urlscan.io logo urlscan.io
SecurityTrails logo

entreparques.mx Open in urlscan Pro
2a06:98c1:3121::7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-web.cisco.com/1Y3-OHFG1mNDzzsFM1C8ROScrIGk3s-j-rXJjiGfhd0Y-l9dNkVUagTRiUwW17qzpBXFfAE_PexBKH-kMEYxHBqgDfZoNFgk...
Effective URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.ph...
Submission: On March 03 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is entreparques.mx.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2021. Valid for: a year.
This is the only time entreparques.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 2a04:e4c7:fff... 36692 (OPENDNS)
1 192.64.117.195 22612 (NAMECHEAP...)
1 12 2a06:98c1:312... 13335 (CLOUDFLAR...)
12 2
Apex Domain
Subdomains		 Transfer
12 entreparques.mx
entreparques.mx
215 KB
1 bgtcentre.com.np
bgtcentre.com.np
713 B
1 cisco.com
secure-web.cisco.com — Cisco Umbrella Rank: 12674
192 B
12 3
Domain Requested by
12 entreparques.mx 1 redirects bgtcentre.com.np
entreparques.mx
1 bgtcentre.com.np
1 secure-web.cisco.com 1 redirects
12 3

This site contains no links.

Subject Issuer Validity Valid
bgtcentre.com.np
Sectigo RSA Domain Validation Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-29 -
2022-07-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Frame ID: F264C02A788CF0A619DA0E8B5FD7A040
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your Microsoft account

Page URL History Show full URLs

  1. https://secure-web.cisco.com/1Y3-OHFG1mNDzzsFM1C8ROScrIGk3s-j-rXJjiGfhd0Y-l9dNkVUagTRiUwW17qzpBXFfAE_PexB... HTTP 302
    https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdf... Page URL
  2. https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dg... HTTP 302
    https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dg... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

214 kB
Transfer

817 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-web.cisco.com/1Y3-OHFG1mNDzzsFM1C8ROScrIGk3s-j-rXJjiGfhd0Y-l9dNkVUagTRiUwW17qzpBXFfAE_PexBKH-kMEYxHBqgDfZoNFgk4i64jItQCNBrPeCjg2AV1fZPLZ_ytiihfJxUBsPK89hMTiPvTi9IBJoSY_uuYeGTv82ksDp8-fUF86HFhnqxrALecRlwytFrbiHRfAL8bcdKU6dLdlbXfGZqqPShn2dGL2DnVpsPPb5VF576o5KmTyXdxOtpi4fNoxurPqc4VEQOzdLIhnYGKEPA0JQ2yedXFre9SBc7anPgNh8Q97obTkrWAZ_o-GoW5/https%3A%2F%2Fbgtcentre.com.np%2Fwp-cgibini%2Flefounderous%2Flesargos%2Fmondesix%2Ffoxxyuno%2Fbnamamrrf%2Frtpresence%2FofdfhfoflEHdk.htm%3Fid%3Dmohammednaeem.surty%40wns.com HTTP 302
    https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdfhfoflEHdk.htm?id=mohammednaeem.surty@wns.com Page URL
  2. https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/?id=mohammednaeem.surty@wns.com HTTP 302
    https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://secure-web.cisco.com/1Y3-OHFG1mNDzzsFM1C8ROScrIGk3s-j-rXJjiGfhd0Y-l9dNkVUagTRiUwW17qzpBXFfAE_PexBKH-kMEYxHBqgDfZoNFgk4i64jItQCNBrPeCjg2AV1fZPLZ_ytiihfJxUBsPK89hMTiPvTi9IBJoSY_uuYeGTv82ksDp8-fUF86HFhnqxrALecRlwytFrbiHRfAL8bcdKU6dLdlbXfGZqqPShn2dGL2DnVpsPPb5VF576o5KmTyXdxOtpi4fNoxurPqc4VEQOzdLIhnYGKEPA0JQ2yedXFre9SBc7anPgNh8Q97obTkrWAZ_o-GoW5/https%3A%2F%2Fbgtcentre.com.np%2Fwp-cgibini%2Flefounderous%2Flesargos%2Fmondesix%2Ffoxxyuno%2Fbnamamrrf%2Frtpresence%2FofdfhfoflEHdk.htm%3Fid%3Dmohammednaeem.surty%40wns.com HTTP 302
  • https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdfhfoflEHdk.htm?id=mohammednaeem.surty@wns.com

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ofdfhfoflEHdk.htm
bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/
Redirect Chain
  • https://secure-web.cisco.com/1Y3-OHFG1mNDzzsFM1C8ROScrIGk3s-j-rXJjiGfhd0Y-l9dNkVUagTRiUwW17qzpBXFfAE_PexBKH-kMEYxHBqgDfZoNFgk4i64jItQCNBrPeCjg2AV1fZPLZ_ytiihfJxUBsPK89hMTiPvTi9IBJoSY_uuYeGTv82ksDp8...
  • https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdfhfoflEHdk.htm?id=mohammednaeem.surty@wns.com
940 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdfhfoflEHdk.htm?id=mohammednaeem.surty@wns.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.64.117.195 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
host21.registrar-servers.com
Software
Apache /
Resource Hash
d997e2129ded8bd1acbbdc1aa38471e31374509437ce5430b4aa6b402143393e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 03 Mar 2022 08:56:23 GMT
server
Apache
last-modified
Thu, 03 Mar 2022 07:39:39 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-length
527
content-type
text/html

Redirect headers

server
openresty/1.19.3.1
date
Thu, 03 Mar 2022 08:56:23 GMT
content-type
text/html
content-length
0
location
https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdfhfoflEHdk.htm?id=mohammednaeem.surty@wns.com
talos-dc-id
4
Primary Request index2.php
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/
Redirect Chain
  • https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/?id=mohammednaeem.surty@wns.com
  • https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/commo...
103 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Requested by
Host: bgtcentre.com.np
URL: https://bgtcentre.com.np/wp-cgibini/lefounderous/lesargos/mondesix/foxxyuno/bnamamrrf/rtpresence/ofdfhfoflEHdk.htm?id=mohammednaeem.surty@wns.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a884776ce488d876807ba325d0cf08bfa52540da97ac496fab0e6e5138c8f2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bgtcentre.com.np/

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4auyKqT7BZ6m7se0aoIMxh2Ii%2FhPsb%2FA8sts8rMpxYT8JcU28%2FsHlpVtmhkN6NyQGMeNFI8w84XlHfaHsVIs6C28s6hIdBh1fQhJAei40XW0Tga9ab8t8sGrWvs%2B24wfpBJzP4rEZS%2Fe49JK04I%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e6128b04b6e5cb0-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 03 Mar 2022 08:56:26 GMT
content-type
text/html; charset=UTF-8
location
./index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AD8e0Z3iqOAEfcyKcLMX2qaQr3mJjtFnwVyM26x5QXTQ%2BbFZ2k3JOenZWofepnEDJRRMiGm3KpgPrSbYgqRBzhx8gInUjvSNS16ycLfVxOKAKTu1a%2FkUl4g76pv0xrEKpBOWXWb1wtWKvPcjNzc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e6128ab4add5cb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ConvergedLoginPaginatedStrings.en_3ParxANZ-MNmIfU_UoPklQ2.js
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ConvergedLoginPaginatedStrings.en_3ParxANZ-MNmIfU_UoPklQ2.js
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b40e51dcdaaa7068943090c633d2c3a1a4456a1fbe9393fac3c19f8d1f7aa90

Request headers

Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Origin
https://entreparques.mx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 12:02:30 GMT
server
cloudflare
age
4437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGBirIc%2FjHswaAg%2BmU%2B4Zm2QEpg7TtOif6NXaPygiJRwSqairxLkdaezQ4NiLLxwRVc6Gi%2B03n26ZwTNZtZS3sznaILYR6HaMQvkudXk1AuZj2dFrZ3WSXwxA%2BN09X235l%2Bvgm4wkenoHj8uRjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b1896291e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ConvergedLogin_PCore_CJPSOqw2_RmNbNhGIhqOBA2.js
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ 		453 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ConvergedLogin_PCore_CJPSOqw2_RmNbNhGIhqOBA2.js
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891dce4f503f2bc8389332d682818c6dba0c2d14c2a9062b93ae02ceb9b259b

Request headers

Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Origin
https://entreparques.mx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 12:02:30 GMT
server
cloudflare
age
4437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1JMc%2FT6MCSFZzWKSBgkhRIA%2B1zEq9iD64y6RPsblJzrv9rFzusNYpYB2EwpABrJdiyH%2BaryJMQq99XdR9bWNj7%2Fhv77kF5Wxx3TjfiXbuUvR5zrZ0owDYbuWzJhD%2BFPfn%2BwdzTW2rDLo5oQItg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b1896591e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
convergedlogin_ppassword_bc6ae3d27d9d04639f8b.js
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/convergedlogin_ppassword_bc6ae3d27d9d04639f8b.js
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b36eb100922b449ee9af0ad15da754cb80c7edc4d6142d476cbbac3c3ef57c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 12:02:30 GMT
server
cloudflare
age
4437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7b0g7ltDbMcISNorHcu1T9%2BtxkVjla0rQFIlYCNH6T4mzWqFojo%2BRbeLwIWbh249Czqk8izEw3TW6arOjPmL2SFAkt7rCczTMIqLtN4GDY1s3hmT%2BiPFGh%2FOOaqZuYYssXjgEz3YZmCU2rQZIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b1896891e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Converged_v21033__M8MTZS7Nv0I1zR18wdR-g2.css
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/Converged_v21033__M8MTZS7Nv0I1zR18wdR-g2.css
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6099ca3afb2bad6883021c5aa6941615a9e92428d9936d09c522c371f803cbdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 11:54:54 GMT
server
cloudflare
age
4437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X98m%2F6PITDQctFYGGoesBL6UV4tpCQlB8aYS9s7XznIarpHvxp%2Fu349xC%2B2Hqcib7w7yDAcn3Ti7Ok9otpYmi5pwJDknnQhcEhjRxfSGJJ33FOVwZfmbCFsP8yXyddn9BR6dhfRpzJ7BaYLN32c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b1896d91e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 16:54:04 GMT
server
cloudflare
age
4435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8AxiFHQDJH6KqcAQEBLcvsOx2PllBl95Pt0VLhXLxIXW%2BEmWKukKP7UJednfX5xCEByJt0KeY4A379uKEuROWuPQ6dhutGjkNCLzyh1lc1CtQ0n0buFOn09tZwoeXDSuQ9D07CcWugxfyo5r2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b25b4391e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
entreparques.mx/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Feb 2022 17:09:01 GMT
server
cloudflare
etag
W/"621d01ad-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXyPhTNtp4XdmeOmDbxcY4hYjatWOwPG687XYE10S2CAHpDI0drS8FQpIzbv%2Bh%2FRv1T5tiF4%2Bu4uszQ1MzwVlbpSNImaqdCPS9Iq%2Br7l%2BnfVFfHF9es14Udpl4vrRP0F1Y9Qem7H5GsMq9UyJ0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b25b4691e4-FRA
vary
Accept-Encoding
expires
Sat, 05 Mar 2022 08:56:27 GMT
2_bc3d32a696895f78c19df6c717586a5d.svg
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/images/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 16:51:18 GMT
server
cloudflare
age
4435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSkhRhPSUS9YYdV%2B2eeXMVC%2Fr%2FekToKwTBSTcmM5ckFEIQCWdWoq1jHZOumjJh0zlxMg3OSf%2FBK%2FMfmfm%2BrIwDlQg8a4b0%2FKfm4TfDUOpUIjq6oGdZY5R7W2VFTiPnqFbSBYeaKM%2BsugT8zKaTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b25b4791e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/jquery.min.js
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060ba101d2a066d2f490291232af6df4fbc9d1285501c4c04b0e3249323da85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Jul 2018 20:03:42 GMT
server
cloudflare
age
4435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=othNP6aCggZ8A%2BoGZRUU5aR5xIiLrzm%2FzFMcVDjQSuZmy82X2XV1ybWG91xTuusqZ8SHxbsGAOdCdeMF58F6hKCmmoZX6TEwo6fXLtPo7A4ii8QAuPwP3kgzcR53UQC0XpzEhA6ri4eUB%2Bd5mx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b28b8f91e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.js
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/login.js
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
263a265f8d8246e361524608b0962f7dd27ee2d5523b0f841284e7c63c7135c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 08:00:16 GMT
server
cloudflare
age
4435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXneki9coH3n%2BsBIMpHmQK0C7ZqpE2%2BQmgN7BN7bH7lqiHOjQI5WO2lkWIK8mNwT6Lft4h1W9%2F9jEdnN%2FYZw5euUPciLMk%2FGYn%2FxIIrbxIMo5r99sn9AIFsXuRe6E8YmjmkWVQAr83ydgMx%2FVWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e6128b28b9491e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
screen_resolution.php
entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/ 		21 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/screen_resolution.php
Requested by
Host: entreparques.mx
URL: https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/consumers/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3863ee0a9a320461c866f2b3b4b746e6acf6251770f062fec4136d31ff1c0f99

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://entreparques.mx/ulogsrc/blogretaile/fendosync/symmantec/officialle/ahssanalam/sgeghedpedy/dgehekailgen/index2.php?=&15e1cb1d7da90c915f92b63a4c2903d7&&https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637703547425196128.NmY3Y2NkNGMtY2MzNS00YmE2LThhNjItZjUwZjdiY2FhNGNlZGRjN2NiODMtNzE2Yy00NjUyLTkxOGMtNzQ0ZjA2YzUzMjBm&ui_locales=en-US&mkt=en-US&client-request-id=aee8ed85-36dd-493a-bbfa-092b3f6da688&state=sEtGCnqovCbZUeo44OuaQMCftGh3Fb3H6luxfWey_3pHgWemHgJVEj1oWo6pA5eAPEaw2ecIB-sWD6OcP_bOnkv8iu6DZLKZGlgzWlllGFiWycnL8-eHGhZcOBqNEEdNmSlRMB2RNZa3F9QgoMBCzB3QzUkwFkHkU6IvwnfjiCTQ4D0nNPxy_qtkkgtHy2pWHU7_NcO6oTHCoz3GviHbfq08KkwYDpSOaMau79pCEfUDInH3W72nG2WIY0IT_RT1Q2qktsMG0_aUubx68ehpPNkDUniZvQFB1ph5MgVjNj0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&id=mohammednaeem.surty@wns.com
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 08:56:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKbayn01fVI6hkt62z%2FYJARG6a0aM%2B7J8L%2F%2FiI4jC4QxX6IMy6K4HObn1%2F7QLPJz0l6VuI1Zmpb%2Bwx9OZ0Okfu%2Bn0XrIoPTZA2sVObl2WlWZFzV7ex7ng2UcWwvu9Q%2FefkwJPeQKZjnfJK%2BtnMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
6e6128b2ec7791e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $Loader object| $Do function| $DepLoader object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| ServerData object| UXResourceDependencies object| StringRepository boolean| __ConvergedLoginPaginatedStrings function| WhenAllLoaded object| webpackJsonp object| ko object| PROOF boolean| __ConvergedLogin_PCore boolean| __convergedlogin_ppassword_bc6ae3d27d9d04639f8b function| $ function| jQuery object| _0xac61 object| Telemetry object| telemetry_webpackJsonp

1 Cookies

Domain/Path Name / Value
entreparques.mx/ Name: PHPSESSID
Value: 87416d299311bc49ce1338280ce418f5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests