urlscan.io logo urlscan.io
SecurityTrails logo

office365-verify.web.app Open in urlscan Pro
2620:0:890::100  Public Scan

Go To Rescan Add Verdict Report
URL: https://office365-verify.web.app/?$web_only=true&_branch_match_id=1085943899217305491&utm_medium=marketing&_branch_referrer=H4sIA...
Submission: On August 12 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 13 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is office365-verify.web.app.
TLS certificate: Issued by GTS CA 1D4 on June 13th 2022. Valid for: 3 months.
This is the only time office365-verify.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
office365-verify.web.app
2    2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    162.241.2.126 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-2-126.unifiedlayer.com
imsba.com.br
2    2001:4de0:ac18::1:a:2a (None, )

ASN- ()
code.jquery.com
1    2404:6800:4004:80a::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3033::6815:3f36 (None, )

ASN- ()
use.fontawesome.com
Apex Domain
Subdomains		 Transfer
3 imsba.com.br
imsba.com.br
47 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267
fonts.googleapis.com — Cisco Umbrella Rank: 67
61 KB
2 jquery.com
code.jquery.com
1 fontawesome.com
use.fontawesome.com
12 KB
1 web.app
office365-verify.web.app
1 KB
0 bootstrapcdn.com Failed
maxcdn.bootstrapcdn.com Failed
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 msauth.net Failed
aadcdn.msauth.net Failed
13 8
Domain Requested by
3 imsba.com.br 2 redirects ajax.googleapis.com
imsba.com.br
2 code.jquery.com imsba.com.br
2 ajax.googleapis.com office365-verify.web.app
imsba.com.br
1 use.fontawesome.com imsba.com.br
1 fonts.googleapis.com imsba.com.br
1 office365-verify.web.app
0 maxcdn.bootstrapcdn.com Failed imsba.com.br
0 cdnjs.cloudflare.com Failed imsba.com.br
0 aadcdn.msauth.net Failed imsba.com.br
13 9

This site contains no links.

Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2022-06-13 -
2022-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
imsba.com.br
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://office365-verify.web.app/?$web_only=true&_branch_match_id=1085943899217305491&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN7G0yMvVK0ktLtFNLCjQy8nMy9ZP1c8vLcnJz88uSy3KTKsEAOJtjlYrAAAA
Frame ID: 77FF6AA696CAC555AEF8807DF837F1C6
Requests: 2 HTTP requests in this frame

Frame: https://imsba.com.br/wp-lncludes/elp/a3569/
Frame ID: E78DE74D9940DC873AA38BEC0168F108
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Office365 OutlookOffice365 Outlook

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

62 %
HTTPS

83 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

121 kB
Transfer

627 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://imsba.com.br/wp-lncludes/elp/ HTTP 302
  • https://imsba.com.br/wp-lncludes/elp/a3569 HTTP 301
  • https://imsba.com.br/wp-lncludes/elp/a3569/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
office365-verify.web.app/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://office365-verify.web.app/?$web_only=true&_branch_match_id=1085943899217305491&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN7G0yMvVK0ktLtFNLCjQy8nMy9ZP1c8vLcnJz88uSy3KTKsEAOJtjlYrAAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2ab85e61095256647e1bc7c5d0467e8efe3336de12a3f9ba83ef53d5520002f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1072
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 01:51:23 GMT
etag
"221f1de8b0f238cae20d57fb35ccef8d0990627be34942fa9c9e0139f978466d-br"
last-modified
Mon, 08 Aug 2022 18:24:20 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-tyo11925-TYO
x-timer
S1660269083.175015,VS0,VE133
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: office365-verify.web.app
URL: https://office365-verify.web.app/?$web_only=true&_branch_match_id=1085943899217305491&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN7G0yMvVK0ktLtFNLCjQy8nMy9ZP1c8vLcnJz88uSy3KTKsEAOJtjlYrAAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-verify.web.app/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 07 Aug 2022 08:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 08:01:16 GMT
/
imsba.com.br/wp-lncludes/elp/a3569/ Frame E78D
Redirect Chain
  • https://imsba.com.br/wp-lncludes/elp/
  • https://imsba.com.br/wp-lncludes/elp/a3569
  • https://imsba.com.br/wp-lncludes/elp/a3569/
251 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imsba.com.br/wp-lncludes/elp/a3569/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.2.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-2-126.unifiedlayer.com
Software
Apache /
Resource Hash
03a66f9e6042190766e1d5648294eeee25b499f88343c67d2b0024baa46c859b

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 01:51:25 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Accept-Encoding
x-server-cache
false

Redirect headers

content-length
251
content-type
text/html; charset=iso-8859-1
date
Fri, 12 Aug 2022 01:51:25 GMT
location
https://imsba.com.br/wp-lncludes/elp/a3569/
server
Apache
x-server-cache
false
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame E78D 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: imsba.com.br
URL: https://imsba.com.br/wp-lncludes/elp/a3569/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imsba.com.br/wp-lncludes/elp/a3569/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 03:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 03:06:39 GMT
jquery-3.1.1.min.js
code.jquery.com/ Frame E78D 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: imsba.com.br
URL: https://imsba.com.br/wp-lncludes/elp/a3569/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imsba.com.br/wp-lncludes/elp/a3569/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 01:51:27 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-152b5"
vary
Accept-Encoding
x-hw
1660269087.dop109.sj3.t,1660269087.cds211.sj3.hn,1660269087.cds207.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30070
jquery-3.3.1.js
code.jquery.com/ Frame E78D 		82 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.js
Requested by
Host: imsba.com.br
URL: https://imsba.com.br/wp-lncludes/elp/a3569/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://imsba.com.br/wp-lncludes/elp/a3569/
Origin
https://imsba.com.br
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 01:51:27 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-42587"
vary
Accept-Encoding
x-hw
1660269087.dop028.sj3.t,1660269087.cds205.sj3.hn,1660269087.cds107.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
80268
css
fonts.googleapis.com/ Frame E78D 		1 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
Requested by
Host: imsba.com.br
URL: https://imsba.com.br/wp-lncludes/elp/a3569/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b740bb4e2de3bd58f0251ba4493c9f8f547d699235500c4d6bb8979fa201022f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imsba.com.br/wp-lncludes/elp/a3569/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 01:51:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 01:51:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 01:51:27 GMT
all.css
use.fontawesome.com/releases/v5.7.0/css/ Frame E78D 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by
Host: imsba.com.br
URL: https://imsba.com.br/wp-lncludes/elp/a3569/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer
https://imsba.com.br/wp-lncludes/elp/a3569/
Origin
https://imsba.com.br
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 01:51:27 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DA0PS45ZWR6Q600E
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RLK8Oh2Sr8H6Dj8knu6xLftbhSK9rqN5g9XZgHpGW0O9GZQayF7Wv9a++gtqPDaWw7Vmiia35ME=
last-modified
Wed, 30 Jun 2021 15:45:15 GMT
server
cloudflare
etag
W/"251d28bd755f5269a4531df8a81d5664"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2%2FNidfic0DYYVcyoXXMGFobet7ZQ4zFbfIr20vHAG4BJw9R8qoVcZhEUcW6nyi2O%2B%2FWhMNPczuc6utqwS%2FRwtMZKU%2Bc%2B1jQYsW7n9%2Be0hh7Ri6nhhrEXLb7COjsRnNj%2FLfbRfKi%2Bkfcf7hY4w1HLVN6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
739590e2fc558a6e-NRT
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/ests/2.1/content/images/ Frame E78D 		0
0
key.svg
imsba.com.br/wp-lncludes/elp/a3569/images/ Frame E78D 		0
0
jquery-3.2.1.slim.min.js
code.jquery.com/ Frame E78D 		0
0
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ Frame E78D 		0
0
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ Frame E78D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msauth.net
URL
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Domain
imsba.com.br
URL
https://imsba.com.br/wp-lncludes/elp/a3569/images/key.svg
Domain
code.jquery.com
URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| i7cff2b68f4 string| k function| $ function| jQuery

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload