vocemessaging.hopto.org Open in urlscan Pro
192.99.152.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vocemessaging.hopto.org/n/Vnder.php
Submission: On May 21 via manual (May 21st 2019, 4:27:24 pm UTC) from IN

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 192.99.152.249, located in Montreal, Canada and belongs to OVH, FR. The main domain is vocemessaging.hopto.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 21st 2019. Valid for: 3 months.

This is the only time vocemessaging.hopto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	192.99.152.249 192.99.152.249		16276 (OVH) (OVH)
12	129.59.15.136 129.59.15.136		7212 () ()
1	52.18.63.80 52.18.63.80		16509 () ()
14	3

1 192.99.152.249 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 249.ip-192-99-152.net

vocemessaging.hopto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 129.59.15.136 (Nashville, United States)

ASN7212 (,)
PTR: email.vanderbilt.edu

email.vanderbilt.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.63.80 (Dublin, Ireland)

ASN16509 (,)
PTR: ec2-52-18-63-80.eu-west-1.compute.amazonaws.com

canarytokens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	vanderbilt.edu email.vanderbilt.edu	11 KB
1	canarytokens.com canarytokens.com	238 B
1	hopto.org vocemessaging.hopto.org	3 KB
14	3

	Domain	Requested by
12	email.vanderbilt.edu	vocemessaging.hopto.org
1	canarytokens.com	vocemessaging.hopto.org
1	vocemessaging.hopto.org
14	3

This site contains links to these domains. Also see Links.

Domain
email.vanderbilt.edu
go.microsoft.com

Subject Issuer	Validity	Valid
vocemessaging.hopto.org Let's Encrypt Authority X3	`2019-05-21` - `2019-08-19`	3 months	crt.sh
email.vanderbilt.edu GeoTrust RSA CA 2018	`2018-08-06` - `2020-04-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://vocemessaging.hopto.org/n/Vnder.php
Frame ID: C7D0756F71023D87B6E77A7F1528AA67
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Outlook Web App (Web Mail) Expand

Overall confidence: 100%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
env /^IsOwaPremiumBrowser$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
env /^IsOwaPremiumBrowser$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
env /^IsOwaPremiumBrowser$/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
env /^IsOwaPremiumBrowser$/i

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15 kB
Transfer

24 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://email.vanderbilt.edu/owa/auth/
Title: show explanation

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=129362
Title: click here.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Vnder.php Show response vocemessaging.hopto.org/n/	9 KB 3 KB	326ms 104ms	Document text/html	192.99.152.249 OVH
General Check archive.org Show headers Download Go to Full URL https://vocemessaging.hopto.org/n/Vnder.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.99.152.249 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS 249.ip-192-99-152.net Software nginx / PleskLin Resource Hash `53533b5078904a4f370d01f8ef9912805253d2cef5becaaff374db5318ca4379` Request headers :method GET :authority vocemessaging.hopto.org :scheme https :path /n/Vnder.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 server nginx date Tue, 21 May 2019 16:27:10 GMT content-type text/html; charset=UTF-8 content-length 3276 vary Accept-Encoding content-encoding gzip x-powered-by PleskLin
GET H/1.1	200 OK	logon.css email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	2 KB 1 KB	599ms 122ms	Stylesheet text/css	129.59.15.136
General Check archive.org Show headers Download Go to Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/logon.css Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `73c3dadbc899c7ade16b5c34c01e43ba7d3ddfd429acb10436b19cae2aac1b20` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT Content-Encoding gzip ETag "0a4c9c0282cd1:0" Last-Modified Wed, 14 Mar 2012 21:23:52 GMT X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 1049
GET H/1.1	200 OK	owafont.css email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	5 KB 2 KB	598ms 121ms	Stylesheet text/css	129.59.15.136
General Check archive.org Show headers Download Go to Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/owafont.css Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:07 GMT Content-Encoding gzip ETag "0cfe273222cd1:0" Last-Modified Wed, 14 Mar 2012 20:38:46 GMT X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 1554
GET H/1.1	200 OK	flogon.js Show response email.vanderbilt.edu/owa/14.3.399.0/scripts/premium/	4 KB 2 KB	655ms 143ms	Script application/x-javascript	129.59.15.136
General Check archive.org Show headers Download Go to Full URL https://email.vanderbilt.edu/owa/14.3.399.0/scripts/premium/flogon.js Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT Content-Encoding gzip ETag "0d265dc1495d11:0" Last-Modified Tue, 12 Apr 2016 23:41:40 GMT X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 1934
GET H/1.1	200 OK	lgntopl.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	2 KB 2 KB	654ms 139ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgntopl.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `917befb5a509fe1ab75c98f7117ffe7214ce82276acb8c22b4e24803743d0d48` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "0961377f51cd1:0" Last-Modified Wed, 14 Mar 2012 15:16:44 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 2047
GET H/1.1	200 OK	lgntopr.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	111 B 539 B	653ms 137ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgntopr.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `3b9930f93c87ad99a5209442b6126043155ab82993924d1c454bed1fce62bfcd` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:07 GMT ETag "035964be7bdc91:0" Last-Modified Wed, 15 Apr 2009 16:29:06 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 111
GET H/1.1	200 OK	lgnexlogo.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	410 B 668 B	133ms 128ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgnexlogo.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `17f1863e8ec9fa838af22a9cdd3c67630f76e1e7cf08679ef77b2bdf1d63fa73` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "0a45718efbdc91:0" Last-Modified Wed, 15 Apr 2009 17:24:56 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 410
GET H/1.1	200 OK	lgnbotl.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	229 B 487 B	138ms 133ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgnbotl.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `9d533b8815202c2a848f0607b2e9c2e1928a6576f4d7e6e320fbeadd0bf8c5f8` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "0fdbb1af3bdc91:0" Last-Modified Wed, 15 Apr 2009 17:53:38 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 229
GET H/1.1	200 OK	lgnbotr.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	83 B 340 B	135ms 134ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgnbotr.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `345305a09aa2a64a88cd39b5db4147cfafb2df78ce90d727fdfb08c71be1dcff` Request headers Referer https://vocemessaging.hopto.org/n/Vnder.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "0e3a464f3bdc91:0" Last-Modified Wed, 15 Apr 2009 17:55:42 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 83
GET H/1.1	200 OK	gcd4pfkpt2i0ljnv3xvmjvp3r.jpg canarytokens.com/	43 B 238 B	331ms 239ms	Image image/gif	52.18.63.80
General Check archive.org Show headers Download Go to Show image Full URL http://canarytokens.com/gcd4pfkpt2i0ljnv3xvmjvp3r.jpg?l=https://vocemessaging.hopto.org/n/Vnder.php&r= Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Server 52.18.63.80 Dublin, Ireland, ASN16509 (,), Reverse DNS ec2-52-18-63-80.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash `afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:09 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H/1.1	200 OK	lgntopm.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	42 B 299 B	122ms 121ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgntopm.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `57004cceae8c5654ec49aad181b41887d2378091545920ce5eadf7ed2ce9b9a8` Request headers Referer https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/logon.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "0efd227e7bdc91:0" Last-Modified Wed, 15 Apr 2009 16:28:06 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 42
GET H/1.1	200 OK	lgnleft.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	90 B 347 B	121ms 119ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgnleft.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `36ca7c8f22068ede76e4cb3ca6dea722bcf4b56777a61463e09e73fadc196ac5` Request headers Referer https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/logon.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "084e794e9bdc91:0" Last-Modified Wed, 15 Apr 2009 16:45:28 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 90
GET H/1.1	200 OK	lgnright.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	90 B 347 B	225ms 118ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgnright.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `36ca7c8f22068ede76e4cb3ca6dea722bcf4b56777a61463e09e73fadc196ac5` Request headers Referer https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/logon.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "04bc6e4e9bdc91:0" Last-Modified Wed, 15 Apr 2009 16:47:42 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 90
GET H/1.1	200 OK	lgnbotm.gif email.vanderbilt.edu/owa/14.3.399.0/themes/resources/	39 B 296 B	197ms 132ms	Image image/gif	129.59.15.136
General Check archive.org Show headers Download Go to Show image Full URL https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/lgnbotm.gif Requested by Host: vocemessaging.hopto.org URL: https://vocemessaging.hopto.org/n/Vnder.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 129.59.15.136 Nashville, United States, ASN7212 (,), Reverse DNS email.vanderbilt.edu Software / ASP.NET Resource Hash `51c3912742b27f265e274a45fb53b09311414db85fe5361e9bd738c47ecbc3a1` Request headers Referer https://email.vanderbilt.edu/owa/14.3.399.0/themes/resources/logon.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 16:27:08 GMT ETag "0628938f3bdc91:0" Last-Modified Wed, 15 Apr 2009 17:54:28 GMT X-Powered-By ASP.NET Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 39

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| initLogon function| redir function| shw function| hd function| clkExp function| clkSec function| clkBsc function| clkLgn function| clkRtry function| clkReLgn function| gbid function| IsOwaPremiumBrowser function| hres function| LogoffMime function| addPerfMarker function| secureCookie function| isHttps number| a_fRC number| g_fFcs number| a_fLOff number| a_fCAC number| a_fEnbSMm function| IsMimeCtlInst function| RndMimeCtl function| RndMimeCtlHlpr string| r object| m

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vocemessaging.hopto.org/n	1969-12-31 23:59:59	Name: cookieTest Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

canarytokens.com
email.vanderbilt.edu
vocemessaging.hopto.org
129.59.15.136
192.99.152.249
52.18.63.80
17f1863e8ec9fa838af22a9cdd3c67630f76e1e7cf08679ef77b2bdf1d63fa73
215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060
345305a09aa2a64a88cd39b5db4147cfafb2df78ce90d727fdfb08c71be1dcff
36ca7c8f22068ede76e4cb3ca6dea722bcf4b56777a61463e09e73fadc196ac5
3b9930f93c87ad99a5209442b6126043155ab82993924d1c454bed1fce62bfcd
51c3912742b27f265e274a45fb53b09311414db85fe5361e9bd738c47ecbc3a1
53533b5078904a4f370d01f8ef9912805253d2cef5becaaff374db5318ca4379
57004cceae8c5654ec49aad181b41887d2378091545920ce5eadf7ed2ce9b9a8
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673
73c3dadbc899c7ade16b5c34c01e43ba7d3ddfd429acb10436b19cae2aac1b20
917befb5a509fe1ab75c98f7117ffe7214ce82276acb8c22b4e24803743d0d48
9d533b8815202c2a848f0607b2e9c2e1928a6576f4d7e6e320fbeadd0bf8c5f8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277