https://crownpointrugauction.com/?uid=a@a.com HTTP 302
    https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/?rand=13InboxLight.aspx HTTP 302
    https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqq... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

11
Requests

82 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

8
IPs

4
Countries

371 kB
Transfer

1028 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aldeiadigitalweb.com.br/?e=a@a.com Page URL
  2. https://crownpointrugauction.com/?uid=a@a.com HTTP 302
    https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/?rand=13InboxLight.aspx HTTP 302
    https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
aldeiadigitalweb.com.br/ 		113 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
http://aldeiadigitalweb.com.br/?e=a@a.com
Protocol
HTTP/1.1
Server
177.11.51.173 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR),
Reverse DNS
host-51-173.sdmservidores.com
Software
Apache /
Resource Hash

Request headers

Host
aldeiadigitalweb.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 16:55:23 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php
crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/
Redirect Chain
  • https://crownpointrugauction.com/?uid=a@a.com
  • https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/?rand=13InboxLight.aspx
  • https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re...
18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Requested by
Host: aldeiadigitalweb.com.br
URL: http://aldeiadigitalweb.com.br/?e=a@a.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.73.184.9 Spring, United States, ASN11042 (NTHL - NETWORK TRANSIT HOLDINGS LLC, US),
Reverse DNS
whiteout.nocdirect.com
Software
Apache /
Resource Hash
4418d9d8ad2050570f46eae2c8bdccb6f6f65ce63b57908a7d0436a226e6d7fa

Request headers

Host
crownpointrugauction.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://aldeiadigitalweb.com.br/?e=a@a.com
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://aldeiadigitalweb.com.br/?e=a@a.com

Response headers

Date
Mon, 14 Jan 2019 16:55:26 GMT
Server
Apache
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 14 Jan 2019 16:55:25 GMT
Server
Apache
Location
Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
converged.v2.login.min_t7iocdq0wq2qh0nv233jig2.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/cdnbundles/ 		94 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/cdnbundles/converged.v2.login.min_t7iocdq0wq2qh0nv233jig2.css
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:397::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
190c090f07c94b7f907c4d4264d56d5ffba32d25706433847af09eda9fe8e5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Origin
https://crownpointrugauction.com

Response headers

Date
Mon, 14 Jan 2019 16:55:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Sep 2018 23:12:43 GMT
Content-MD5
PPjUxRT1jqzNE8fzcJZLgA==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
Cache-Control
public, max-age=604225
Connection
keep-alive
Content-Length
18121
ConvergedLoginPaginatedStrings.EN.js
auth.gfx.ms/16.000.27683.1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/16.000.27683.1/ConvergedLoginPaginatedStrings.EN.js
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:3ad::34ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
baf34bd46d7626c8656a48a9a51e875ad51dba1bd22a704dc0d3395a653df14e

Request headers

Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 16:55:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 07:44:33 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C002 V: 0
ETag
"80467655679ad31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4757
Server
Microsoft-IIS/8.5
ConvergedLogin_PCore.js
auth.gfx.ms/16.000.27683.1/ 		391 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gfx.ms/16.000.27683.1/ConvergedLogin_PCore.js
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:3ad::34ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9ececbd5fc52b4c11307e2fb1cbe9eab972b2bfbcf058b484aa89c5be6740cd5

Request headers

Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 16:55:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 07:35:04 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"0c44f2669ad31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Server
Microsoft-IIS/8.5
Mail_iOS.svg
upload.wikimedia.org/wikipedia/commons/5/52/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/5/52/Mail_iOS.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
b6d2190a6b7ab0749c6dd216673a581e358d494d45e1fdec3abe6fcf757b1bb5
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Mon, 14 Jan 2019 16:55:26 GMT
content-encoding
gzip
content-type
image/svg+xml
age
30591
x-cache-status
hit-front
x-cache
cp1088 hit/2, cp3038 hit/8, cp3047 hit/41
status
200
content-length
2183
server-timing
cache;desc="hit-front"
x-trans-id
tx7104a00e886945198fc82-005c3c477d
x-client-ip
2a01:4f8:202:a9::2
x-object-meta-sha1base36
rm35b91uwjtrge8fz16rwcb4lu2efuw
access-control-allow-origin
*
last-modified
Fri, 24 Oct 2014 22:27:08 GMT
etag
W/5b2eede13a4ebbae5f4f3291f6d5f104
vary
Accept-Encoding
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
348302592 344218594, 417105741 409332981, 398522901 252188520
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
x-timestamp
1414189627.10034
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
ellipsis_white.svg
auth.gfx.ms/16.000.27683.1/images/ 		915 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.gfx.ms/16.000.27683.1/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:397::34ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 16:55:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 07:17:27 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1A001 V: 0
ETag
"805d4a8c639ad31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
263
Server
Microsoft-IIS/8.5
ellipsis_grey.svg
auth.gfx.ms/16.000.27683.1/images/ 		915 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.gfx.ms/16.000.27683.1/images/ellipsis_grey.svg?x=2b5d393db04a5e6e1f739cb266e65b4c
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:3ad::34ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 16:55:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 07:17:27 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"805d4a8c639ad31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
263
Server
Microsoft-IIS/8.5
ConvergedLogin_PCore.js
msagfx.live.com/16.000.27683.1/ 		391 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msagfx.live.com/16.000.27683.1/ConvergedLogin_PCore.js
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:3ad::34ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9ececbd5fc52b4c11307e2fb1cbe9eab972b2bfbcf058b484aa89c5be6740cd5

Request headers

Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 14 Jan 2019 16:55:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 07:35:04 GMT
PPServer
PPV: 30 H: BL2IDSPRTS1C004 V: 0
ETag
"0c44f2669ad31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604799
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109042
Server
Microsoft-IIS/8.5
preload
onedrive.live.com/ Frame 4734 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.42.13 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onedrive.live.com
:scheme
https
:path
/preload?view=Folders.All&id=250206&mkt=EN-US
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4

Response headers

status
200
cache-control
private, max-age=14400
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Mon, 14 Jan 2019 20:55:27 GMT
vary
Accept-Encoding
set-cookie
mkt=en-US; domain=.live.com; expires=Tue, 14-Jan-2020 00:00:00 GMT; path=/ E=P:dESZFUF61og=:PqS/6iATbK/IipWRhBO73HpCVtNT0lmaAzep4zhhSOU=:F; domain=.live.com; path=/ xid=ac963376-651d-4983-9388-7e451a2dff4a&&RD00155D5E85C7&46; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Mon, 14-Jan-2019 15:15:27 GMT; path=/ wla42=; domain=live.com; expires=Mon, 21-Jan-2019 16:55:27 GMT; path=/
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-msnserver
RD00155D5E85C7
x-odwebserver
canadaeast1-ODWebpl
x-msedge-ref
Ref A: FA54DF44A7DC4EDEAF7F5125D7C37C45 Ref B: FRAEDGE0819 Ref C: 2019-01-14T16:55:27Z
date
Mon, 14 Jan 2019 16:55:27 GMT
back.png
93.115.38.30/~deliver2/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://93.115.38.30/~deliver2/back.png
Requested by
Host: crownpointrugauction.com
URL: https://crownpointrugauction.com/==8fa0d9030fb2174af0bf723cfedc829d==/Mail-Security-Settings-b624i3i5rc3lwrqqhtkhr6rhwaevgyvr4xwn1ettqxeno4e5xznp6e62ply5jtxortct85mz20mr51x30ks6yz8nl7t51qusk6msc8re.php?=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rdcode=&fid.1252899642&fid.1&fav.1&uid=&submit=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Server
93.115.38.30 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
cphost07.qhoster.net
Software
LiteSpeed /
Resource Hash
8d984f3e7d67dee9a4b4272d80a24fd4e4f5030ef2fdcc3a68a2168ad6f5b19e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 16:55:27 GMT
Last-Modified
Wed, 21 Nov 2018 10:38:18 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113700
Expires
Mon, 21 Jan 2019 16:55:27 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| PROOF object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| StringRepository boolean| __ConvergedLoginPaginatedStrings function| webpackJsonp

5 Cookies

Domain/Path Name / Value
.live.com/ Name: xidseq
Value: 1
.live.com/ Name: xid
Value: ac963376-651d-4983-9388-7e451a2dff4a&&RD00155D5E85C7&46
.live.com/ Name: E
Value: P:dESZFUF61og=:PqS/6iATbK/IipWRhBO73HpCVtNT0lmaAzep4zhhSOU=:F
.live.com/ Name: wla42
Value:
.live.com/ Name: mkt
Value: en-US