live-microsft-account.ga
2a02:4780:dead:8b5::1 Malicious Activity!

Go To Rescan
Add Verdict Report

Submitted URL:
https://live-microsft-account.ga/
Effective URL:
https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN384...
Submission: On July 27 via automatic, source certstream-suspicious (July 27th 2022, 6:36:47 am UTC) — Scanned from NL

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a02:4780:dead:8b5::1, located in United States and belongs to AWEX, CY. The main domain is live-microsft-account.ga.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on July 10th 2021. Valid for: a year.

This is the only time live-microsft-account.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
7	2a02:4780:dea... 2a02:4780:dead:8b5::1	204915 (AWEX) (AWEX)
2	2606:4700::68... 2606:4700::6813:b978	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::ac43:9689	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
16	5

7 2a02:4780:dead:8b5::1 (United States)

ASN204915 (AWEX, CY)

live-microsft-account.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:b978 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.000webhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::ac43:9689 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	live-microsft-account.ga live-microsft-account.ga	33 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1888 ka-f.fontawesome.com — Cisco Umbrella Rank: 4402	184 KB
2	000webhost.com cdn.000webhost.com — Cisco Umbrella Rank: 167934	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	922 B
16	4

	Domain	Requested by
7	live-microsft-account.ga	live-microsft-account.ga
5	ka-f.fontawesome.com	kit.fontawesome.com
2	cdn.000webhost.com	live-microsft-account.ga
1	fonts.googleapis.com	live-microsft-account.ga
1	kit.fontawesome.com	live-microsft-account.ga
16	5

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com

Subject Issuer	Validity	Valid
*.000webhostapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-10` - `2022-08-10`	a year	crt.sh
*.000webhost.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-13`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html
Frame ID: C50B82A4DAD891BF191707FF56108579
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://live-microsft-account.ga/ Page URL
https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDn... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

16
Requests

56 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

222 kB
Transfer

428 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://live-microsft-account.ga/ Page URL
https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
live-microsft-account.ga/ 6 KB
3 KB 351ms
116ms Document
text/html 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://live-microsft-account.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 06:36:48 GMT
server: awex
x-content-type-options: nosniff
x-request-id: 137ee5930db93a24a68ff92ed5a76d55
x-xss-protection: 1; mode=block

GET
H2 200 footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 2 KB
2 KB 121ms
50ms Image
image/webp 2606:4700::6813:b978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png

Requested by

Host: live-microsft-account.ga
URL: https://live-microsft-account.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b978 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1367
cf-polished: origFmt=png, origSize=2046
content-disposition: inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj: imgq:100,h2pri
x-hostinger-datacenter: srv
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1696
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jun 2022 10:07:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "62b2e9d3-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-hostinger-node: nl-srv-cdn1
accept-ranges: bytes
cf-ray: 73135ce27e09b7d9-AMS
expires: Wed, 27 Jul 2022 10:36:48 GMT

GET
H2 200 Primary Request index.html Show response
live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/ 9 KB
4 KB 116ms
116ms Document
text/html 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html

Requested by

Host: live-microsft-account.ga
URL: https://live-microsft-account.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

a8effafa7a58184a5a60a462e0883464251d4036f1270cc36766c6b7dce58cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://live-microsft-account.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 06:36:48 GMT
server: awex
x-content-type-options: nosniff
x-request-id: f48eb35ba679cff276e8887dfc502e95
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/ 22 KB
7 KB 117ms
116ms Stylesheet
text/css 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/bootstrap.min.css

Requested by

Host: live-microsft-account.ga
URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

6c94f6c5c05782ebad6f1da0bf458b8e7f1ea755369e1ac9a0b5e7606c2a7f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 06:30:23 GMT
server: awex
content-type: text/css
x-xss-protection: 1; mode=block
x-request-id: 4f02c5c9b8ce95a46a915804f7644e43

GET
H2 200 util.css
live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/ 82 KB
15 KB 119ms
118ms Stylesheet
text/css 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/util.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

837494f2b4a3de7bceb87d79e841ae48b96f81082a2421858e06b1d5d1e117f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 06:30:25 GMT
server: awex
content-type: text/css
x-xss-protection: 1; mode=block
x-request-id: e42086ba96063a13113d17e294eaaf72

GET
H2 200 main.css
live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/ 8 KB
2 KB 118ms
117ms Stylesheet
text/css 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

d83b5ee040c258b853bfd5efaaf38e093ed56ccc0ef2b02c41a9be1e96c15066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 06:30:24 GMT
server: awex
content-type: text/css
x-xss-protection: 1; mode=block
x-request-id: cc13929f5d21e70b8b8111421969f594

GET
H2 200 b3b9bf6cbf.js Show response
kit.fontawesome.com/ 11 KB
4 KB 127ms
71ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/b3b9bf6cbf.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53e3e4eaa850d4bce9b839f6b42791f753b964ab39b1ed831ab848de66de742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://live-microsft-account.ga/
Origin: https://live-microsft-account.ga
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 73135ce33ab7b784-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FwWcOYFGymW4yxwGgQTC

GET
H2 200 m_logo.svg
live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/ 4 KB
2 KB 116ms
115ms Image
image/svg+xml 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/m_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 06:30:24 GMT
server: awex
content-type: image/svg+xml
x-xss-protection: 1; mode=block
x-request-id: 4ef2d72d2b50bf52878a887d8a2d3c15

GET
H2 200 footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 2 KB
2 KB 40ms
39ms Image
image/webp 2606:4700::6813:b978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b978 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1367
cf-polished: origFmt=png, origSize=2046
content-disposition: inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj: imgq:100,h2pri
x-hostinger-datacenter: srv
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1696
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jun 2022 10:07:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "62b2e9d3-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-hostinger-node: nl-srv-cdn1
accept-ranges: bytes
cf-ray: 73135ce45feab7d9-AMS
expires: Wed, 27 Jul 2022 10:36:48 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 100 KB
21 KB 133ms
64ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free.min.css?token=b3b9bf6cbf
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b3b9bf6cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e7dfb3770b62bcfa8623c327404f5080e7ba6e2a219c41ad252f4c38ebd7a7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:26 GMT
server: cloudflare
etag: W/"0b7dc322d4f737c2bf1d43de22f920a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWqYdepzXDQdrWrw%2FtZ3qw1v8HiO4LaTFDGBZdQdYMT%2BU7EyUl472NcazsynYpI4qfGGKJ6VEQAWzncrh%2BKRuBvyIiq8Bk7ha3HcOUVGNlYSj2%2B0ZBmdfzdaYu3Z%2FHEFSuP3pwdlmj77%2B1Jmzt6IJICb2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73135ce4ca5d8fe9-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MUhNhTvOz3jq9Nlw9-LUE409gTpl0d9jrtYlKNvjIToYxDnCBAVgAw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 27 KB
5 KB 109ms
41ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-shims.min.css?token=b3b9bf6cbf
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b3b9bf6cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683ea60cc3dbfde397282a60bb8d073389b2217f9f04aaa25822e43dd3b16c2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
server: cloudflare
etag: W/"96816d3771234767a5fa14b975c670b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkPVW0zMQ7upALMDuZXVQCeBetOXBZW%2F1Au8BfNTT9Xy%2BGnuvykX6sJXtGnuWJbYBC2LDpK5o1DoCwyP%2BQOIIxxo5Vq3RVzIaIjqcXd5frCn%2FH3X0qLStIbKGoGTPI3v4PSjVYYlg1%2BxC9uagqD50YOYIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73135ce4ca5e8fe9-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: r7AM19PP-EQcGB2BVAbCrRckgM-h-z0bnaAouzlYmRVxXY5goVrr4g==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 823 B
717 B 112ms
44ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free-v5-font-face.min.css?token=b3b9bf6cbf
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b3b9bf6cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51a12212db6797d3298cc0f1797ba121e45cd26e0d11222389d82800e905a71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
server: cloudflare
etag: W/"65040fb03ef1332cf437c545afd7431f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gAHPpx0NVhrTGrzHux34zO%2B0fR2GSDhzOftZszxSN139jQM64ltSkMWEyL8%2FOekRtwl1pXtNm0o5j1qpqNXQxMPpiL4wsfOMqJM5CdVsGgzmx5O2IxX3RN9WfUn7EwEedAAkT9MUq0z2%2BGHqd1GHGBdCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73135ce4ca5f8fe9-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: OFDePolmEQCFWn4_Gb01ERgaBLCX-wGklXoilqKeSt4r1a2nSXGljQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 2 KB
1 KB 124ms
56ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-font-face.min.css?token=b3b9bf6cbf
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b3b9bf6cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040b6a6257f4e9b03d02543c254b47fc2287a93913e6b8e4aef00e72c4b46cfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
server: cloudflare
etag: W/"fe830daeb85511a2662ffb7f0f591490"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYEe4wIhCz4Qf%2FlPuCDZcdQ7pnJCqMop7KQc2errBpAfbm0t%2BsB3AG48fuxxcLUMrIrqxdTiC9m001R8iiy7YPfq%2Fb7OlLDJkuEoNO6iKE7YrIoM5%2FFqApdSfqZVdZ1YHHDtbJ8CnY%2BN887it6GfxCkwdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73135ce4ca608fe9-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JKUDk6sLiMZYyrB30dIONQGzDSdNxUgdcjbxWqHiHyuYptLQsmGSiA==

GET
H2 200 img1.svg
live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/ 2 KB
902 B 116ms
116ms Image
image/svg+xml 2a02:4780:dead:8b5::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/img1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:8b5::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 06:30:23 GMT
server: awex
content-type: image/svg+xml
x-xss-protection: 1; mode=block
x-request-id: 8f41fd306e03c559ff2742eeed7f901b

GET
H2 200 css
fonts.googleapis.com/ 1003 B
922 B 114ms
40ms Font
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://live-microsft-account.ga/
Origin: https://live-microsft-account.ga
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 04:50:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Jul 2022 06:36:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jul 2022 06:36:48 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.1.2/webfonts/ 151 KB
152 KB 90ms
51ms Font
font/woff2 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/webfonts/free-fa-solid-900.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc4c4d002d08d22e54368dbeda2c833b1fbf8246ecba14c17b51d240526c11a

Request headers

Referer: https://live-microsft-account.ga/
Origin: https://live-microsft-account.ga
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:48 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 154840
last-modified: Mon, 25 Jul 2022 15:06:43 GMT
server: cloudflare
etag: "13b9ba607b79e78d573e8ba00049fa14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zFIAqmR6EHt82tLO0q9%2BqLUbGMwCFYOo8kCEPUqUfuWVbz5ulB9Jv%2B3RdYclEQhxM5FfEwLXBBSL%2BhWozVmkzkJ7C7j%2FywzldqBhqbno42kxq2zXAFXx%2FvJeGNa9%2FoDDKJb6vu32N4PURzyIdsnj9b5Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 73135ce58955903c-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9TPNzgxhc4eS3SZ9Y688wK8phUkhIZl7aWx6owm-C3w0mPspMuvwEA==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html(Line 7) Message: The key "user-scale" is not recognized and ignored.
rendering	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html(Line 7) Message: The key "maxium-scale" is not recognized and ignored.
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://live-microsft-account.ga/Microsoft-Account-verification-proofs-Us7aftGkIOLag38183NNHSGsjrgvmm0L88SKDnn66ppxnUS3I589SSN38400SSXBQ512US7-48SASD388XB36bdi8853hb/index.html Message: OTS parsing error: invalid sfntVersion: 791289956

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.000webhost.com
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
live-microsft-account.ga
2606:4700:3034::ac43:9689
2606:4700::6812:1634
2606:4700::6813:b978
2a00:1450:4001:812::200a
2a02:4780:dead:8b5::1
040b6a6257f4e9b03d02543c254b47fc2287a93913e6b8e4aef00e72c4b46cfc
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
3fc4c4d002d08d22e54368dbeda2c833b1fbf8246ecba14c17b51d240526c11a
5e7dfb3770b62bcfa8623c327404f5080e7ba6e2a219c41ad252f4c38ebd7a7d
683ea60cc3dbfde397282a60bb8d073389b2217f9f04aaa25822e43dd3b16c2e
6c94f6c5c05782ebad6f1da0bf458b8e7f1ea755369e1ac9a0b5e7606c2a7f89
837494f2b4a3de7bceb87d79e841ae48b96f81082a2421858e06b1d5d1e117f8
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
a8effafa7a58184a5a60a462e0883464251d4036f1270cc36766c6b7dce58cb8
c51a12212db6797d3298cc0f1797ba121e45cd26e0d11222389d82800e905a71
d53e3e4eaa850d4bce9b839f6b42791f753b964ab39b1ed831ab848de66de742
d83b5ee040c258b853bfd5efaaf38e093ed56ccc0ef2b02c41a9be1e96c15066
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

live-microsft-account.ga Open in urlscan Pro 2a02:4780:dead:8b5::1 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

56 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

222 kBTransfer

428 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

0 Cookies

18 Console Messages

Security Headers

Indicators

live-microsft-account.ga
2a02:4780:dead:8b5::1 Malicious Activity!

Screenshot
Live screenshot

Full Image

16
Requests

56 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

222 kB
Transfer

428 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!