activation.micrasoft-office365.com Open in urlscan Pro
44.193.63.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-...
Effective URL:
https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Submission: On May 07 via manual (May 7th 2024, 9:06:07 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 48 HTTP transactions. The main IP is 44.193.63.141, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is activation.micrasoft-office365.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 19th 2024. Valid for: a year.

This is the only time activation.micrasoft-office365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	185.64.213.245 185.64.213.245	50152 (IMED) (IMED)
38	44.193.63.141 44.193.63.141	14618 (AMAZON-AES) (AMAZON-AES)
48	2

10 185.64.213.245 (United Kingdom)

ASN50152 (IMED, GB)
PTR: intermedia.co.uk

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 44.193.63.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-63-141.compute-1.amazonaws.com

activation.micrasoft-office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	micrasoft-office365.com activation.micrasoft-office365.com	58 KB
10	emailprotection.link url.emailprotection.link — Cisco Umbrella Rank: 141276	399 KB
48	2

	Domain	Requested by
38	activation.micrasoft-office365.com	url.emailprotection.link activation.micrasoft-office365.com
10	url.emailprotection.link	url.emailprotection.link
48	2

This site contains no links.

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust TLS RSA CA G1	`2023-07-10` - `2024-08-09`	a year	crt.sh
mail-delivery-system.com Amazon RSA 2048 M03	`2024-03-19` - `2025-04-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Frame ID: 58B0FC863829A638983B27D8FD46E261
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The page cannot be found

Page URL History Show full URLs

https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWAT... Page URL
https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

457 kB
Transfer

641 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ Page URL
https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 5 KB
3 KB 642ms
68ms Document
text/html 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: d3163c7d850991fdf941ce26c28370dc8b60b97929ac2520ae2d45c2a379fa42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 07 May 2024 21:06:03 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_style.css
url.emailprotection.link/new/css/ 8 KB
2 KB 43ms
42ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/new_style.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-1e80"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_screenshot.js Show response
url.emailprotection.link/new/js/ 1 KB
979 B 114ms
38ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_screenshot.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-574"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK tooltipster.css
url.emailprotection.link/new/css/ 10 KB
3 KB 85ms
42ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/tooltipster.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-2965"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK jquery-1.9.1.js Show response
url.emailprotection.link/new/js/libs/ 142 KB
47 KB 162ms
82ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-23758"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
url.emailprotection.link/new/js/libs/ 17 KB
6 KB 121ms
41ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-43a9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_scanning.js Show response
url.emailprotection.link/new/js/ 947 B
758 B 123ms
41ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_scanning.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-3b3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK scanning_70.gif
url.emailprotection.link/new/images/ 30 KB
30 KB 123ms
83ms Image
image/gif 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/scanning_70.gif
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-78dd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 30941

GET
H/1.1 200
OK notosans-regular.ttf
url.emailprotection.link/new/fonts/ 306 KB
306 KB 41ms
40ms Font
application/octet-stream 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/new/css/new_style.css
Origin: https://url.emailprotection.link
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-4c738"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 313144

GET
H/1.1 200
OK favicon.ico
url.emailprotection.link/new/images/ 77 B
332 B 40ms
40ms Other
image/x-icon 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/images/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: a4726c17da1e23c8afa26371cda377460db886588d02acb168afbc7c85e0ecd0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.emailprotection.link/?b_99DfxpAILPttOseiGpL_b0fc0bTSbTQM4Nt7UDfIv8u92KUELirJ39ZMc2-azahBc6HJwtWATuF_xQpnEerArkJ7wXRt-rxKNaXSde3ekW_u6XbgLtBdG50JU-WlQMZ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 21:06:03 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-4d"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 77

GET
H2 410 Primary Request cea6da098f0a4270 Show response
activation.micrasoft-office365.com/ 2 KB
3 KB 396ms
122ms Document
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

befdc0e88611851b4c53f3e5dc1e190834c29d289e15404b3ffed6d9f6560d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://url.emailprotection.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 21:06:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-us-i-04e567bbd45ed26b3 ; 7ab042967e623923e817fbc8931e097004f737c7
x-permitted-cross-domain-policies: none
x-request-id: 705b7445-4044-4dbc-8e58-e7c2fb383ca7
x-runtime: 0.005270
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
activation.micrasoft-office365.com/assets/ajax/libs/jquery/1.8.0/ 90 KB
33 KB 233ms
232ms Script
application/javascript 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://activation.micrasoft-office365.com/assets/ajax/libs/jquery/1.8.0/jquery.min.js
Requested by: Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-63-141.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 13:01:26 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
activation.micrasoft-office365.com/assets/ 28 KB
7 KB 115ms
115ms Script
application/javascript 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://activation.micrasoft-office365.com/assets/all.js?g=410
Requested by: Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-63-141.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 13:01:26 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 123ms
122ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9fbba4b6-49e6-4216-ac29-7dc02298f3e4
x-runtime: 0.002220
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 122ms
122ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f30b25ea-4314-4019-8722-03ee7ecf9eb7
x-runtime: 0.001945
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 122ms
121ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8bcb2e01-f2d7-4e1e-82c3-95769e39ab05
x-runtime: 0.001724
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

POST
H2 200 browser_post Show response
activation.micrasoft-office365.com/secure/ 0
487 B 122ms
122ms XHR
image/gif 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://activation.micrasoft-office365.com/secure/browser_post

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/assets/ajax/libs/jquery/1.8.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: eadc8fcf-2b60-41f1-931b-dc9c44b7247e
x-runtime: 0.003883
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 125ms
121ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b6b4cc25-9afb-442f-ba71-3a45d0cdd11c
x-runtime: 0.001434
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 125ms
121ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c9cb0ef2-b886-4020-8a0f-5c9d3a039eba
x-runtime: 0.001521
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 126ms
122ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d88d5f91-601a-4d37-920b-e027a287e5ea
x-runtime: 0.001937
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 125ms
121ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e6eb3808-8135-43cb-80c9-298f2d5c2f26
x-runtime: 0.001487
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 235ms
231ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20browser_version%20%3D%20124&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4976c459-b017-4fdd-a349-1ddf4e0862f9
x-runtime: 0.003445
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 230ms
226ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6be5f26a-817c-4069-a2ba-0be4f744aeb1
x-runtime: 0.002246
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 233ms
229ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 140d4949-93ed-455b-91ce-739752f05010
x-runtime: 0.002179
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 230ms
226ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20language%20%3D%20de-DE&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0c17a06c-7d48-435c-bc48-dced4d214310
x-runtime: 0.002179
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 233ms
230ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 44fc604c-de1b-414f-bb59-a9cb4ab08e4d
x-runtime: 0.002296
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 236ms
233ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1c9417a8-0d81-40df-b7a8-b9e2d0392d19
x-runtime: 0.005933
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 231ms
228ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6a70cdd8-a6c8-48bd-a3ff-db4f28b4c1b9
x-runtime: 0.002932
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 232ms
229ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6a831df2-d001-423e-b825-d182f7df0238
x-runtime: 0.002295
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 235ms
232ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f52d4901-8a60-4320-9ad8-fd4e3f5c8f24
x-runtime: 0.003234
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 236ms
233ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 798283ed-4e87-4ac0-84bf-893530422095
x-runtime: 0.003319
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 232ms
229ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 178a56f0-ba94-4aaf-b08c-1b715f363957
x-runtime: 0.002218
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 240ms
238ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: bdc8bd86-dbd2-413b-bb5b-f9e8e2128c14
x-runtime: 0.007493
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
activation.micrasoft-office365.com/ 0
476 B 234ms
232ms Image
image/gif 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/log?id=cea6da098f0a4270&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e7866cdf-4920-4380-a1d7-097fcdbbf114
x-runtime: 0.002629
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 235ms
233ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 088f25f2-5ca2-47f7-a2b3-389914819ec6
x-runtime: 0.002038
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
activation.micrasoft-office365.com/ 0
476 B 236ms
234ms Image
image/gif 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/log?id=cea6da098f0a4270&sev=1&msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27getVersion%27)&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 12c23d24-de37-4fa3-ab5d-87c72921e401
x-runtime: 0.005334
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 236ms
234ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 95afbe85-b3ea-4059-8f8b-3ec973d2a3c0
x-runtime: 0.001200
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
activation.micrasoft-office365.com/ 0
476 B 240ms
238ms Image
image/gif 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/log?id=cea6da098f0a4270&sev=1&msg=deployJava%20is%20not%20defined&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 826e368f-b741-48e2-850f-e07e16aabed6
x-runtime: 0.003214
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 235ms
233ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=java_version%20%3D%20undefined&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4bd55bc7-f535-47ed-8e15-ad1b9e68dd05
x-runtime: 0.002807
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 239ms
237ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20flash%20version&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5f76daea-38ee-4804-b8e1-7197db20e138
x-runtime: 0.001054
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
467 B 239ms
237ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20pdf%20version&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5d4e4eab-7776-4f95-a7fe-9b899e993947
x-runtime: 0.001308
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 239ms
238ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20quicktime%20version&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ef21cd52-3a0f-42d8-b156-8edf2ab4c2f6
x-runtime: 0.002782
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 233ms
232ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20RealPlayer%20version&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fa850607-0036-4503-93aa-fb0264c42101
x-runtime: 0.002033
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 235ms
234ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20Silverlight%20version&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0c03cc56-480d-4f09-b707-16ff95ed44f7
x-runtime: 0.002863
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
465 B 239ms
238ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3b297de9-7a2f-4570-91ea-e01e12ac83f5
x-runtime: 0.001170
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 239ms
238ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=redirect_url%20is%20undefined&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 76ec6709-c621-4978-bc92-a6cc4fcca2f7
x-runtime: 0.001123
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
activation.micrasoft-office365.com/ 0
466 B 122ms
122ms Image
text/html 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://activation.micrasoft-office365.com/trace?id=cea6da098f0a4270&msg=browser_post_successful&correlation_id=undefined

Requested by

Host: activation.micrasoft-office365.com
URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-63-141.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0b26d4a5-6f8f-4db4-b47a-cc69019bd032
x-runtime: 0.001120
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 favicon.ico
activation.micrasoft-office365.com/ 0
160 B 118ms
117ms Other
image/x-icon 44.193.63.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://activation.micrasoft-office365.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.63.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-63-141.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 21:06:06 GMT
last-modified: Thu, 11 Apr 2024 13:01:26 GMT
server: ThreatSim-Web-Server
etag: "6617df26-0"
content-type: image/x-icon
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			activation.micrasoft-office365.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: a6da0f0a42
			activation.micrasoft-office365.com/	1969-12-31 23:59:59	Name: link_clicked_a6da0f0a42 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://activation.micrasoft-office365.com/cea6da098f0a4270?l=35 Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activation.micrasoft-office365.com
url.emailprotection.link
185.64.213.245
44.193.63.141
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
a4726c17da1e23c8afa26371cda377460db886588d02acb168afbc7c85e0ecd0
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
befdc0e88611851b4c53f3e5dc1e190834c29d289e15404b3ffed6d9f6560d55
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
d3163c7d850991fdf941ce26c28370dc8b60b97929ac2520ae2d45c2a379fa42
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

activation.micrasoft-office365.com Open in urlscan Pro 44.193.63.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

457 kBTransfer

641 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

activation.micrasoft-office365.com Open in urlscan Pro
44.193.63.141 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

457 kB
Transfer

641 kB
Size

2
Cookies

48 HTTP transactions
0 data transactions