g87huij.duckdns.org Open in urlscan Pro
185.212.129.140  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response g87huij.duckdns.org/	36 KB 7 KB	381ms 166ms	Document text/html	185.212.129.140 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.212.129.140 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS tutorial23523523423.website Software Apache/2.4.18 (Ubuntu) / Resource Hash 6f20c0f907be24273842650244598ad4688ee2c93e2b354886020bdcd9ec4a88 Request headers Host g87huij.duckdns.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Response headers Date Wed, 20 Nov 2019 13:08:26 GMT Server Apache/2.4.18 (Ubuntu) Vary Accept-Encoding Content-Encoding gzip Content-Length 7243 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery-3.4.1.js Show response code.jquery.com/	274 KB 81 KB	18ms 7ms	Script application/javascript	2001:4de0:ac19::1:b:3a Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.js Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software nginx / Resource Hash 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Origin https://g87huij.duckdns.org Response headers Date Wed, 20 Nov 2019 13:06:48 GMT Content-Encoding gzip Last-Modified Wed, 01 May 2019 21:14:27 GMT Server nginx ETag W/"5cca0c33-4472c" Vary Accept-Encoding X-HW 1574255208.dop027.fr8.shc,1574255208.dop027.fr8.t,1574255208.cds055.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 82889
GET H2	200	Converged_v21033_WxEHoN1EKgnBBEbhm200rw2.css logincdn.msauth.net/16.000/	98 KB 19 KB	40ms 7ms	Stylesheet text/css	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000/Converged_v21033_WxEHoN1EKgnBBEbhm200rw2.css Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F94) / Resource Hash f47f03ee0e67aff8f795556d4b5e7724375fa1c25907e2e120677f4b512c5486 Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip content-md5 XAHcMBL30ShT+FlJP/Ib6g== x-cache HIT status 200 content-length 18565 x-ms-lease-status unlocked last-modified Thu, 22 Aug 2019 07:33:27 GMT server ECAcc (frc/8F94) etag 0x8D726D305A21714 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id f670a2b8-701e-0011-5281-5a9fa0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	fonts.css;navigation.css apps.skypeassets.com/static/8.14/skype.login/css/	23 KB 3 KB	84ms 53ms	Stylesheet text/css	23.37.59.171 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://apps.skypeassets.com/static/8.14/skype.login/css/fonts.css;navigation.css Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.59.171 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-37-59-171.deploy.static.akamaitechnologies.com Software / Resource Hash 0621c8ed65ab0b13181904752182d866aaae7a34d3e0df0fb50b9e1031b7adba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; content-encoding gzip x-content-type-options nosniff etag "1d6cb8ba4a6615069e5ceba3551e17ede4590b0f-gzip" x-frame-options SAMEORIGIN content-type text/css;charset=UTF-8 status 200 cache-control max-age=31536000, public date Wed, 20 Nov 2019 13:06:48 GMT vary Origin,Accept,Accept-Encoding content-length 2787 x-xss-protection 1; mode=block expires Tue, 10 Nov 2020 09:39:13 GMT
GET H2	200	loader.css apps.skypeassets.com/static/8.14/skype.login/css/	21 KB 1 KB	38ms 7ms	Stylesheet text/css	23.37.59.171 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://apps.skypeassets.com/static/8.14/skype.login/css/loader.css Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.59.171 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-37-59-171.deploy.static.akamaitechnologies.com Software / Resource Hash c1f6cd67c71be4644c03f22328630f37b7d5d61fe949dae85b7bcacb02a39b0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; content-encoding gzip x-content-type-options nosniff etag "186125e834fd2a61cfe95d8f19eaeeae660e146b-gzip" x-frame-options SAMEORIGIN content-type text/css;charset=UTF-8 status 200 cache-control max-age=31536000, public date Wed, 20 Nov 2019 13:06:48 GMT vary Origin,Accept,Accept-Encoding content-length 1210 x-xss-protection 1; mode=block expires Thu, 22 Oct 2020 00:12:37 GMT
GET H2	200	26.png logincdn.msauth.net/16.000.28345.6/images/AppLogos/	4 KB 4 KB	40ms 8ms	Image image/png	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/AppLogos/26.png?x=7bded57cb99fb8d542e1d50e86712e19 Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F3E) / Resource Hash 9741ca2c55b48cdd7076b93959a71a5d71bab043cf5a2bf9f8c3c57cafd1e16a Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-md5 e97VfLmfuNVC4dUOhnEuGQ== x-cache HIT status 200 content-length 4173 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:27 GMT server ECAcc (frc/8F3E) etag 0x8D74461C90C9755 content-type image/png access-control-allow-origin * x-ms-request-id 49c26748-a01e-003b-1ec5-93cbb3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	microsoft_logo.svg logincdn.msauth.net/16.000.28345.6/images/	4 KB 2 KB	41ms 8ms	Image image/svg+xml	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/microsoft_logo.svg Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F58) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip content-md5 nzaLxFgP7ZB3dfMcaybWzw== x-cache HIT status 200 content-length 1435 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:44 GMT server ECAcc (frc/8F58) etag 0x8D74461D321E4EB vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 27dee562-001e-004e-158e-90e3c9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	documentation.svg logincdn.msauth.net/16.000.28345.6/images/	2 KB 749 B	13ms 13ms	Image image/svg+xml	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/documentation.svg Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8FED) / Resource Hash a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip content-md5 6dTbAT1RVL9d6geobv3IJg== x-cache HIT status 200 content-length 606 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:41 GMT server ECAcc (frc/8FED) etag 0x8D74461D170DA31 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 6cb05ddb-b01e-0074-77c5-9308f2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	arrow_left.svg logincdn.msauth.net/16.000.28345.6/images/	513 B 419 B	13ms 12ms	Image image/svg+xml	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/arrow_left.svg?x=a9cc2824ef3517b6c4160dcf8ff7d410 Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F46) / Resource Hash 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip content-md5 TjUQkZ0p0Y7rbj6LJofS9Q== x-cache HIT status 200 content-length 276 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:30 GMT server ECAcc (frc/8F46) etag 0x8D74461CAF84494 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 9b2b9e25-a01e-007e-60ce-7722b0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ellipsis_white.svg logincdn.msauth.net/16.000.28345.6/images/	915 B 408 B	8ms 7ms	Image image/svg+xml	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/ellipsis_white.svg Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F4E) / Resource Hash 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip content-md5 HMwsHhNXdtrfirQDkzcqMA== x-cache HIT status 200 content-length 263 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:42 GMT server ECAcc (frc/8F4E) etag 0x8D74461D23AB6EC vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id fb77e3a0-501e-0005-16c5-93cb24000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ellipsis_grey.svg logincdn.msauth.net/16.000.28345.6/images/	915 B 382 B	8ms 8ms	Image image/svg+xml	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/ellipsis_grey.svg Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F89) / Resource Hash 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6 Request headers Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip content-md5 /a3y/mpA+HRaVAiPACrsog== x-cache HIT status 200 content-length 263 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:42 GMT server ECAcc (frc/8F89) etag 0x8D74461D213C70A vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id c3d8063f-601e-005e-50c5-935ce1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
POST H2	200	bookmarks.php Show response vivesinplastico.com/wp-includes/	337 B 538 B	7311ms 7229ms	XHR text/html	35.204.217.18 Google LLC
General Check archive.org Show headers Download Go to Full URL https://vivesinplastico.com/wp-includes/bookmarks.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.204.217.18 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 18.217.204.35.bc.googleusercontent.com Software nginx / Resource Hash 99f534a617ffec78641c2e97ee6aa3e54112a3e2ee1dce690e5bf33b23f85aeb Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Origin https://g87huij.duckdns.org User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 20 Nov 2019 13:06:55 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade server nginx status 200 vary X-Forwarded-Proto,Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=15552000 host-header 5d77dd967d63c3104bced1db0cace49c content-length 270 expires Mon, 18 May 2020 13:06:48 GMT
GET H2	200	s_logo.png apps.skypeassets.com/static/8.14/skype.login/images/logos/	6 KB 6 KB	6ms 6ms	Image image/png	23.37.59.171 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://apps.skypeassets.com/static/8.14/skype.login/images/logos/s_logo.png Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.59.171 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-37-59-171.deploy.static.akamaitechnologies.com Software / Resource Hash 7397d858359e50d73074c69328fec62afb464eaa3f601fa76d78fb7b9e8e8c7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://apps.skypeassets.com/static/8.14/skype.login/css/fonts.css;navigation.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; x-content-type-options nosniff etag "079eb142d3c55dfdb9d52466f25463d5d9580a82" x-frame-options SAMEORIGIN content-type image/png status 200 cache-control max-age=31536000, public date Wed, 20 Nov 2019 13:06:48 GMT vary Origin,Accept,Accept-Encoding content-length 6198 x-xss-protection 1; mode=block expires Thu, 17 Sep 2020 12:14:09 GMT
GET H2	200	segoe-ui-light-latin.woff secure.skypeassets.com/apollo/2.0.127/fonts/latin/	136 KB 134 KB	36ms 10ms	Font font/woff	23.37.61.51 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://secure.skypeassets.com/apollo/2.0.127/fonts/latin/segoe-ui-light-latin.woff Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.61.51 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-37-61-51.deploy.static.akamaitechnologies.com Software / Resource Hash 2e1878bb1cc070dcfc04442eb663ca9f5484f1f609859b8b91df0100f382fee0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://apps.skypeassets.com/static/8.14/skype.login/css/fonts.css;navigation.css Origin https://g87huij.duckdns.org Response headers date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip last-modified Wed, 09 Sep 2015 14:55:44 GMT content-md5 my73IJY+vzkKTsOZ+8acmQ== access-control-allow-origin * etag 0x8D2B926BD5DE7BB vary Accept-Encoding content-type font/woff status 200 cache-control public, max-age=1183563 expires Wed, 04 Dec 2019 05:52:51 GMT
GET H2	200	segoe-ui-regular-latin.woff secure.skypeassets.com/apollo/2.0.127/fonts/latin/	136 KB 134 KB	42ms 19ms	Font font/woff	23.37.61.51 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://secure.skypeassets.com/apollo/2.0.127/fonts/latin/segoe-ui-regular-latin.woff Requested by Host: g87huij.duckdns.org URL: https://g87huij.duckdns.org/?ijbgtrf=bWFyY2luLmdyZW5Aa2VyaW5nLmNvbQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.61.51 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-37-61-51.deploy.static.akamaitechnologies.com Software / Resource Hash d738ab6179c663fe22cc2daee36e33828f1d3ffc526aeaec9ae72c673da10e27 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://apps.skypeassets.com/static/8.14/skype.login/css/fonts.css;navigation.css Origin https://g87huij.duckdns.org Response headers date Wed, 20 Nov 2019 13:06:48 GMT content-encoding gzip last-modified Wed, 09 Sep 2015 14:55:45 GMT content-md5 6XCi73j9bOUWGYrMmPEB3w== access-control-allow-origin * etag 0x8D2B926BDA3A5C9 vary Accept-Encoding content-type font/woff status 200 cache-control public, max-age=2358917 expires Tue, 17 Dec 2019 20:22:05 GMT
GET H2	200	21-small.jpg logincdn.msauth.net/16.000.28345.6/images/AppBackgrounds/	417 B 536 B	12ms 12ms	Image image/jpeg	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/AppBackgrounds/21-small.jpg?x=8c6511fe45944b668b3ebac906238b23 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F55) / Resource Hash e2e535a651ba8baf2062a63808b8a9aeb3672b980ab3aa7b84e92f4d7d3c2807 Request headers Referer https://g87huij.duckdns.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:55 GMT content-md5 jGUR/kWUS2aLPrrJBiOLIw== x-cache HIT status 200 content-length 417 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:11 GMT server ECAcc (frc/8F55) etag 0x8D74461BFB0335C content-type image/jpeg access-control-allow-origin * x-ms-request-id 854e63f2-101e-0042-1ec5-932f4a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	21.jpg logincdn.msauth.net/16.000.28345.6/images/AppBackgrounds/	145 KB 145 KB	7ms 7ms	Image image/jpeg	192.229.221.185 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28345.6/images/AppBackgrounds/21.jpg?x=a09c8a583598d484972faa59f0838f06 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8FBF) / Resource Hash a9ff1dbb05072865940b307137c9b565af29837c8765b436df30c9b2dd74df1a Request headers Referer https://g87huij.duckdns.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 20 Nov 2019 13:06:55 GMT content-md5 oJyKWDWY1ISXL6pZ8IOPBg== x-cache HIT status 200 content-length 148307 x-ms-lease-status unlocked last-modified Sat, 28 Sep 2019 22:18:11 GMT server ECAcc (frc/8FBF) etag 0x8D74461BFCF59AA content-type image/jpeg access-control-allow-origin * x-ms-request-id db251492-d01e-0045-21d4-933786000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| checkEmail function| goNext function| goBack function| closeBox function| loader function| checkSubmit function| isEmail function| iserror function| createCookie function| deleteAllCookies string| gEmail object| eml

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.skypeassets.com
code.jquery.com
g87huij.duckdns.org
logincdn.msauth.net
secure.skypeassets.com
vivesinplastico.com
185.212.129.140
192.229.221.185
2001:4de0:ac19::1:b:3a
23.37.59.171
23.37.61.51
35.204.217.18
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0621c8ed65ab0b13181904752182d866aaae7a34d3e0df0fb50b9e1031b7adba
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
2e1878bb1cc070dcfc04442eb663ca9f5484f1f609859b8b91df0100f382fee0
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
6f20c0f907be24273842650244598ad4688ee2c93e2b354886020bdcd9ec4a88
7397d858359e50d73074c69328fec62afb464eaa3f601fa76d78fb7b9e8e8c7c
9741ca2c55b48cdd7076b93959a71a5d71bab043cf5a2bf9f8c3c57cafd1e16a
99f534a617ffec78641c2e97ee6aa3e54112a3e2ee1dce690e5bf33b23f85aeb
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
a9ff1dbb05072865940b307137c9b565af29837c8765b436df30c9b2dd74df1a
c1f6cd67c71be4644c03f22328630f37b7d5d61fe949dae85b7bcacb02a39b0d
d738ab6179c663fe22cc2daee36e33828f1d3ffc526aeaec9ae72c673da10e27
e2e535a651ba8baf2062a63808b8a9aeb3672b980ab3aa7b84e92f4d7d3c2807
f47f03ee0e67aff8f795556d4b5e7724375fa1c25907e2e120677f4b512c5486