offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 136.144.164.242, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org.
TLS certificate: Issued by E6 on July 27th 2024. Valid for: 3 months.

This is the only time offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	136.144.164.242 136.144.164.242	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3

1 136.144.164.242 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-164-242.colo.transip.net

offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 2218	17 KB
1	duckdns.org offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org Failed	38 KB
3	2

	Domain	Requested by
1	aadcdn.msauth.net
1	offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org
0	vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org Failed	offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org
3	3

This site contains no links.

Subject Issuer	Validity	Valid
offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org E6	`2024-07-27` - `2024-10-25`	3 months	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-04-30` - `2025-04-30`	a year	crt.sh

This page contains 1 frames:

Frame: https://vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/login
Frame ID: 96E22545967261EEECBC946952E80F05
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft Security

Page Statistics

3
Requests

67 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

55 kB
Transfer

57 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/OxJsCBxr?b=cGjQKg4&owla=Izsca2KoOVHSAqzMQnkMsHKNd HTTP 302
https://login.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/ HTTP 302
https://vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/login

3 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request OxJsCBxr Show response offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/	37 KB 38 KB	1448ms 19ms	Document text/html	136.144.164.242 TRANSIP-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/OxJsCBxr Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.144.164.242 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL), Reverse DNS 136-144-164-242.colo.transip.net Software / Resource Hash `7917d45b895e246b34eb5f74ddfd1fd0439dd3850d785ea977c614977d44af1f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, no-store Connection close Content-Type text/html Transfer-Encoding chunked
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	favicon_a_eupayfgghqiai7k9sol6lg2.ico aadcdn.msauth.net/shared/1.0/content/images/	17 KB 17 KB	219ms 53ms	Other image/x-icon	2620:1ec:bdf::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21` Request headers Referer https://offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 02 Aug 2024 14:06:51 GMT x-cache TCP_HIT x-fd-int-roxy-purgeid 0 content-length 17174 x-ms-lease-status unlocked last-modified Sun, 18 Oct 2020 03:02:03 GMT etag 0x8D8731230C851A6 x-azure-ref 20240802T140651Z-r185d5857fbcntmgb5hqbsawq4000000030g000000027c4x content-type image/x-icon access-control-allow-origin * x-ms-request-id b25e7ed0-c01e-0029-284c-e3fd22000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET		login vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/ Redirect Chain https://offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/OxJsCBxr?b=cGjQKg4&owla=Izsca2KoOVHSAqzMQnkMsHKNd https://login.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/ https://vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/login	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org
URL: https://vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/login

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/	1970-01-20 22:30:11	Name: 1822-b3aa Value: 8cd6bbf4dcd00bad96841b8124652d339aceeceb50062157b07e61fd2203cf04
login.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/	1970-01-20 23:13:19	Name: fpc Value: AtR2Ev06pYFKrdC5dQ_DfDw
.login.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYriqUxHez6-aZfgWB82uohN6GrmnT9FvC7lkCNdyZJbfBekqnNGAGH0KuaXjUTnrekPDGWKjXnyyoRYEDoJDk4BdGPf7kWU93ih_O58OE0HSjcaa2dBrHTFN2WaIHS7i1Imz_a6loIzekh3zI0WoLmNwIdekPJpMReAmnig_80vsgAA
login.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.hbgxmsfeehuzepnbtppbxnjy.duckdns.org/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org
vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org
vezzjxkd.hbgxmsfeehuzepnbtppbxnjy.duckdns.org
136.144.164.242
2620:1ec:bdf::44
7917d45b895e246b34eb5f74ddfd1fd0439dd3850d785ea977c614977d44af1f
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org Open in urlscan Pro 136.144.164.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

67 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

55 kBTransfer

57 kBSize

5 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

5 Cookies

Indicators

offic.hbgxmsfeehuzepnbtppbxnjy.duckdns.org Open in urlscan Pro
136.144.164.242 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

55 kB
Transfer

57 kB
Size

5
Cookies

3 HTTP transactions
1 data transactions