urlscan.io logo urlscan.io
SecurityTrails logo

login.viewnsecdocnow.pro Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Effective URL: https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission Tags: falconsandbox
Submission: On June 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 50 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is login.viewnsecdocnow.pro.
TLS certificate: Issued by WE1 on June 24th 2024. Valid for: 3 months.
This is the only time login.viewnsecdocnow.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
26 18.154.63.39 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
3 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2606:2800:233... 15133 (EDGECAST)
50 8
1    2606:4700:4400::ac40:99b7 (United States)

ASN13335 (CLOUDFLARENET, US)
purestars.ac-page.com
3    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
26    18.154.63.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-39.dus51.r.cloudfront.net
landing-pages-cdn.app-us1.com
2    2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
login.viewnsecdocnow.pro
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.viewnsecdocnow.pro
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
login.viewnsecdocnow.pro
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
28 app-us1.com
landing-pages-cdn.app-us1.com — Cisco Umbrella Rank: 507404
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 10615
prism.app-us1.com — Cisco Umbrella Rank: 10731
223 KB
12 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1065
350 KB
6 viewnsecdocnow.pro
login.viewnsecdocnow.pro
www.viewnsecdocnow.pro
ywnjb.viewnsecdocnow.pro Failed
30 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
4 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 ac-page.com
purestars.ac-page.com
11 KB
50 6
Domain Requested by
26 landing-pages-cdn.app-us1.com purestars.ac-page.com
12 aadcdn.msftauth.net login.viewnsecdocnow.pro
aadcdn.msftauth.net
5 login.viewnsecdocnow.pro 2 redirects purestars.ac-page.com
aadcdn.msftauth.net
3 fonts.googleapis.com purestars.ac-page.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.viewnsecdocnow.pro 1 redirects
1 diffuser-cdn.app-us1.com purestars.ac-page.com
1 purestars.ac-page.com
0 ywnjb.viewnsecdocnow.pro Failed login.viewnsecdocnow.pro
aadcdn.msftauth.net
50 10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.ac-page.com
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.app-us1.com
Amazon RSA 2048 M02		 2023-11-04 -
2024-12-01		 a year crt.sh
diffuser-cdn.app-us1.com
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh
viewnsecdocnow.pro
WE1		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
prism.app-us1.com
E1		 2024-05-17 -
2024-08-15		 3 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true
Frame ID: 8DF3CC3B52F40DB8FB02C5717465839D
Requests: 49 HTTP requests in this frame

Frame: https://ywnjb.viewnsecdocnow.pro/Me.htm?v=3
Frame ID: 355F9C40126089832340CF1ECB173FA6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://purestars.ac-page.com/xxhsggdfjjdhgws Page URL
  2. https://login.viewnsecdocnow.pro/QvDIOvnx HTTP 302
    https://login.viewnsecdocnow.pro/ HTTP 302
    https://www.viewnsecdocnow.pro/login HTTP 302
    https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
  3. https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paths(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

10
Subdomains

8
IPs

3
Countries

663 kB
Transfer

2058 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://purestars.ac-page.com/xxhsggdfjjdhgws Page URL
  2. https://login.viewnsecdocnow.pro/QvDIOvnx HTTP 302
    https://login.viewnsecdocnow.pro/ HTTP 302
    https://www.viewnsecdocnow.pro/login HTTP 302
    https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0 Page URL
  3. https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://login.viewnsecdocnow.pro/QvDIOvnx HTTP 302
  • https://login.viewnsecdocnow.pro/ HTTP 302
  • https://www.viewnsecdocnow.pro/login HTTP 302
  • https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xxhsggdfjjdhgws
purestars.ac-page.com/ 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
8991151e1b092c33-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 25 Jun 2024 01:11:15 GMT
server
cloudflare
vary
Accept-Encoding
x-envoy-upstream-service-time
42
css2
fonts.googleapis.com/ 		2 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400&display=swap
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jun 2024 01:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jun 2024 01:11:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jun 2024 01:11:15 GMT
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3Aregular%2C600%2C300%2Citalic%2C600italic%2C300
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jun 2024 01:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jun 2024 00:55:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jun 2024 01:11:15 GMT
css
fonts.googleapis.com/ 		13 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2C100%2Citalic%2C700italic%2C100italic
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jun 2024 01:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jun 2024 01:11:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jun 2024 01:11:15 GMT
jquery.min.js
landing-pages-cdn.app-us1.com/vendor/jquery/dist/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/jquery/dist/jquery.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:07 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"cf2fbbf84281d9ecbffb4993203d543b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
vbmPOznMc-xeogIIQIUwLKmGAQY0dq5Pbr_zNxunyncKhUoH2cTo7g==
lodash.min.js
landing-pages-cdn.app-us1.com/vendor/lodash/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/lodash/lodash.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:07 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"9becc40fb1d85d21d0ca38e2f7069511"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
8_NSuKe6KEijF9SoSUE94v74finW1z5Dn5B_f_ocpffwnDfu51Bg-Q==
lz-string.min.js
landing-pages-cdn.app-us1.com/vendor/lz-string/libs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/lz-string/libs/lz-string.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:08 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"109c13d75d0b6fc6440d3e98f803d396"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
fl-fwV0Q-31GcZLp2yNxpRkMyzo2R55OfusjjykirZ6eJ-VsXSjEnQ==
angular.min.js
landing-pages-cdn.app-us1.com/vendor/angular/ 		174 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/angular/angular.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"30eca49917fc1e011ece03721a3b6aaf"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
rnPb4NSAqfSgrw3Nd-_q87U2ABb3QAZvr6omxReN43jyNgawR_f8JA==
URI.min.js
landing-pages-cdn.app-us1.com/vendor/urijs/src/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/urijs/src/URI.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:08 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"1a2b6dfed7c245acdf7d6b14852a7bbf"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
H-YCPvE0fQABj7rtbj4uUrxn5pTEVAXTdCE0s-LnBDD5xXuECEoAqg==
angular-cookies.min.js
landing-pages-cdn.app-us1.com/vendor/angular-cookies/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/angular-cookies/angular-cookies.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"c0a738603474e9999c41324c6077f84a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
t7lJMuXjc7SQJbuHtf189tbCBMccZuNWmTGIaTYOvCPHzAuaNkoSsg==
angular-animate.min.js
landing-pages-cdn.app-us1.com/vendor/angular-animate/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/angular-animate/angular-animate.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"e520dfff5fbc918fd2ffbffec3cbeb42"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
htN34h__ksMnHL05CT2VDEflOKAUDtyjdA5wlVwSBN-gx1ER7ojdkw==
ngStorage.min.js
landing-pages-cdn.app-us1.com/vendor/ngstorage/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/ngstorage/ngStorage.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:08 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"ee45fc1dc996fc2033bc24c058f95fe4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
dXcyk0oktLNJWmFt2_M_dp_3NFlAokh6NrevbYLIQGKYbmKdm_Foyw==
TweenMax.min.js
landing-pages-cdn.app-us1.com/vendor/gsap/src/minified/ 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/vendor/gsap/src/minified/TweenMax.min.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"09d0caa35d95a2a74ad89d97a9326c49"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
HT07LAN5GNkb3O-_pDBOwHpfbpl7ju6tPXCi9eO6THmiI0uB2Rq-tA==
core.js
landing-pages-cdn.app-us1.com/core/ 		107 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/core.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"02636607de7f635fab7a364f4790b0df"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
107
x-amz-cf-id
aRgljKNJkDa9pka7EeKF1P5mV7bK1RjXYQnZys54i9Vws1-M9D7cKA==
services.js
landing-pages-cdn.app-us1.com/core/services/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/services/services.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"299b0c44496fbe859f5cd0fd760947a6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
F6bJOLXIH28LcBzBLmAdkfdb_Wd6ldpI4o-SYaxPb1rhH9jal6HVeQ==
services.modal.js
landing-pages-cdn.app-us1.com/core/services/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/services/services.modal.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"2810b2f344914c2e352a457ba2668edc"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
ojvSEM6ZjkwRc8Kbe5W8jSX6boLmQGUIP4ztZpG-HhUPiU_xsCyz1w==
services.paths.js
landing-pages-cdn.app-us1.com/core/services/ 		786 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/services/services.paths.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"b7fb2741853a4881076ad13e40b1be6a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
786
x-amz-cf-id
ui9ZuieigdS4EPOZ46lELj3bVIQgi19lr4t6JjCgJEJOfzvqyHg7ww==
directives.js
landing-pages-cdn.app-us1.com/core/directives/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/directives/directives.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"0265d74786a928e1909a4c65c047ee20"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
JAONP0z5tSr6NM9uC4Mt4U_rB4YCY8c6SXNPBRpGgR7wKrbTQhk8Nw==
directives.countdown.js
landing-pages-cdn.app-us1.com/core/directives/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/directives/directives.countdown.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"094138b6fc241f838ac9a52d8dc1bdd0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
WjMwNgeNg9UOpu4rL4vyyRuFPy3f7lyTvgk30nVIWBoMsU2j1xPc_w==
directives.parallax.js
landing-pages-cdn.app-us1.com/core/directives/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/directives/directives.parallax.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"2fad7e6f4088b2856e0216446dfe7d9d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
wPfeO1BzUgVlQ2LHrha703wwNj_FiKnc0fXxaZ_ebyXnCtLWOvrRKg==
directives.scratch.js
landing-pages-cdn.app-us1.com/core/directives/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/directives/directives.scratch.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"c24887a8c97859d1a3d887bfea18195b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
O5lVHkx3aLRxwv89Z-bI-6hZpNy4FDueQijqkk98WqBhUDFdRasWew==
directives.background-video.js
landing-pages-cdn.app-us1.com/core/directives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/directives/directives.background-video.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"9f726f859af425cffa86447305269e73"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
xBhNNmMiKy0X5rYjKwYqeJvWO0ThV2lhn4AjaFRVk7qIFSYwRgtINA==
filters.js
landing-pages-cdn.app-us1.com/core/filters/ 		33 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/filters/filters.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"a2a4c06f71db6dbb29883ffe9e69f416"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
33
x-amz-cf-id
16fplwSr4Q5o5tj4cp4Rbmzdmu8g6TdmlVu23lYnK6C4yCelw1QLyQ==
animations.js
landing-pages-cdn.app-us1.com/core/animations/ 		36 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/core/animations/animations.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"ffac4764c657d58c3b46710ad1bc9639"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
36
x-amz-cf-id
MMGwEFd-T5cHr8WVJ90WwxZ1CPaL_4z6SqCmK6pGt2dIUtwKrW04pQ==
analytics.js
landing-pages-cdn.app-us1.com/analytics/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/analytics/analytics.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"442f0930b01e3309902c64f5f4fae3b3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
cEX6XE1xcgtLc0nUxTUrAFG7UCDY9-Rh33WUV1k_cFNzhLfXesYnKg==
app.js
landing-pages-cdn.app-us1.com/app/ 		217 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/app/app.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"8172184a62c591a672567a43e75e9460"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
217
x-amz-cf-id
zuoTMlJapkYyUkgfftDkhtkYZmIyYQDN4IZWZRi0HlJ6BOJtMg9jpg==
app.controllers.js
landing-pages-cdn.app-us1.com/app/ 		183 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/app/app.controllers.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"47cb67bbfd3213ba85b35dbf821c6849"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
183
x-amz-cf-id
h8_QbQCGdOGEFqCZyAeTZdkQDKsZ_Z-k-nK2zAu_R8mF8rht0QZ8VA==
app.config.js
landing-pages-cdn.app-us1.com/app/ 		210 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/app/app.config.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"1c5b705f02880da050cb93b2b84995e2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
210
x-amz-cf-id
CXyculf31XmvbSh31snufjfpTLgTL8x2yccBM5mVBv0B4QPg1IIx_g==
app.templates.js
landing-pages-cdn.app-us1.com/app/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/app/app.templates.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
content-encoding
gzip
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
W/"1103e6c859ac94ff5b1c1c3365ac9d71"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
bJ8fwlYDX-j-NerTV0g2slHl1NsSL5-Y2W1f-uvb3iIGlsXWLyDWyg==
bootstrap.js
landing-pages-cdn.app-us1.com/app/ 		41 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing-pages-cdn.app-us1.com/app/bootstrap.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:17 GMT
via
1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 19:18:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
x-amz-server-side-encryption
AES256
etag
"3fc29d8bd8d4b846ffa201308dfb6403"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
41
x-amz-cf-id
8bVImZNF_nF1OS_jfrk9ydeYSX1W262Q8IbzfA71aJI4WaO6FocjOQ==
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:15 GMT
content-encoding
gzip
via
1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P10
age
193
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 17 Jun 2024 20:11:47 GMT
server
cloudflare
etag
W/"2801030c0114e98ab25cd3dc2ac1149b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
899115234d9f9f29-FRA
x-amz-cf-id
2G4NjPuW8fB8c7AeV0g1yPLtFLQ0E7OBBsqcVZTVyZkfPpFSkw0Elw==
authorize
login.viewnsecdocnow.pro/common/oauth2/v2.0/
Redirect Chain
  • https://login.viewnsecdocnow.pro/QvDIOvnx
  • https://login.viewnsecdocnow.pro/
  • https://www.viewnsecdocnow.pro/login
  • https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scop...
21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0
Requested by
Host: purestars.ac-page.com
URL: https://purestars.ac-page.com/xxhsggdfjjdhgws
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c46260ae991cf2ec707635ef9e2e7f3424d53d30f4801c880de14c1f9e03fa84

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://purestars.ac-page.com/xxhsggdfjjdhgws
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
89911532aa7b9a1b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 01:11:18 GMT
expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
server
cloudflare
vary
Accept-Encoding
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.18348.7 - EUS ProdSlices
x-ms-request-id
808be5a3-7d98-4a9b-b00f-f0280b6fb700
x-ms-srs
1.P

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8991152e49899131-FRA
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 01:11:18 GMT
location
https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dsU0pFbKIwLSM2MoGXY7lNfWrPjHDu9IH2VTg2VUnXZp1s08ALH4grmdHbeTFXylZw3hw%2B1zrLONNNbZAhe%2BcE5riCMjv%2Blj8N6dlE194sLqFEgUgb9cLjiXOzvT0eQ35YMTys2YtWN"}],"group":"cf-nel","max_age":604800}
request-context
appId=
server
cloudflare
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: EC6225F226C8431A94B72B7271DC390D Ref B: BY3EDGE0114 Ref C: 2024-06-25T01:11:17Z
x-ua-compatible
IE=edge,chrome=1
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3Aregular%2C600%2C300%2Citalic%2C600italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://purestars.ac-page.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options
nosniff
age
555452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:53:43 GMT
/
prism.app-us1.com/ 		0
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=92624174&u=https%3A%2F%2Fpurestars.ac-page.com%2Fxxhsggdfjjdhgws
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://purestars.ac-page.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.27
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
104
cf-ray
899115246db718c9-FRA
content-length
0
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Requested by
Host: login.viewnsecdocnow.pro
URL: https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
23804c857c0f312172654571928d8945eb9585b94f6d4be9c59a37eae054c0fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Origin
https://login.viewnsecdocnow.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:19 GMT
content-encoding
gzip
content-md5
PV+8QYbvRbBN6L+LpoYZZw==
age
2238536
x-cache
HIT
content-length
49696
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 22:12:32 GMT
server
ECAcc (frc/4C94)
etag
0x8DC7C3E9BFAA7DE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0ec11523-401e-00f7-5640-b22e7d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.viewnsecdocnow.pro/common/oauth2/v2.0/ 		45 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b07b98c76b0d23c1fa945f7b9b396a187e066b083c94015fd461fbf4e099e4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
899115394de29a1b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 01:11:20 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.18348.7 - SCUS ProdSlices
x-ms-request-id
84f92212-c514-4f34-b205-d17679d5df00
x-ms-srs
1.P
favicon.ico
login.viewnsecdocnow.pro/ 		0
535 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.viewnsecdocnow.pro/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 01:11:19 GMT
referrer-policy
strict-origin-when-cross-origin
x-ms-srs
1.P
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
server
cloudflare
cf-cache-status
BYPASS
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
23eee8a1-7ca2-4c3c-9132-e480ef776400
cache-control
private
cf-ray
899115394de09a1b-FRA
alt-svc
h3=":443"; ma=86400
x-ms-ests-server
2.1.18348.7 - EUS ProdSlices
Me.htm
ywnjb.viewnsecdocnow.pro/ 		0
0
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
Requested by
Host: login.viewnsecdocnow.pro
URL: https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8E) /
Resource Hash
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Origin
https://login.viewnsecdocnow.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
Xt+D0D6ntnvS81Ry5DXRfg==
age
3043264
x-cache
HIT
content-length
20390
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 00:59:03 GMT
server
ECAcc (frc/4C8E)
etag
0x8DC7543615A617D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
20adcbed-001e-005b-2dee-aa1c02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_HynxqeZdtbyHDb4R-n7Odg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		437 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_HynxqeZdtbyHDb4R-n7Odg2.js
Requested by
Host: login.viewnsecdocnow.pro
URL: https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAF) /
Resource Hash
88ae81949d2a30a87f03bb65424966f8d7e43ca03a4a6162788d999e68a7da1c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Origin
https://login.viewnsecdocnow.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
18ZWYPnf6mGxsQRNHmTkcw==
age
1625881
x-cache
HIT
content-length
121711
x-ms-lease-status
unlocked
last-modified
Thu, 30 May 2024 22:52:14 GMT
server
ECAcc (frc/4CAF)
etag
0x8DC80FB2622B37C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ed486ad0-e01e-003d-1cd3-b7a42c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
Requested by
Host: login.viewnsecdocnow.pro
URL: https://login.viewnsecdocnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638548746779038779.YTdhMWE1YTYtZWVlMy00ODMxLWFmYjAtMDExOWZmMGQxOWMwNzZkN2MxOGEtZWFlMC00NmIyLWIyYzktZGI5MWVhYmZlMDMw&ui_locales=de-DE&mkt=de-DE&client-request-id=69f7eeb7-3aba-49d4-ac09-69d66e8c5469&state=dJuLnAbbSBfodD7UXaFbkWp7rfiiUaYNLKi_2Do5YgsHb0Js0FUg6q-xvlz8TzrJUbRSV9_cNbesmsf-g_AIFLR2ZmSjuf4uNJ2BXki8Fh4m41Dok4SLRYKtt6J3OxuTZZkwbj6KAN7v-F0Jb_-dkK_jepfmycjOF3DGr-aQLHMQHZjtQsZr4nH4EHJzMDWMspYzui8FrtyHcELvRyGLpT083qWTaN5a58N5Z4BdIyX-Y1dO3nb7w0whOgJZ5WOWnxLXHQ42khle4WmXerYkpA&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C87) /
Resource Hash
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Origin
https://login.viewnsecdocnow.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
hMQnnlZDgFUCnuSdMmb7Ag==
age
2233022
x-cache
HIT
content-length
17574
x-ms-lease-status
unlocked
last-modified
Wed, 29 May 2024 00:50:38 GMT
server
ECAcc (frc/4C87)
etag
0x8DC7F795BADC172
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6b9f72bd-901e-0032-444d-b22d33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneDs_f2e0f4a029670f10d892.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_HynxqeZdtbyHDb4R-n7Odg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
wegr9xrdYirQ87+FcvY0/A==
age
8026274
x-cache
HIT
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:37 GMT
server
ECAcc (frc/4CFD)
etag
0x8DB5D44A2CEB430
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c08bb2a0-501e-0012-2f9c-7dbc00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_HynxqeZdtbyHDb4R-n7Odg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C84) /
Resource Hash
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
P5ihddUjL2Zb7/wjNS1xdg==
age
7159031
x-cache
HIT
content-length
54318
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:23:30 GMT
server
ECAcc (frc/4C84)
etag
0x8DC4F6D50F3D2E7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0d451fae-201e-00dd-7d80-85b15b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
8026239
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
server
ECAcc (frc/4CBA)
etag
0x8D8731240E548EB
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
debb0496-801e-00bf-299d-7da57d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_HynxqeZdtbyHDb4R-n7Odg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
04e2853193cb2766a21222cbe47e5d76e8e778b700b9dedb12a8a8e805e019b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
xkvSj1l8u2FW9Fo6B7DKkg==
age
1619803
x-cache
HIT
content-length
5528
x-ms-lease-status
unlocked
last-modified
Thu, 30 May 2024 22:52:11 GMT
server
ECAcc (frc/4CFA)
etag
0x8DC80FB247365E6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d2f0fc83-301e-0014-26e1-b7460c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDE) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
8026240
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4CDE)
etag
0x8DB5C3F4982FD30
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
08f58f55-a01e-00e9-639d-7d3c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D04) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
8026139
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4D04)
etag
0x8DB5C3F492F3EE5
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
b6e17d00-601e-00a1-2e9d-7db742000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
8026282
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (frc/4CBF)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
920c4446-a01e-00e9-709c-7d3c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.viewnsecdocnow.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jun 2024 01:11:20 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
8026319
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4C94)
etag
0x8DB5C3F495F4B8C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f2ff5853-201e-0065-619c-7d9f0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
ywnjb.viewnsecdocnow.pro/ Frame 355F 		0
0
truncated
/ Frame 355F 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 355F 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ywnjb.viewnsecdocnow.pro
URL
https://ywnjb.viewnsecdocnow.pro/Me.htm?v=3
Domain
ywnjb.viewnsecdocnow.pro
URL
https://ywnjb.viewnsecdocnow.pro/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528

19 Cookies

Domain/Path Name / Value
.ac-page.com/ Name: __cfruid
Value: 4f9daacd959f044453bada3583e2c64e2c090d56-1719277875
prism.app-us1.com/ Name: prism_92624174
Value: b0e4011c-7aed-4f5c-be8d-ad0c623b3448
.viewnsecdocnow.pro/ Name: tRXB
Value: 212f3e4b86251513224bd3c9ed62d068c9854b8011d71e28ef0d6f378b345db0
login.viewnsecdocnow.pro/ Name: x-ms-gateway-slice
Value: estsfd
login.viewnsecdocnow.pro/ Name: stsservicecookie
Value: estsfd
www.viewnsecdocnow.pro/ Name: OH.DCAffinity
Value: OH-wus
www.viewnsecdocnow.pro/ Name: OH.FLID
Value: 2bf9dcfa-8c2d-4158-9cca-e80fba9b87fa
www.viewnsecdocnow.pro/ Name: .AspNetCore.OpenIdConnect.Nonce.8YzoVA_nkhBXPCUH4ZRx0RIgaqWWfaMTrTQ-xxJocEIie4keDNq5tLGRp1Oxe1fWe_mFF7_U-NPaOBIJ-6W779HDmE1u7KOYYAmzaZyehKawiMHb3LZYo2lFjFS_otWaJDS1cwVV7JD48C3dUlSWDajEGiop1YVPTXUTzrgaIpYgQAHinMNuDgxUyWKDQK9CNqyv-zt5aq3wnzsWfRzX2aJd9Z_wJd3BZIORSCskVYszXiieynwz-Iu-aFEX8kJG
Value: N
www.viewnsecdocnow.pro/ Name: .AspNetCore.Correlation.KEBsDnPxLcHAukQ91eNkV9sF1Mc06EYlhRpnCAHsnKA
Value: N
.viewnsecdocnow.pro/ Name: MUID
Value: 168828174B9367C310513CBE4ADF660C
.login.viewnsecdocnow.pro/ Name: esctx-J3gHdVqI3sU
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYugDfp2nuLPNJts9Pds3VVlg5gbKBf5o4HAEgFt_7Is36gPjwzWK79pdnWH25euw-cmGfEbcoDAVcRIkmDOEE3WnTQt1t6en6sfbtcKZHbfWAsLVB8GGZ0oqRuNeQtHPvEVHJuSWgB6mkiv8w8SFNbCAA
.login.viewnsecdocnow.pro/ Name: AADSSO
Value: NA|NoExtension
login.viewnsecdocnow.pro/ Name: SSOCOOKIEPULLED
Value: 1
login.viewnsecdocnow.pro/ Name: buid
Value: 0.AVoAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYuJFlGd4bTlzQ9_X47WyjafUoR8zffLXG1dJ0rm9T-xwJ3Z3C0v4uEdRb39zRBy2j2xxC8RdnA8eV97XcRk-VqnOB20eqgLKo79PDSgKSTmYgAA
.login.viewnsecdocnow.pro/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY_aQn4hYoo47pij2jC9fBVyBLJb2b90LBiOTDQPZxmWD6Li5GguYiXCM3spgyUA7LHXgx7btbKzLQmLaGUJ0ftHEDaNVLemxv_FMVd6iGtHO_n19x-bGJp3xxvCqoALETCQSkxKTHo8IOx2RT9kb8lnFtveReYvHETiuG7_ntu5UgAA
.login.viewnsecdocnow.pro/ Name: esctx-W6Tj25TiZU
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYF_6gUkuKS1NXorbN3GHopX6Z3O2nVdTq__8TmmGGDioaFCt_hW1_cJEzkjDEHABe5vxtKPAZoTKf-6crp2Kye_HdKwDjuXRUmKF9Dpf27xIHk-Ws4OJn3nPD0-T7y466ZoBPPC8-pKRwo5TNm9XlAiAA
login.viewnsecdocnow.pro/ Name: fpc
Value: AlRI_7AvHpZGhg_E9Lkz1xG8Ae7AAQAAADcQDN4OAAAA
login.viewnsecdocnow.pro/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 93511184-4db0-4251-99aa-45c81198ccf6
.login.viewnsecdocnow.pro/ Name: brcap
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://login.viewnsecdocnow.pro/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ywnjb.viewnsecdocnow.pro/Me.htm?v=3
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528.js(Line 13)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://ywnjb.viewnsecdocnow.pro') does not match the recipient window's origin ('null').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
landing-pages-cdn.app-us1.com
login.viewnsecdocnow.pro
prism.app-us1.com
purestars.ac-page.com
www.viewnsecdocnow.pro
ywnjb.viewnsecdocnow.pro
ywnjb.viewnsecdocnow.pro
18.154.63.39
188.114.96.3
188.114.97.3
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::ac40:99b7
2606:4700::6812:80d8
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a06:98c1:3121::3
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
04e2853193cb2766a21222cbe47e5d76e8e778b700b9dedb12a8a8e805e019b9
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
23804c857c0f312172654571928d8945eb9585b94f6d4be9c59a37eae054c0fd
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
53b07b98c76b0d23c1fa945f7b9b396a187e066b083c94015fd461fbf4e099e4
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
88ae81949d2a30a87f03bb65424966f8d7e43ca03a4a6162788d999e68a7da1c
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c46260ae991cf2ec707635ef9e2e7f3424d53d30f4801c880de14c1f9e03fa84
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2