urlscan.io logo urlscan.io
SecurityTrails logo

m9uea9da7jahiitgywwwkq.on.drv.tw Open in urlscan Pro
47.251.69.173  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Effective URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Submission: On April 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 26 HTTP transactions. The main IP is 47.251.69.173, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is m9uea9da7jahiitgywwwkq.on.drv.tw.
TLS certificate: Issued by R3 on March 5th 2024. Valid for: 3 months.
This is the only time m9uea9da7jahiitgywwwkq.on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 3 47.251.69.173 45102 (ALIBABA-C...)
2 104.18.11.207 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2620:1ec:46::40 8075 (MICROSOFT...)
1 144.76.109.178 24940 (HETZNER-AS)
1 20.75.109.112 8075 (MICROSOFT...)
1 2603:1037:1:1... 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.163.139 ()
26 15
3    47.251.69.173 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
m9uea9da7jahiitgywwwkq.on.drv.tw
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.aadcdn.microsoftonline-p.com
aadcdn.msauth.net
1    144.76.109.178 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.109.76.144.clients.your-server.de
www.freeiconspng.com
1    20.75.109.112 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.drv.tw
1    2603:1037:1:128::7 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
3    2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.251.163.139 (None, )

ASN- ()
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
4 drv.tw
m9uea9da7jahiitgywwwkq.on.drv.tw
www.drv.tw
15 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
241 KB
3 microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 15106
3 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1126
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2959
41 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
408 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 159
314 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
13 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 836
278 KB
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
1 freeiconspng.com
www.freeiconspng.com — Cisco Umbrella Rank: 147898
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 372
30 KB
26 12
Domain Requested by
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.drv.tw
www.googletagmanager.com
3 secure.aadcdn.microsoftonline-p.com m9uea9da7jahiitgywwwkq.on.drv.tw
3 m9uea9da7jahiitgywwwkq.on.drv.tw 1 redirects
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 cdnjs.cloudflare.com m9uea9da7jahiitgywwwkq.on.drv.tw
2 maxcdn.bootstrapcdn.com m9uea9da7jahiitgywwwkq.on.drv.tw
1 aadcdn.msauth.net m9uea9da7jahiitgywwwkq.on.drv.tw
1 login.microsoftonline.com m9uea9da7jahiitgywwwkq.on.drv.tw
1 www.drv.tw m9uea9da7jahiitgywwwkq.on.drv.tw
1 www.freeiconspng.com m9uea9da7jahiitgywwwkq.on.drv.tw
1 ajax.googleapis.com m9uea9da7jahiitgywwwkq.on.drv.tw
1 stackpath.bootstrapcdn.com m9uea9da7jahiitgywwwkq.on.drv.tw
26 14

This site contains no links.

Subject Issuer Validity Valid
drv.tw
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-02-27 -
2025-02-21		 a year crt.sh
freeiconspng.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-12 -
2025-03-13		 a year crt.sh
www.drv.tw
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-12-18 -
2024-06-18		 6 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-04-04 -
2025-04-04		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Frame ID: 3556B4FC616E1AB49CD47BD5624FCA2A
Requests: 26 HTTP requests in this frame

Frame: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: 4AC3F1E989939DEFE3392692C6C28F41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html HTTP 307
    https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html HTTP 307
    http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html HTTP 307
    https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

652 kB
Transfer

1384 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html HTTP 307
    https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html HTTP 307
    http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html HTTP 307
    https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request work.html
m9uea9da7jahiitgywwwkq.on.drv.tw/web/
Redirect Chain
  • http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
  • https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
  • http://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
  • https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.251.69.173 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2133d092cfe94a82016370c591c61a81ccdc5ec8bcda93eec51d0c7c2cc3f39a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, s-maxage=43200, max-age=43200
content-encoding
gzip
content-type
text/html
date
Sun, 07 Apr 2024 13:39:51 GMT
last-modified
Fri, 20 Dec 2019 14:33:16 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Origin, Sec-Fetch-Mode, X-Requested-Wtih Accept-Encoding
x-cache
BYPASS

Redirect headers

Cache-Control
public, s-maxage=604800, max-age=604800
Connection
keep-alive
Content-Type
text/html
Date
Sun, 07 Apr 2024 13:39:50 GMT
Location
https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Upgrade-Insecure-Requests
X-Cache
BYPASS
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
878
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
304669
cdn-cachedat
03/18/2024 12:53:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ac39d90c2754ca7274d2981f8c10ec32
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
870a6d18ee578daf-MIA
cdn-requestpullsuccess
True
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
226846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynJzgk6yuDUAVEHTYNxGNP1U9Ha9PpYJ9r1QzaowA4o54L2sB8MCkmu9Mh8ab7he3%2B3vqu%2FLcgNRHu%2BTj3Wga7PYVaAv7YY20p3QLHgiztquSnOGaHRKPDxSANXEOUd4kW287cKE"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
870a6d18b90131d2-MIA
expires
Fri, 28 Mar 2025 13:39:51 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
876
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
231114
cdn-cachedat
03/18/2024 12:59:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4bddc0b069625a1966c4f6a766b995a2
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
870a6d18ee287481-MIA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 08:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 08:11:40 GMT
picker_account_aad.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_account_aad.png
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3ec79086c71191b0dbc128b397d1a27d132bd2b658667bc4229b53cbcb20b05

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 07 Apr 2024 13:39:51 GMT
last-modified
Sat, 18 May 2019 14:25:33 GMT
etag
0x8D6DB9CB015AF6E
x-azure-ref
20240407T133951Z-178b9d4b695jplmn2f44s9skf800000007pg00000000b1d7
x-cache
TCP_HIT
content-type
image/png
x-ms-request-id
60f52e33-c01e-0065-3ee6-883fff000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
50755578
x-cache-info
L1_T2
accept-ranges
bytes
content-length
1082
picker_more.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/ 		192 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_more.png
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b8e9869c33c1086478e807f8537b155c84660c631c830d6a83d83accfd1ed18

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 07 Apr 2024 13:39:51 GMT
last-modified
Sat, 18 May 2019 14:25:45 GMT
etag
0x8D6DB9CB71AE498
x-azure-ref
20240407T133951Z-178b9d4b695jplmn2f44s9skf800000007pg00000000b1d6
x-cache
TCP_HIT
content-type
image/png
x-ms-request-id
36185969-b01e-008b-46e6-8895d6000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
50755578
x-cache-info
L1_T2
accept-ranges
bytes
content-length
192
picker_account_add.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/ 		222 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_account_add.svg
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
50755578
content-length
184
x-ms-lease-status
unlocked
last-modified
Sat, 18 May 2019 14:25:49 GMT
etag
0x8D6DB9CB965E890
x-azure-ref
20240407T133951Z-178b9d4b695jplmn2f44s9skf800000007pg00000000b1d5
content-type
image/svg+xml
x-ms-request-id
2cc42267-801e-0016-55e6-88676c000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
success-icon-10.png
www.freeiconspng.com/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freeiconspng.com/uploads/success-icon-10.png
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.109.178 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.109.76.144.clients.your-server.de
Software
nginx /
Resource Hash
43d7977e40842a30573239834df28dcd59fd7f8f95ab44a48e9fd5d008e99f54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:52 GMT
last-modified
Tue, 14 Mar 2017 23:16:07 GMT
server
nginx
etag
"2488-54ab903389bc0"
content-type
image/png
cache-control
max-age=3600, no-cache, must-revalidate
accept-ranges
bytes
content-length
9352
expires
Sun, 07 Apr 2024 14:39:52 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
Origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1401745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6458
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9qPUOI6KwW2zA08ib8h3v%2FmFvLiuqIya625Qq0QxcL76K2DbmpYbQrQRZwDZMrSpiuQO0hSp%2BvpaGhath%2FfWg69CEpyQa%2B%2FLJ0yHzCTqa2l%2BwjQPedUBQIhycVkvtkXK9kEw1VQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
870a6d18cca58d9c-MIA
expires
Fri, 28 Mar 2025 13:39:51 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
Origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
876
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:42:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
52cf3daca775bca068d469b26e5c34ac
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
870a6d18fa1ea4d3-MIA
cdn-requestpullsuccess
True
wd.js
www.drv.tw/inc/ 		690 B
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drv.tw/inc/wd.js?s=m9uea9da7jahiitgywwwkq
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.109.112 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:51 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 20 Feb 2024 14:16:48 GMT
x-content-type-options
nosniff
etag
"76615853"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
logout.srf
login.microsoftonline.com/ Frame 4AC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1037:1:128::7 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
11132
Content-Type
text/html; charset=utf-8
Date
Sun, 07 Apr 2024 13:39:51 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.17750.6 - EUS ProdSlices
x-ms-request-id
9ab93520-9abb-4751-90b6-dd939d13aa00
x-ms-srs
1.P
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92d065b3e29a2f6634ca7e88841a02d0954d99cf5746fa343b0cc25020e91487

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
aadcdn.msauth.net/ests/2.1/content/images/backgrounds/ 		277 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
Requested by
Host: m9uea9da7jahiitgywwwkq.on.drv.tw
URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Apr 2024 13:39:52 GMT
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
0
content-length
283351
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:26:29 GMT
etag
0x8D6410178E329F6
x-azure-ref
20240407T133952Z-178b9d4b695s4n8x32unggey2g00000007r0000000008a68
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
772b371d-c01e-003e-72f1-886692000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		142 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: www.drv.tw
URL: https://www.drv.tw/inc/wd.js?s=m9uea9da7jahiitgywwwkq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1d2dbfba50fac3c8efe5a2f5e35e09e10fa99d67b2b1c9636084e85ca6c094d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
55605
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Apr 2024 13:39:52 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d10ac8378207c4b9c0b32d00d63bb091feb054d0e712dcf9d4e8ecd4f5b4e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87967
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Apr 2024 13:39:52 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
458175bb629eb742fbd2d2fae2a90c8fcc6b050171c2558cd304b8d75ad18707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102701
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Apr 2024 13:39:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Apr 2024 12:27:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4339
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Apr 2024 14:27:33 GMT
collect
www.google-analytics.com/g/ 		0
184 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NBGQJBJMEG&gtm=45je4430za200&_p=1712497192398&gcd=13l3l3l3l1&npa=0&dma=0&cid=672130719.1712497193&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1712497192&sct=1&seg=0&dl=https%3A%2F%2Fm9uea9da7jahiitgywwwkq.on.drv.tw%2Fweb%2Fwork.html&dt=login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=9317
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 13:39:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je4430v898224655za200&_p=1712497192398&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=672130719.1712497193&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1712497192&sct=1&seg=0&dl=https%3A%2F%2Fm9uea9da7jahiitgywwwkq.on.drv.tw%2Fweb%2Fwork.html&dt=login&en=page_view&_fv=1&_ss=1&tfd=9359
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 13:39:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LHL0SH0Z7S&cid=672130719.1712497193&gtm=45je4430v898224655za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 13:39:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1622486687&t=pageview&_s=1&dl=https%3A%2F%2Fm9uea9da7jahiitgywwwkq.on.drv.tw%2Fweb%2Fwork.html&ul=en-us&de=UTF-8&dt=login&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=580913439&gjid=104824712&cid=672130719.1712497193&tid=UA-85417367-1&_gid=1164734917.1712497193&_r=1&gtm=457e4430za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1491720066
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 13:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
m9uea9da7jahiitgywwwkq.on.drv.tw/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m9uea9da7jahiitgywwwkq.on.drv.tw/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.251.69.173 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ab04ea00add135d1972e76d4ca04beb8e497bf72554c2ab074ec4470cf81d319

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:39:53 GMT
cache-control
public, s-maxage=604800, max-age=604800
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html
collect
stats.g.doubleclick.net/j/ 		1 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85417367-1&cid=672130719.1712497193&jid=580913439&gjid=104824712&_gid=1164734917.1712497193&_u=YADAAUAAAAAAACAAI~&z=1478759929
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 07 Apr 2024 13:39:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je4430v898224655za200&_p=1712497192398&gcd=13l3l3l3l1&npa=0&dma=0&cid=672130719.1712497193&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1712497192&sct=1&seg=0&dl=https%3A%2F%2Fm9uea9da7jahiitgywwwkq.on.drv.tw%2Fweb%2Fwork.html&dt=login&en=scroll&epn.percent_scrolled=90&_et=9&up.d2w_sid=m9uea9da7jahiitgywwwkq&tfd=14371
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 13:39:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NBGQJBJMEG&gtm=45je4430za200&_p=1712497192398&gcd=13l3l3l3l1&npa=0&dma=0&cid=672130719.1712497193&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1712497192&sct=1&seg=0&dl=https%3A%2F%2Fm9uea9da7jahiitgywwwkq.on.drv.tw%2Fweb%2Fwork.html&dt=login&en=scroll&epn.percent_scrolled=90&_et=75&up.d2w_sid=m9uea9da7jahiitgywwwkq&tfd=14393
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://m9uea9da7jahiitgywwwkq.on.drv.tw/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 13:39:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m9uea9da7jahiitgywwwkq.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| Popper string| hash function| sendmails function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

17 Cookies

Domain/Path Name / Value
m9uea9da7jahiitgywwwkq.on.drv.tw/ Name: uid
Value: rBI/+2YSoiZh3W1QJwAxAg==
.login.microsoftonline.com/ Name: SignInStateCookie
Value: CAgABFgIAAADnfolhJpSnRYB1SVj-Hgd8AgDs_wUA9P9sQBqIWiMmMhsIStHssonl48SMjNBt78kepuOmFN9ZVvX6y5hB2Org_tgI3Ld15CYHLqSUbLFz3Q
login.microsoftonline.com/ Name: ESTSSSOTILES
Value: 1
login.microsoftonline.com/ Name: AADSSOTILES
Value: 1
.login.microsoftonline.com/ Name: ESTSAUTHPERSISTENT
Value: AgABFwQAAADnfolhJpSnRYB1SVj-Hgd8AgDs_wUA9P84AivvkN8zWS6bNMPziVxY9oK4TpciGjFY8x1s-qZ2BFExIQRGpaCWi5kVTjpgvdKAXScwKidfDQ
.login.microsoftonline.com/ Name: ESTSAUTH
Value: AgABFwQAAADnfolhJpSnRYB1SVj-Hgd8AgDs_wUA9P9SkNq2NJvl1m_ULSI8JqLO5ASzhOQd4rKMbtFIVMUbEW5ld65TLEJ6HWcRCbjDk2nUFF8xrD-5aQ
login.microsoftonline.com/ Name: ESTSAUTHLIGHT
Value: +
login.microsoftonline.com/ Name: buid
Value: AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vtrm-yn1JeRDby5K6eE69Dp25LMMHYLAeXwwaflwpb-d57aNyv4v6tnBS7jnKBKcy7m6sSDYjqE3Ag1V49fY2HI3xB8LEH51NV9d5IRhG1cgAA
login.microsoftonline.com/ Name: fpc
Value: AqBJ5YDjMqxIsi4yrkE5Xf0
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8bBXVNGDaj_1vYEvpWW4KGHdxQZJna84RIWBwBQVzPL7j8-qiu_lzCeLNVKYRjk87mgMFTI6byvJeo1UnbA48EYliHMuu90ojKhA5AldqNyRRUfcX0RIBVuKkEIRpkPDSZgtkZaF0UA_OjKdr3cyWwh459TMZGllNjqe2Xk8gSNggAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.drv.tw/ Name: _ga_LHL0SH0Z7S
Value: GS1.1.1712497192.1.0.1712497192.60.0.0
.drv.tw/ Name: _ga
Value: GA1.2.672130719.1712497193
.drv.tw/ Name: _gid
Value: GA1.2.1164734917.1712497193
.drv.tw/ Name: _gat_gtag_UA_85417367_1
Value: 1
.drv.tw/ Name: _ga_NBGQJBJMEG
Value: GS1.1.1712497192.1.0.1712497192.0.0.0

13 Console Messages

Source Level URL
Text
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html(Line 454)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/web/work.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://m9uea9da7jahiitgywwwkq.on.drv.tw/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
ajax.googleapis.com
analytics.google.com
cdnjs.cloudflare.com
login.microsoftonline.com
m9uea9da7jahiitgywwwkq.on.drv.tw
maxcdn.bootstrapcdn.com
secure.aadcdn.microsoftonline-p.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.drv.tw
www.freeiconspng.com
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
104.18.10.207
104.18.11.207
142.251.163.139
144.76.109.178
20.75.109.112
2001:4860:4802:32::181
2603:1037:1:128::7
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::61
2607:f8b0:4004:c19::9b
2607:f8b0:4004:c1b::8b
2620:1ec:46::40
47.251.69.173
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b8e9869c33c1086478e807f8537b155c84660c631c830d6a83d83accfd1ed18
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
2133d092cfe94a82016370c591c61a81ccdc5ec8bcda93eec51d0c7c2cc3f39a
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
43d7977e40842a30573239834df28dcd59fd7f8f95ab44a48e9fd5d008e99f54
458175bb629eb742fbd2d2fae2a90c8fcc6b050171c2558cd304b8d75ad18707
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d10ac8378207c4b9c0b32d00d63bb091feb054d0e712dcf9d4e8ecd4f5b4e04
749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
92d065b3e29a2f6634ca7e88841a02d0954d99cf5746fa343b0cc25020e91487
a3ec79086c71191b0dbc128b397d1a27d132bd2b658667bc4229b53cbcb20b05
ab04ea00add135d1972e76d4ca04beb8e497bf72554c2ab074ec4470cf81d319
d1d2dbfba50fac3c8efe5a2f5e35e09e10fa99d67b2b1c9636084e85ca6c094d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c