manulifeam-login.lvdtbtkhpgb.click Open in urlscan Pro
137.184.127.24 Malicious Activity! Private Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%26source%3Dcaz%26cd%3...
Effective URL:
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On February 27 via api (February 27th 2024, 8:34:43 am UTC) from DE — Scanned from ES

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 15 domains to perform 31 HTTP transactions. The main IP is 137.184.127.24, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is manulifeam-login.lvdtbtkhpgb.click.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.

This is the only time manulifeam-login.lvdtbtkhpgb.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sharepoint (Online) Microsoft (Consumer) OneDrive (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 3	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
3 3	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1 1	104.20.139.65 104.20.139.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.67.53 104.21.67.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.213.212 172.67.213.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
9 21	137.184.127.24 137.184.127.24	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.161 152.199.19.161	15133 (EDGECAST) (EDGECAST)
2	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.107.213.45 13.107.213.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.15.59.226 185.15.59.226	14907 (WIKIMEDIA) (WIKIMEDIA)
5	185.15.59.224 185.15.59.224	14907 (WIKIMEDIA) (WIKIMEDIA)
1	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	10

3 216.58.212.131 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.227 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.139.65 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.67.53 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tzvu8fqqp.qhilrswrxr.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.213.212 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tzvu8fqqp.qhilrswrxr.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.164 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 137.184.127.24 (Santa Clara, United States) 9 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

vmmojuh.lvdtbtkhpgb.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manulifeam-login.microsoftonline.lvdtbtkhpgb.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.lvdtbtkhpgb.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manulifeam-www.lvdtbtkhpgb.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manulifeam-login.lvdtbtkhpgb.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.161 (United States)

ASN15133 (EDGECAST, US)

spoppe-b.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logincdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.59.226 (United States) 2 redirects

ASN14907 (WIKIMEDIA, US)
PTR: ncredir-lb.esams.wikimedia.org

wikipedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.15.59.224 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: text-lb.esams.wikimedia.org

www.wikipedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	lvdtbtkhpgb.click 9 redirects vmmojuh.lvdtbtkhpgb.click manulifeam-login.microsoftonline.lvdtbtkhpgb.click login.lvdtbtkhpgb.click manulifeam-www.lvdtbtkhpgb.click manulifeam-login.lvdtbtkhpgb.click	247 KB
5	wikipedia.org www.wikipedia.org — Cisco Umbrella Rank: 11908	46 KB
5	google.ae 5 redirects google.ae — Cisco Umbrella Rank: 33079 www.google.ae — Cisco Umbrella Rank: 33944	5 KB
4	google.es 4 redirects www.google.es — Cisco Umbrella Rank: 23215 google.es — Cisco Umbrella Rank: 21024	3 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2859	50 KB
2	wikipedia.com 2 redirects wikipedia.com — Cisco Umbrella Rank: 136710	277 B
2	msauth.net logincdn.msauth.net — Cisco Umbrella Rank: 3724 aadcdn.msauth.net — Cisco Umbrella Rank: 893	2 KB
2	microsoftonline-p.com secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 14951	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	162 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	2 KB
2	qhilrswrxr.shop 2 redirects tzvu8fqqp.qhilrswrxr.shop	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	7 KB
1	azureedge.net spoppe-b.azureedge.net — Cisco Umbrella Rank: 6797	1 KB
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 18784	831 B
31	15

	Domain	Requested by
16	manulifeam-login.microsoftonline.lvdtbtkhpgb.click	5 redirects manulifeam-login.microsoftonline.lvdtbtkhpgb.click code.jquery.com
5	www.wikipedia.org	manulifeam-login.microsoftonline.lvdtbtkhpgb.click www.wikipedia.org
3	www.google.ae	3 redirects
3	www.google.es	3 redirects
2	wikipedia.com	2 redirects
2	secure.aadcdn.microsoftonline-p.com	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
2	code.jquery.com	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
2	maxcdn.bootstrapcdn.com	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
2	fonts.googleapis.com	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
2	vmmojuh.lvdtbtkhpgb.click	2 redirects
2	www.google.com	2 redirects
2	tzvu8fqqp.qhilrswrxr.shop	2 redirects
2	google.ae	2 redirects
1	manulifeam-login.lvdtbtkhpgb.click	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
1	manulifeam-www.lvdtbtkhpgb.click	1 redirects
1	login.lvdtbtkhpgb.click	1 redirects
1	aadcdn.msauth.net	manulifeam-login.microsoftonline.lvdtbtkhpgb.click manulifeam-login.lvdtbtkhpgb.click
1	logincdn.msauth.net	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
1	stackpath.bootstrapcdn.com	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
1	cdnjs.cloudflare.com	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
1	spoppe-b.azureedge.net	manulifeam-login.microsoftonline.lvdtbtkhpgb.click
1	tinyurl.com	1 redirects
1	google.es	1 redirects
31	23

This site contains no links.

Subject Issuer	Validity	Valid
lvdtbtkhpgb.click R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-01-30` - `2025-01-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
secure.aadcdn.microsoftonline-p.com Microsoft Azure RSA TLS Issuing CA 04	`2023-12-05` - `2024-11-29`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03	`2024-01-17` - `2025-01-11`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-01-29` - `2025-01-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638446196818621877.ZjVlMGFmYmMtYjJkYy00MWMxLWIwMGUtYWMxNDZhMmE3NjQ3MDdiZjUyZjgtZjI2ZC00N2ZiLThhOTYtMjcwZDlkNTAyYTYz&ui_locales=es-ES&mkt=es-ES&client-request-id=9dbe073c-c8f8-4fd3-a423-4d38005b81e0&state=QGO2lvU6U519NGg3tYSz0Q4u0xD7mG8m32ubuekA41S8223yhySASkZmvlvf0QYs8ODOHb9sCSdkRdKh-3wkPJkI_dr6maeHfHvNCysOqV0K-KQ3KLnNsAEBUSCRBenbiBrG_gvm2fBk4bV_JRBx4amHe2RqUUpr80AIxVeio-uNmzdFLB09RHcUB92KFuvCgq-i_YvBbDuHY7ImtLVjGVOAzKH0MDASn8FCB0nov89Ww_Dp0VCVosUVTovKPYVO-hm_71FwEWGVjQ6E73WQ7A&x-client-SKU=ID_NET6_0&x-client-ver=7.2.0.0
Frame ID: 3352BD84C23531320E1BB0E30E6AD3BD
Requests: 22 HTTP requests in this frame

Frame: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Frame ID: AD041F7B304147195FAD357CBA9E224B
Requests: 8 HTTP requests in this frame

Frame: https://www.wikipedia.org/
Frame ID: 22B82FE77ED5A8C817913DC859AA2DBC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%2... HTTP 302
https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQ... HTTP 301
https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQ... HTTP 302
https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
http://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
https://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://tinyurl.com/zjxb6szs HTTP 307
https://tinyurl.com/zjxb6szs HTTP 301
https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da... HTTP 302
http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b1... HTTP 302
http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a Page URL
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/rp/basel_kirmani@manulifeam.com HTTP 301
https://login.lvdtbtkhpgb.click/ HTTP 302
https://manulifeam-www.lvdtbtkhpgb.click/login HTTP 302
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

10
IPs

2
Countries

519 kB
Transfer

1220 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%26source%3Dcaz%26cd%3DHMZN%26cad%3DkYZs85%26ved%3DVJiceebXfwQbNW%26uact%3D246%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%257A%256A%2578%2562%2536%2573%257A%2573%26opi%3D6739163743380%26usg%3DekmYVJ39E85DXT&source=gmail&ust=1709106742570000&usg=AOvVaw06f-jLUS9CyZ_d3ESyt0_u HTTP 302
https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%7A%6A%78%62%36%73%7A%73&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 301
https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2Fzjxb6szs&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 302
https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
http://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
https://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://tinyurl.com/zjxb6szs HTTP 307
https://tinyurl.com/zjxb6szs HTTP 301
https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a Page URL
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/rp/basel_kirmani@manulifeam.com HTTP 301
https://login.lvdtbtkhpgb.click/ HTTP 302
https://manulifeam-www.lvdtbtkhpgb.click/login HTTP 302
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638446196818621877.ZjVlMGFmYmMtYjJkYy00MWMxLWIwMGUtYWMxNDZhMmE3NjQ3MDdiZjUyZjgtZjI2ZC00N2ZiLThhOTYtMjcwZDlkNTAyYTYz&ui_locales=es-ES&mkt=es-ES&client-request-id=9dbe073c-c8f8-4fd3-a423-4d38005b81e0&state=QGO2lvU6U519NGg3tYSz0Q4u0xD7mG8m32ubuekA41S8223yhySASkZmvlvf0QYs8ODOHb9sCSdkRdKh-3wkPJkI_dr6maeHfHvNCysOqV0K-KQ3KLnNsAEBUSCRBenbiBrG_gvm2fBk4bV_JRBx4amHe2RqUUpr80AIxVeio-uNmzdFLB09RHcUB92KFuvCgq-i_YvBbDuHY7ImtLVjGVOAzKH0MDASn8FCB0nov89Ww_Dp0VCVosUVTovKPYVO-hm_71FwEWGVjQ6E73WQ7A&x-client-SKU=ID_NET6_0&x-client-ver=7.2.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%26source%3Dcaz%26cd%3DHMZN%26cad%3DkYZs85%26ved%3DVJiceebXfwQbNW%26uact%3D246%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%257A%256A%2578%2562%2536%2573%257A%2573%26opi%3D6739163743380%26usg%3DekmYVJ39E85DXT&source=gmail&ust=1709106742570000&usg=AOvVaw06f-jLUS9CyZ_d3ESyt0_u HTTP 302
https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%7A%6A%78%62%36%73%7A%73&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 301
https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2Fzjxb6szs&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 302
https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
http://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
https://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://tinyurl.com/zjxb6szs HTTP 307
https://tinyurl.com/zjxb6szs HTTP 301
https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a

Request Chain 14

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click//Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true HTTP 301
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true

Request Chain 24

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/Sign%20in%20to%20your%20account_files/prefetch(1).html HTTP 301
https://wikipedia.com/ HTTP 301
https://www.wikipedia.org/

Request Chain 27

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg HTTP 301
https://wikipedia.com/ HTTP 301
https://www.wikipedia.org/

31 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

65da079163e77c1b2211937a Show response
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/
Redirect Chain

https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%26source%3Dcaz%26cd%3DHMZN%26cad%3DkYZs85%26ved%3DVJiceebXfwQbNW%26uact%3D246%26url%3D%2561%256D%257...
https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6...
https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2Fzjxb6szs&opi=6739163743380&usg=ekmYVJ39E...
https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs
http://google.ae/amp/tinyurl.com/zjxb6szs
http://www.google.ae/amp/tinyurl.com/zjxb6szs
https://www.google.ae/amp/tinyurl.com/zjxb6szs
http://tinyurl.com/zjxb6szs
https://tinyurl.com/zjxb6szs
https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq
https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq
http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq
https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq
https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a

59 KB
59 KB

1272ms
483ms

Document
text/html

137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: df23366e64df78ae0a6c6d46d94490107074b8f08450da606abd01a44814d696

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Content-Type: text/html
Date: Tue, 27 Feb 2024 08:34:32 GMT
Transfer-Encoding: chunked
Vary: Origin

Redirect headers

Content-Length: 167
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Feb 2024 08:34:31 GMT
Location: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 776ms
201ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 08:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 07:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 08:34:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 0
2 KB 753ms
201ms Other
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 08:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 07:04:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 08:34:33 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
21 KB 679ms
165ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Origin: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:34:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 946
cdn-cachedat: 02/05/2024 11:29:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"450fc463b8b1a349df717056fbb3e078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 672a42c78fee0dca6844eb1ae194dbee
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 85bf16df0bfd8669-MAD
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf5916e86bb18875db4e12ee5e799cce7b23bc1cd1ad721fb65d3879de629bec

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 825de044d5ac6442a094ff95099f9f67e9249a8110a2fbd57128285776632adb

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 docx.png
spoppe-b.azureedge.net/files/fabric-cdn-prod_20211104.001/assets/item-types/32_2x/ 975 B
1 KB 772ms
156ms Image
image/png 152.199.19.161
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoppe-b.azureedge.net/files/fabric-cdn-prod_20211104.001/assets/item-types/32_2x/docx.png
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mdr/6737) /
Resource Hash: c98a51021441557bc974e25392d183705fbf3347345aa7e5adc7cae3ded0165a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Feb 2024 08:34:33 GMT
content-md5: bz9a6CCeQGty0fVxe1rznA==
age: 3624233
x-cache: HIT
content-length: 975
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 18:04:16 GMT
server: ECAcc (mdr/6737)
etag: 0x8D99FBD8407CB66
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d09b19e3-001e-0038-3e61-488f1f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 jquery-3.4.1.js Show response
code.jquery.com/ 274 KB
81 KB 615ms
104ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.js
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Origin: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:34:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6474394
x-cache: HIT, HIT
content-length: 82889
x-served-by: cache-lga21923-LGA, cache-mad2200117-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709022874.630047,VS0,VE0
etag: W/"28feccc0-4472c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10888, 12413

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 721ms
202ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Origin: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 574813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RHMfTibjzOoFQ3nqoPzoTuvlAuAbWv3U65rxckJiLKGZdg%2FsvjqIBW9lGCHIpx72yLeohpEQ8zx%2F8ztmaEo7k3qJZmDgHbVI2R235qIO1tuYuBCqEny474iZpLWWPRCJDeINv3l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85bf16e0a8935ceb-MAD
expires: Sun, 16 Feb 2025 08:34:33 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 461ms
150ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Origin: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:34:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 951
cdn-cachedat: 10/31/2023 19:43:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5cb64a583fa3421db402179fc385b77e
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 85bf16df0c018669-MAD
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 722ms
203ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:34:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1073
age: 7695159
cdn-cachedat: 11/13/2023 20:28:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 92a82806c792f7ecc3c3d43f8ffdb0e7
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 85bf16e0aaa42192-MAD
cdn-requestpullsuccess: True

GET
H/1.1 200
OK script.js Show response
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/ 23 KB
24 KB 269ms
269ms Script
text/javascript 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/script.js
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 076adb70dec01ca99ad6325565ffdaabd47a3213e3224c26faa1d01100af9d31

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:33 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:18 GMT
Accept-Ranges: bytes
Content-Length: 23881
Vary: Origin
Content-Type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29b7a9358abdc68c51db5a5af4a4f4e2e041a67527adee2366b1f84f116fe9a5

Request headers

Referer
Origin: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK mac-chrome.css
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/ 7 KB
7 KB 396ms
396ms Stylesheet
text/css 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/mac-chrome.css
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 5d0992782b6d45c3153c0f4d096c48bba6a0fa8acf9f617dec1d04f15af96fb8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:33 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:18 GMT
Accept-Ranges: bytes
Content-Length: 6883
Vary: Origin
Content-Type: text/css; charset=utf-8

GET
H/1.1

200
OK

65da079163e77c1b2211937a Show response
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/ Frame AD04
Redirect Chain

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click//Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true

146 KB
146 KB

888ms
516ms

Document
text/html

137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 395ac2049c0bede9ee7d4f58915c52104cb338ec2544483a8afd923dc0a2a2fa

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Content-Type: text/html
Date: Tue, 27 Feb 2024 08:34:35 GMT
Transfer-Encoding: chunked
Vary: Origin

Redirect headers

Content-Length: 0
Date: Tue, 27 Feb 2024 08:34:34 GMT
Location: /Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Vary: Origin

GET
H/1.1 200
OK ssl.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ 563 B
751 B 1753ms
467ms Image
image/svg+xml 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ssl.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 94b9d1f65f9e2a5f7a3f5a77730182b91fbfc81a03228d28985e6d566c181ee4

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:35 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:29 GMT
Accept-Ranges: bytes
Content-Length: 563
Vary: Origin
Content-Type: image/svg+xml

GET
H/1.1 200
OK close.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ 720 B
908 B 1753ms
466ms Image
image/svg+xml 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/close.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b19808e35d2be36afee40661f06cc879b5d80e45929c75f1d6a852bb21143f72

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:35 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:29 GMT
Accept-Ranges: bytes
Content-Length: 720
Vary: Origin
Content-Type: image/svg+xml

GET
H/1.1 200
OK arrow-right.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ 1023 B
1 KB 1572ms
284ms Image
image/svg+xml 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/arrow-right.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: f237f435eb554271638068a47f5cc80ebae8ac4140a2a1c7e226c489e67fb0a9

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:35 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:29 GMT
Accept-Ranges: bytes
Content-Length: 1023
Vary: Origin
Content-Type: image/svg+xml

GET
H/1.1 200
OK cookies.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ 2 KB
2 KB 1753ms
462ms Image
image/svg+xml 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/cookies.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 86fd50197d175e54a0a41cfde6dca8061e60a9f4fdae4d2a1b88235b82e29666

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:35 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:29 GMT
Accept-Ranges: bytes
Content-Length: 1567
Vary: Origin
Content-Type: image/svg+xml

GET
H/1.1 200
OK settings.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ 1 KB
1 KB 1751ms
460ms Image
image/svg+xml 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/settings.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 314253e27fd3392df6c58f38e27abcabcd178ea709fdb738cda64708141dc105

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:35 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:29 GMT
Accept-Ranges: bytes
Content-Length: 1040
Vary: Origin
Content-Type: image/svg+xml

GET
H/1.1 200
OK new-tab.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ 468 B
656 B 1025ms
371ms Image
image/svg+xml 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/new-tab.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: d4b2aac3bcfbd9aa265d5640347ca941ed220ca43d067029dc078112e746cc9a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 08:34:34 GMT
Last-Modified: Mon, 26 Feb 2024 19:56:29 GMT
Accept-Ranges: bytes
Content-Length: 468
Vary: Origin
Content-Type: image/svg+xml

GET
H2 200 jquery-3.4.1.js Show response
code.jquery.com/ Frame AD04 274 KB
81 KB 112ms
112ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.js
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Origin: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:34:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6474395
x-cache: HIT, HIT
content-length: 82889
x-served-by: cache-lga21923-LGA, cache-mad2200117-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709022875.430104,VS0,VE0
etag: W/"28feccc0-4472c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10888, 12414

GET
H2 200 microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame AD04 4 KB
2 KB 941ms
199ms Image
image/svg+xml 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Feb 2024 08:34:36 GMT
content-encoding: gzip
last-modified: Sat, 18 May 2019 23:35:05 GMT
x-azure-ref-originshield: 0Hr7cZQAAAAAJHi6GQ7MvTrnrqh36dvdxRlJBMjMxMDUwNDE4MDI5ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
etag: 0x8D6DBE974E70D87
x-azure-ref: 0nJ7dZQAAAABpUuiP5Ad9TIg0LBADjvz/TVJTMjExMDUwNjE4MDMzADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
x-cache: TCP_HIT
content-type: image/svg+xml
x-ms-request-id: ea440475-b01e-00f9-258a-659299000000
cache-control: public, max-age=604800
x-ms-version: 2009-09-19
content-length: 1435

GET
H2 200 arrow_left.svg
logincdn.msauth.net/16.000.28345.6/images/ Frame AD04 513 B
929 B 941ms
191ms Image
image/svg+xml 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msauth.net/16.000.28345.6/images/arrow_left.svg?x=a9cc2824ef3517b6c4160dcf8ff7d410
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Feb 2024 08:34:36 GMT
content-encoding: gzip
x-azure-ref-originshield: 0vZ7UZQAAAACO4OjKpLO5T5wCpTS4FqRJRlJBMjMxMDUwNDE4MDUzAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5: TjUQkZ0p0Y7rbj6LJofS9Q==
x-cache: TCP_HIT
content-length: 276
x-ms-lease-status: unlocked
last-modified: Sat, 28 Sep 2019 22:14:32 GMT
etag: 0x8D744613D267E7F
x-azure-ref: 0nJ7dZQAAAAA4E7XzffYbSYHOp2MxAg+ZTVJTMjExMDUwNjE4MDE3AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2581e12c-201e-0020-7bfa-6374ad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2

200

/ Show response
www.wikipedia.org/ Frame 22B8
Redirect Chain

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/Sign%20in%20to%20your%20account_files/prefetch(1).html
https://wikipedia.com/
https://www.wikipedia.org/

76 KB
19 KB

947ms
255ms

Document
text/html

185.15.59.224
WIKIMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wikipedia.org/

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.15.59.224 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

text-lb.esams.wikimedia.org

Software

mw1420.eqiad.wmnet /

Resource Hash

7a659e3b9a835c1585742ae9f3544481528ca7c7a9ec6cf93470f14d6291d9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 37916
cache-control: s-maxage=86400, must-revalidate, max-age=3600
content-encoding: gzip
content-length: 18750
content-type: text/html
date: Mon, 26 Feb 2024 22:02:41 GMT
etag: W/"13131-61131e943850f"
last-modified: Mon, 12 Feb 2024 16:38:44 GMT
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
server: mw1420.eqiad.wmnet
server-timing: cache;desc="hit-front", host;desc="cp3072"
strict-transport-security: max-age=106384710; includeSubDomains; preload
vary: Accept-Encoding
x-cache: cp3072 miss, cp3072 hit/441434
x-cache-status: hit-front
x-client-ip: 31.222.115.179

Redirect headers

content-length: 169
content-type: text/html
date: Tue, 27 Feb 2024 08:34:36 GMT
location: https://www.wikipedia.org/
server: nginx/1.22.1
strict-transport-security: max-age=106384710; includeSubDomains; preload

GET
H2 200 documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
aadcdn.msauth.net/shared/1.0/content/images/ Frame AD04 2 KB
1 KB 886ms
150ms Image
image/svg+xml 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Feb 2024 08:34:35 GMT
content-encoding: gzip
x-azure-ref-originshield: 0vZ7UZQAAAABAjLvWVqjCRZqE6jgjHFmcRlJBMjMxMDUwNDE3MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: 6dTbAT1RVL9d6geobv3IJg==
x-cache: TCP_HIT
content-length: 606
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
etag: 0x8D79B837336B35C
x-azure-ref: 0nJ7dZQAAAACajidwLkUuQYJfuWNggTYZTVJTMjExMDUwNjE4MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c26f3a3f-901e-001f-4b10-60dca3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame AD04 915 B
752 B 761ms
191ms Image
image/svg+xml 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Feb 2024 08:34:36 GMT
content-encoding: gzip
last-modified: Sat, 18 May 2019 23:34:22 GMT
x-azure-ref-originshield: 0vZ7UZQAAAACVc18UxAgrT5CVros9NmxNRlJBMjMxMDUwNDE3MDQ3ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5: HMwsHhNXdtrfirQDkzcqMA==
etag: 0x8D6DBE95B21CFF5
x-azure-ref: 0nJ7dZQAAAABw5BjojeBLT5i4FXCttTHeTVJTMjExMDUwNjE4MDMzADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
x-cache: TCP_HIT
content-type: image/svg+xml
x-ms-request-id: 0f4dedc6-001e-00a1-09fa-634ac6000000
cache-control: public, max-age=604800
x-ms-version: 2009-09-19
content-length: 263

GET
H2

200

/
www.wikipedia.org/ Frame AD04
Redirect Chain

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
https://wikipedia.com/
https://www.wikipedia.org/

0
0

882ms
190ms

Image
text/html

185.15.59.224
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wikipedia.org/
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: H2
Server: 185.15.59.224 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS: text-lb.esams.wikimedia.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

location: https://www.wikipedia.org/
date: Tue, 27 Feb 2024 08:34:36 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
server: nginx/1.22.1
content-length: 169
content-type: text/html

POST
H/1.1 405
Method Not Allowed 65da079163e77c1b2211937a Show response
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/ Frame AD04 0
177 B 283ms
282ms XHR
text/plain 137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
X-Requested-With: XMLHttpRequest
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 27 Feb 2024 08:34:36 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin

GET
H2 200 Wikipedia-logo-v2.png
www.wikipedia.org/portal/wikipedia.org/assets/img/ Frame 22B8 15 KB
17 KB 126ms
125ms Image
image/png 185.15.59.224
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wikipedia.org/portal/wikipedia.org/assets/img/Wikipedia-logo-v2.png

Requested by

Host: www.wikipedia.org
URL: https://www.wikipedia.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.15.59.224 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

text-lb.esams.wikimedia.org

Software

mw1432.eqiad.wmnet /

Resource Hash

75038605ff9e35cc393e0ed8200069601c889100607cde67d2af68b9eb88e5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wikipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:02:41 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 37916
x-cache-status: hit-front
x-cache: cp3072 miss, cp3072 hit/21485
server-timing: cache;desc="hit-front", host;desc="cp3072"
content-length: 15829
x-client-ip: 31.222.115.179
last-modified: Wed, 29 Nov 2023 14:11:57 GMT
server: mw1432.eqiad.wmnet
etag: "3dd5-60b4b1e375574"
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=86400
accept-ranges: bytes
expires: Tue, 25 Feb 2025 22:02:41 GMT

GET
H2 200 index-24c3e2ca18.js Show response
www.wikipedia.org/portal/wikipedia.org/assets/js/ Frame 22B8 22 KB
9 KB 155ms
154ms Script
application/javascript 185.15.59.224
WIKIMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wikipedia.org/portal/wikipedia.org/assets/js/index-24c3e2ca18.js

Requested by

Host: www.wikipedia.org
URL: https://www.wikipedia.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.15.59.224 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

text-lb.esams.wikimedia.org

Software

mw1411.eqiad.wmnet /

Resource Hash

833e4f5e3cebfe70b9687cf08afd5a3f47f1ef8ccf15013c573149954f08c7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wikipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:02:41 GMT
content-encoding: gzip
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 37916
x-cache-status: hit-front
x-cache: cp3072 miss, cp3072 hit/34053
server-timing: cache;desc="hit-front", host;desc="cp3072"
content-length: 7884
x-client-ip: 31.222.115.179
last-modified: Mon, 12 Feb 2024 16:38:44 GMT
server: mw1411.eqiad.wmnet
etag: W/"562b-61131e943562f"
vary: Accept-Encoding
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=86400
accept-ranges: bytes

GET
H2 200 gt-ie9-ce3fe8e88d.js Show response
www.wikipedia.org/portal/wikipedia.org/assets/js/ Frame 22B8 614 B
2 KB 156ms
155ms Script
application/javascript 185.15.59.224
WIKIMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wikipedia.org/portal/wikipedia.org/assets/js/gt-ie9-ce3fe8e88d.js

Requested by

Host: www.wikipedia.org
URL: https://www.wikipedia.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.15.59.224 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

text-lb.esams.wikimedia.org

Software

mw1411.eqiad.wmnet /

Resource Hash

fe51e51e5890cf5c1ec7a55bb137460d8d906c00ad60b3e1e686910cd93db59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wikipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:02:41 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 37916
x-cache-status: hit-front
x-cache: cp3072 miss, cp3072 hit/34298
server-timing: cache;desc="hit-front", host;desc="cp3072"
content-length: 614
x-client-ip: 31.222.115.179
last-modified: Wed, 29 Nov 2023 14:11:57 GMT
server: mw1411.eqiad.wmnet
etag: "266-60b4b1e375574"
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=86400
accept-ranges: bytes

GET
H/1.1

200
OK

Primary Request authorize
manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/
Redirect Chain

https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/rp/basel_kirmani@manulifeam.com
https://login.lvdtbtkhpgb.click/
https://manulifeam-www.lvdtbtkhpgb.click/login
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=cod...

21 KB
0

1382ms
388ms

Document
text/html

137.184.127.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638446196818621877.ZjVlMGFmYmMtYjJkYy00MWMxLWIwMGUtYWMxNDZhMmE3NjQ3MDdiZjUyZjgtZjI2ZC00N2ZiLThhOTYtMjcwZDlkNTAyYTYz&ui_locales=es-ES&mkt=es-ES&client-request-id=9dbe073c-c8f8-4fd3-a423-4d38005b81e0&state=QGO2lvU6U519NGg3tYSz0Q4u0xD7mG8m32ubuekA41S8223yhySASkZmvlvf0QYs8ODOHb9sCSdkRdKh-3wkPJkI_dr6maeHfHvNCysOqV0K-KQ3KLnNsAEBUSCRBenbiBrG_gvm2fBk4bV_JRBx4amHe2RqUUpr80AIxVeio-uNmzdFLB09RHcUB92KFuvCgq-i_YvBbDuHY7ImtLVjGVOAzKH0MDASn8FCB0nov89Ww_Dp0VCVosUVTovKPYVO-hm_71FwEWGVjQ6E73WQ7A&x-client-SKU=ID_NET6_0&x-client-ver=7.2.0.0
Requested by: Host: manulifeam-login.microsoftonline.lvdtbtkhpgb.click
URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.127.24 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8926
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Feb 2024 08:34:42 GMT
Expires: -1
Nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
Vary: Origin Accept-Encoding
X-Ms-Clitelem: 1,50168,0,,
X-Ms-Ests-Server: 2.1.17396.8 - SCUS ProdSlices
X-Ms-Request-Id: ef08041d-c794-451d-9f1e-815887292b00

Redirect headers

Content-Encoding: gzip
Content-Length: 28
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Feb 2024 08:34:41 GMT
Location: https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638446196818621877.ZjVlMGFmYmMtYjJkYy00MWMxLWIwMGUtYWMxNDZhMmE3NjQ3MDdiZjUyZjgtZjI2ZC00N2ZiLThhOTYtMjcwZDlkNTAyYTYz&ui_locales=es-ES&mkt=es-ES&client-request-id=9dbe073c-c8f8-4fd3-a423-4d38005b81e0&state=QGO2lvU6U519NGg3tYSz0Q4u0xD7mG8m32ubuekA41S8223yhySASkZmvlvf0QYs8ODOHb9sCSdkRdKh-3wkPJkI_dr6maeHfHvNCysOqV0K-KQ3KLnNsAEBUSCRBenbiBrG_gvm2fBk4bV_JRBx4amHe2RqUUpr80AIxVeio-uNmzdFLB09RHcUB92KFuvCgq-i_YvBbDuHY7ImtLVjGVOAzKH0MDASn8FCB0nov89Ww_Dp0VCVosUVTovKPYVO-hm_71FwEWGVjQ6E73WQ7A&x-client-SKU=ID_NET6_0&x-client-ver=7.2.0.0
Referrer-Policy: strict-origin-when-cross-origin
Request-Context: appId=
Vary: Origin Accept-Encoding
X-Cache: CONFIG_NOCACHE
X-Msedge-Ref: Ref A: 33D34B1BC0184FF487AC9B09E641B195 Ref B: BY3EDGE0407 Ref C: 2024-02-27T08:34:41Z
X-Ua-Compatible: IE=edge,chrome=1

GET BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sharepoint (Online) Microsoft (Consumer) OneDrive (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.es/	1970-01-21 04:13:29	Name: __Secure-ENID Value: 17.SE=RvgeS0RXL4WEx1jhxhDF80jJWNuNnkv6rfAmeM6FCcyFdqfoYRzhFybH1gELdb1CjzbTNlv7vjENmbnXw33pUsOZeGHYQjmOno5hoB1dVE0IIeGrZZqNmXiDiiwR7zIIUMTTAoFguan2XBwdimQt0noYt3C7lQy2j64FhvCWZXZXlzo
.google.ae/	1970-01-21 04:13:29	Name: __Secure-ENID Value: 17.SE=ZOs4vTI6HI-fDwAufQOBuLZOKHFUsJ3ZLQ7nqlQAKI5qvyxZyyAzlD4UhCCSHlEMCjlq0XAn3BBDbaybhJoGYSZI1IYt5d7JKunCUCsIvZ_w9AS9fNRJqK0KMTsaT0YP-saqLobV0vtaVxyNOzLtk7GUYTi6028DI8teON9MWKH7rKc
.tinyurl.com/	1970-01-20 18:43:44	Name: __cf_bm Value: 9TVspl5tjekKtm7MOTr1dPPavVUKbe0TYeotUNcZt2A-1709022861-1.0-AZngI1ENB3u0rKCKh8zPyqOM6ZOC9U1yk++P8zgF21vDidGgNmS4t75K73QnLXNE+CyVn6AtMXTcErJXEhjO3Xk=
.google.com/	1970-01-21 04:13:29	Name: __Secure-ENID Value: 17.SE=ubwWfgJWnR5JwfM0iwFXcq-e9Ff9Ww2xEpzK2S9WVbGxSfbY4SI-sGQ-dvIogE5vSl9ccsfQaVdxNs5S9A6ywmEolbBe5J5Er0quzBzhsCtYDWmVm8LFdDZRyyXwdMzRxos8N6CzX_dEWpHQZ_quFIaCaiLwHadoXOy2kj2BNBU

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network	error	URL: https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true Message: Failed to load resource: the server responded with a status of 405 (Method Not Allowed)
security	error	URL: https://www.wikipedia.org/(Line 117) Message: Blocked autofocusing on a <input> element in a cross-origin subframe.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
google.ae
google.es
login.lvdtbtkhpgb.click
logincdn.msauth.net
manulifeam-login.lvdtbtkhpgb.click
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
manulifeam-www.lvdtbtkhpgb.click
maxcdn.bootstrapcdn.com
secure.aadcdn.microsoftonline-p.com
spoppe-b.azureedge.net
stackpath.bootstrapcdn.com
tinyurl.com
tzvu8fqqp.qhilrswrxr.shop
vmmojuh.lvdtbtkhpgb.click
wikipedia.com
www.google.ae
www.google.com
www.google.es
www.wikipedia.org
aadcdn.msauth.net
104.17.25.14
104.18.10.207
104.20.139.65
104.21.67.53
13.107.213.45
13.107.246.45
137.184.127.24
142.250.181.227
142.250.186.164
142.250.186.35
142.250.186.67
151.101.2.137
152.199.19.161
172.217.16.202
172.67.213.212
185.15.59.224
185.15.59.226
216.58.212.131
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
076adb70dec01ca99ad6325565ffdaabd47a3213e3224c26faa1d01100af9d31
29b7a9358abdc68c51db5a5af4a4f4e2e041a67527adee2366b1f84f116fe9a5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
314253e27fd3392df6c58f38e27abcabcd178ea709fdb738cda64708141dc105
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
395ac2049c0bede9ee7d4f58915c52104cb338ec2544483a8afd923dc0a2a2fa
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5d0992782b6d45c3153c0f4d096c48bba6a0fa8acf9f617dec1d04f15af96fb8
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
75038605ff9e35cc393e0ed8200069601c889100607cde67d2af68b9eb88e5d4
7a659e3b9a835c1585742ae9f3544481528ca7c7a9ec6cf93470f14d6291d9c8
825de044d5ac6442a094ff95099f9f67e9249a8110a2fbd57128285776632adb
833e4f5e3cebfe70b9687cf08afd5a3f47f1ef8ccf15013c573149954f08c7d8
86fd50197d175e54a0a41cfde6dca8061e60a9f4fdae4d2a1b88235b82e29666
94b9d1f65f9e2a5f7a3f5a77730182b91fbfc81a03228d28985e6d566c181ee4
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
b19808e35d2be36afee40661f06cc879b5d80e45929c75f1d6a852bb21143f72
b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e
c98a51021441557bc974e25392d183705fbf3347345aa7e5adc7cae3ded0165a
cf5916e86bb18875db4e12ee5e799cce7b23bc1cd1ad721fb65d3879de629bec
d4b2aac3bcfbd9aa265d5640347ca941ed220ca43d067029dc078112e746cc9a
df23366e64df78ae0a6c6d46d94490107074b8f08450da606abd01a44814d696
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f237f435eb554271638068a47f5cc80ebae8ac4140a2a1c7e226c489e67fb0a9
fe51e51e5890cf5c1ec7a55bb137460d8d906c00ad60b3e1e686910cd93db59c

manulifeam-login.lvdtbtkhpgb.click Open in urlscan Pro 137.184.127.24 Malicious Activity! Private Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

94 %HTTPS

0 %IPv6

15 Domains

23 Subdomains

10 IPs

2 Countries

519 kBTransfer

1220 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

manulifeam-login.lvdtbtkhpgb.click Open in urlscan Pro
137.184.127.24 Malicious Activity! Private Scan

Screenshot
Live screenshot

Full Image

31
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

10
IPs

2
Countries

519 kB
Transfer

1220 kB
Size

4
Cookies

31 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!