urlscan.io logo urlscan.io
SecurityTrails logo

cottonsllps.com Open in urlscan Pro
167.88.36.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turnkeyinterior.org.user-os.co/
Effective URL: https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVud...
Submission: On July 29 via automatic, source openphish — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 167.88.36.216, located in Canada and belongs to . The main domain is cottonsllps.com.
TLS certificate: Issued by R11 on July 16th 2024. Valid for: 3 months.
This is the only time cottonsllps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 179.43.170.230 ()
4 8 167.88.36.216 ()
1 20.190.159.68 ()
6 4
Apex Domain
Subdomains		 Transfer
7 cottonsllps.com
cottonsllps.com
65 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 37
1 server02939.com
server02939.com
593 B
1 user-os.co
turnkeyinterior.org.user-os.co
661 B
6 4
Domain Requested by
7 cottonsllps.com 3 redirects turnkeyinterior.org.user-os.co
cottonsllps.com
1 login.live.com cottonsllps.com
1 server02939.com 1 redirects
1 turnkeyinterior.org.user-os.co
6 4

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.turnkeyinterior.org
R10		 2024-07-20 -
2024-10-18		 3 months crt.sh
cottonsllps.com
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
Frame ID: D548D5283B8BF1C0F7D63617BDC410F7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://turnkeyinterior.org.user-os.co/ HTTP 307
    https://turnkeyinterior.org.user-os.co/ Page URL
  2. https://server02939.com/?fmuzrlbo HTTP 302
    https://cottonsllps.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2NvdHRvbn... HTTP 302
    https://cottonsllps.com/ HTTP 301
    https://cottonsllps.com/owa/ HTTP 302
    https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvY... Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

57 kB
Transfer

427 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turnkeyinterior.org.user-os.co/ HTTP 307
    https://turnkeyinterior.org.user-os.co/ Page URL
  2. https://server02939.com/?fmuzrlbo HTTP 302
    https://cottonsllps.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2NvdHRvbnNsbHBzLmNvbS8iLCJkb21haW4iOiJjb3R0b25zbGxwcy5jb20iLCJrZXkiOiJGUVZiNHp2VDFYS2kiLCJxcmMiOm51bGwsImlhdCI6MTcyMjI2MjA4MiwiZXhwIjoxNzIyMjYyMjAyfQ.-VH1rcl1z8GiPycqz-t2Y18nbtbKDIXYSmayyOvanQ4 HTTP 302
    https://cottonsllps.com/ HTTP 301
    https://cottonsllps.com/owa/ HTTP 302
    https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://turnkeyinterior.org.user-os.co/ HTTP 307
  • https://turnkeyinterior.org.user-os.co/

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
turnkeyinterior.org.user-os.co/
Redirect Chain
  • http://turnkeyinterior.org.user-os.co/
  • https://turnkeyinterior.org.user-os.co/
921 B
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://turnkeyinterior.org.user-os.co/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
179.43.170.230 Zurich, Switzerland, ASN (),
Reverse DNS
hostedby.privatelayer.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jul 2024 14:07:50 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

Location
https://turnkeyinterior.org.user-os.co/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
cottonsllps.com/
Redirect Chain
  • https://server02939.com/?fmuzrlbo
  • https://cottonsllps.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2NvdHRvbnNsbHBzLmNvbS8iLCJkb21haW4iOiJjb3R0b25zbGxwcy5jb20iLCJrZXkiOiJGUVZiNHp2VDFYS2kiLCJxcmMiOm51bGwsIml...
  • https://cottonsllps.com/
  • https://cottonsllps.com/owa/
  • https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dH...
38 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
Requested by
Host: turnkeyinterior.org.user-os.co
URL: https://turnkeyinterior.org.user-os.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.88.36.216 , Canada, ASN (),
Reverse DNS
srv561668.hstgr.cloud
Software
/
Resource Hash
f9166f4cc1b0cbff4cde58788a11940ece0cbb97fc8f23c68c1c024c56b28338
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://turnkeyinterior.org.user-os.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jul 2024 14:08:05 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
39201
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.18565.7 - WUS3 ProdSlices
x-ms-request-id
3d7b397a-b82d-402a-8b8b-f0941f160b00
x-ms-srs
1.P

Redirect headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Connection
close
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jul 2024 14:08:03 GMT
Location
https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
PH7PR19MB6589
X-BackEnd-Begin
2024-07-29T14:08:04.138
X-BackEnd-End
2024-07-29T14:08:04.138
X-BackEndHttpStatus
302, 302
X-BeSku
WCS7
X-CalculatedBETarget
PH7PR19MB6589.namprd19.prod.outlook.com
X-CalculatedFETarget
PH7PR13CU001.internal.outlook.com
X-DiagInfo
PH7PR19MB6589
X-FEEFZInfo
MNZ
X-FEProxyInfo
MN2PR19CA0051.NAMPRD19.PROD.OUTLOOK.COM
X-FEServer
PH7PR13CA0021, MN2PR19CA0051
X-FirstHopCafeEFZ
MNZ
X-OWA-DiagnosticsInfo
3;0;0;
X-Proxy-BackendServerStatus
302
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedDbCopy
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-UA-Compatible
IE=EmulateIE7
content-length
1279
request-id
cbe36043-7fc4-2019-f881-d827f0951dae
truncated
/ 		341 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: cottonsllps.com
URL: https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cottonsllps.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
cottonsllps.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ 		111 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cottonsllps.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: cottonsllps.com
URL: https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.88.36.216 , Canada, ASN (),
Reverse DNS
srv561668.hstgr.cloud
Software
ECAcc (bsb/27D9) /
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Mon, 29 Jul 2024 14:08:09 GMT
Content-Encoding
gzip
Content-MD5
SJgdPPV+fFjKfj6FHvk1Tg==
Age
2136484
X-Cache
HIT
Connection
close
Content-Length
20414
x-ms-lease-status
unlocked
Last-Modified
Wed, 03 Jul 2024 21:49:46 GMT
Server
ECAcc (bsb/27D9)
Etag
0x8DC9BAA0E5931F9
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
e5715840-601e-00e5-1852-cec85b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
cottonsllps.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cottonsllps.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
Requested by
Host: cottonsllps.com
URL: https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.88.36.216 , Canada, ASN (),
Reverse DNS
srv561668.hstgr.cloud
Software
/
Resource Hash

Request headers

Referer
https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:08:09 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
689017
Content-Type
application/x-javascript
ux.converged.login.strings-de.min_mwkrjugjbdtxzv3fly3p-q2.js
cottonsllps.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cottonsllps.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_mwkrjugjbdtxzv3fly3p-q2.js
Requested by
Host: cottonsllps.com
URL: https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.88.36.216 , Canada, ASN (),
Reverse DNS
srv561668.hstgr.cloud
Software
ECAcc (bsb/27D9) /
Resource Hash
c3726f297fa7bfbf444de4a62e7d9ac0adc4ba0b816018e43fc85ad609663260
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer
https://cottonsllps.com/?acpdby8y7=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9Y2JlMzYwNDMtN2ZjNC0yMDE5LWY4ODEtZDgyN2YwOTUxZGFlJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODU3ODU4ODg0MTM4OTQ5My5jM2ZlYWIyMi03ZmU0LTQ3OWEtOGU0Mi01NWY0NzJkNGY4NzEmc3RhdGU9RGNzN0ZvQXdDQUJCb3NfallBd2ZJY2VKR2xwTHJ5X0ZiTGNGQU5hMHBISmt3RTUyTlZkM2w4YmVwZk4tYzh4eEVhSEZGQlRyQTMwS29XcUkwU1BoMWtxLVczMl9VWDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Mon, 29 Jul 2024 14:08:10 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-MD5
Y8SvVEogqeFfSAEP7MnyIw==
Age
2248858
X-Cache
HIT
Connection
close
content-length
61977
x-ms-lease-status
unlocked
Last-Modified
Wed, 19 Jun 2024 01:49:16 GMT
Server
ECAcc (bsb/27D9)
Etag
0x8DC9002075E9742
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
95d39eed-701e-0010-444c-cdea04000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| c object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

16 Cookies

Domain/Path Name / Value
server02939.com/ Name: qPdM
Value: FQVb4zvT1XKi
server02939.com/ Name: qPdM.sig
Value: o8RBa_PuXdC1Tnj54rPxF6dBVYg
cottonsllps.com/ Name: qPdM
Value: FQVb4zvT1XKi
cottonsllps.com/ Name: qPdM.sig
Value: o8RBa_PuXdC1Tnj54rPxF6dBVYg
cottonsllps.com/ Name: ClientId
Value: 44B0F208434246EE903BCFE5FF306F54
cottonsllps.com/ Name: OIDC
Value: 1
cottonsllps.com/ Name: OpenIdConnect.nonce.v3.qdYXrnxIpyj7KEIwc0fahDs7bmytORDNXlh1AEmyaKY
Value: 638578588841389493.c3feab22-7fe4-479a-8e42-55f472d4f871
cottonsllps.com/ Name: X-OWA-RedirectHistory
Value: ArLym14Bta0P3dev3Ag
cottonsllps.com/ Name: buid
Value: 0.AXUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYhjRfhoDGCFCtBQHDMxclbM6QKaMAG85mOmZsbnHxmTA08UnqpGQGgYKA0RegLWzQ0VxUnzEJecXZlHPTuwtt7g960dA49EiOWTjXKlJ_d_EgAA
.cottonsllps.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYGBycXUEUHm2PNmv7b8tT2l3s6yExlkophFaiZng2I-Fak-P3eMXeVirNjRKGWKloEfhT5lI3D7b1QU-q7O7X7spfbdnoqmLQq46ozV1xIvlaclFHq3dvG7VbGA8as1hf5PqZ68lXdPt997pryPzD45NfcIx_wDA3HyUGpdtAbYogAA
.cottonsllps.com/ Name: esctx-lbnfQCnKlM
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYzByMWHPQehVnjoEhPQl2XXj4ZBCVYMlEGwA0BPubhCqNPLUPRhtpWWB4gqZZfk3UagvWlzqNzIvqHl1dwUHhoAdHlJ8DTTOHT37ydp-nPEC0ENDcRAr1ZmuMdhnVzFLmwsHNubc9-hjLgz41_HVG8CAA
cottonsllps.com/ Name: fpc
Value: Am6YiK61S2ZCjVLrQH_8JEierOTJAQAAAEaZOd4OAAAA
cottonsllps.com/ Name: x-ms-gateway-slice
Value: estsfd
cottonsllps.com/ Name: stsservicecookie
Value: estsfd
.login.live.com/ Name: uaid
Value: e8cd0f6a42104545b3d4208e9e1a5f9f
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1722262090&co=1