0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com Open in urlscan Pro
212.224.88.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1
Effective URL:
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fwsfed%2Fpassive%3Flogi...
Submission: On August 25 via manual (August 25th 2022, 12:44:33 pm UTC) from CN — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 212.224.88.75, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com.
TLS certificate: Issued by R3 on August 18th 2022. Valid for: 3 months.

This is the only time 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1 1	103.8.25.22 103.8.25.22	132241 (SKSATECH1...) (SKSATECH1-MY SKSA TECHNOLOGY SDN BHD)
2 6	212.224.88.75 212.224.88.75	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
10	3

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

f-14b8f.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.8.25.22 (Malaysia) 1 redirects

ASN132241 (SKSATECH1-MY SKSA TECHNOLOGY SDN BHD, MY)
PTR: svr26.internet-webhosting.com

xcharlie.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.224.88.75 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

des.almecogroups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	almecogroups.com 2 redirects des.almecogroups.com 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com	107 KB
1	xcharlie.org 1 redirects xcharlie.org	492 B
1	web.app f-14b8f.web.app	542 B
10	3

	Domain	Requested by
4	des.almecogroups.com	1 redirects f-14b8f.web.app des.almecogroups.com
2	0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com	1 redirects des.almecogroups.com 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
1	xcharlie.org	1 redirects
1	f-14b8f.web.app
10	4

This site contains no links.

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2022-08-12` - `2022-11-10`	3 months	crt.sh
almecogroups.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Djonathan.lee%2540flex.com%26client-request-id%3D8fa768f1-a744-4822-bb01-dd91449008d6%26username%3Djonathan.lee%2540flex.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ-Zizvd1mu5LGb8e5Elwkc11YxKhM2Qv8CI-MLRsZJTKJZ-XmJJRmJeXo5qakOaTmpFSDpW0yC_kXpninhxW6pKalFiSWZ-XmPmLGrvcAi8IqFx4DZioODS4BBgkGB4QcL4yJWoMssbjXtFv4i67AkokJ266pqhlOs-pVR-m6GRRlBIc7a3kaOuek5pha-mVFZxeHJVcGR4e7aGe7aLpGhTj4hFfm2llaGE9iEJrAxnWJj-MDG2MHOMIud4QAn4wFehh98Szf9-vLj0sK3HgA1
Frame ID: D1BEDBF02889E37E93BD3D3E0E6E4BFA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1 Page URL
https://xcharlie.org/.dial.php?url=https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1 HTTP 302
https://des.almecogroups.com/?username=jonathan.lee@flex.com Page URL
https://des.almecogroups.com/?username=jonathan.lee@flex.com Page URL
https://des.almecogroups.com/?username=jonathan.lee@flex.com&sso_reload=true HTTP 302
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/app/office365/exkcxl4hi6TcQ6Kzv0x7/sso/wsfed/passive?login_hint=jonathan.lee... HTTP 302
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fws... Page URL

Page Statistics

10
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

106 kB
Transfer

353 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1 Page URL
https://xcharlie.org/.dial.php?url=https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1 HTTP 302
https://des.almecogroups.com/?username=jonathan.lee@flex.com Page URL
https://des.almecogroups.com/?username=jonathan.lee@flex.com Page URL
https://des.almecogroups.com/?username=jonathan.lee@flex.com&sso_reload=true HTTP 302
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/app/office365/exkcxl4hi6TcQ6Kzv0x7/sso/wsfed/passive?login_hint=jonathan.lee%40flex.com&client-request-id=8fa768f1-a744-4822-bb01-dd91449008d6&username=jonathan.lee%40flex.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ-Zizvd1mu5LGb8e5Elwkc11YxKhM2Qv8CI-MLRsZJTKJZ-XmJJRmJeXo5qakOaTmpFSDpW0yC_kXpninhxW6pKalFiSWZ-XmPmLGrvcAi8IqFx4DZioODS4BBgkGB4QcL4yJWoMssbjXtFv4i67AkokJ266pqhlOs-pVR-m6GRRlBIc7a3kaOuek5pha-mVFZxeHJVcGR4e7aGe7aLpGhTj4hFfm2llaGE9iEJrAxnWJj-MDG2MHOMIud4QAn4wFehh98Szf9-vLj0sK3HgA1 HTTP 302
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Djonathan.lee%2540flex.com%26client-request-id%3D8fa768f1-a744-4822-bb01-dd91449008d6%26username%3Djonathan.lee%2540flex.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ-Zizvd1mu5LGb8e5Elwkc11YxKhM2Qv8CI-MLRsZJTKJZ-XmJJRmJeXo5qakOaTmpFSDpW0yC_kXpninhxW6pKalFiSWZ-XmPmLGrvcAi8IqFx4DZioODS4BBgkGB4QcL4yJWoMssbjXtFv4i67AkokJ266pqhlOs-pVR-m6GRRlBIc7a3kaOuek5pha-mVFZxeHJVcGR4e7aGe7aLpGhTj4hFfm2llaGE9iEJrAxnWJj-MDG2MHOMIud4QAn4wFehh98Szf9-vLj0sK3HgA1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://xcharlie.org/.dial.php?url=https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1 HTTP 302
https://des.almecogroups.com/?username=jonathan.lee@flex.com

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1 Show response
f-14b8f.web.app/ 438 B
542 B 60ms
37ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d10372f9e59e7abd834fb2f6876eb9ec4aa52dcb4b0fe0f00a8ab6121bc18baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 178
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 12:44:27 GMT
etag: "9e97c583edcaa061e649c8eeb49dd74b44e6e757f65064c8366fee8282496e63-br"
last-modified: Wed, 24 Aug 2022 01:47:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra19175-FRA
x-timer: S1661431467.229806,VS0,VE1

GET
H2

200

/ Show response
des.almecogroups.com/
Redirect Chain

https://xcharlie.org/.dial.php?url=https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1
https://des.almecogroups.com/?username=jonathan.lee@flex.com

56 KB
21 KB

129ms
73ms

Document
text/html

212.224.88.75
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Requested by: Host: f-14b8f.web.app
URL: https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.224.88.75 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 8e11eb9f27670fbc5b0c8936d5ecb139e01a306e991e36b8832d6d32ab8e757f

Request headers

Referer: https://f-14b8f.web.app/jH05nathand0TlQ3bQ3b07xflQ3bxd0TR3wH05nZ1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 12:44:29 GMT
server: nginx/1.21.6
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Encoding: br
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Aug 2022 12:44:29 GMT
Keep-Alive: timeout=5, max=100
Location: https://des.almecogroups.com/?username=jonathan.lee@flex.com#/common/oauth2/authorize?client_id=0.018535143704403-0ff1-0.24065886495666&auth=1-0.90291466093758
Server: Pyxsoft Pxshield
Upgrade: h2,h2c
Vary: Accept-Encoding
X-Origin-Time-Delay: 349.013597ms
X-Server-Mode: proxied

POST
H2 200 / Show response
des.almecogroups.com/ 189 B
367 B 81ms
80ms Fetch
application/json 212.224.88.75
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Requested by: Host: des.almecogroups.com
URL: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.224.88.75 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 6c67dd2b3d09d09e28fc271d6d50c1215f1b8c3c86e5ff16814cbc3f54a00a0b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 12:44:30 GMT
content-encoding: gzip
server: nginx/1.21.6
access-control-allow-headers: *
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
des.almecogroups.com/ 279 KB
83 KB 383ms
383ms Document
text/html 212.224.88.75
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Requested by: Host: des.almecogroups.com
URL: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.224.88.75 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 30ed5751d93ad0304f6c4e8ff7739c696be688521f45ac98d7c8cb4965062e49

Request headers

Referer: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 12:44:30 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://42b0091d-603d-4921-aa94-799184751cb1-22ed5c79.almecogroups.com/api/report?catId=GW+estsfd+ams2"}]}
server: nginx/1.21.6
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.13481.11 - NEULR2 ProdSlices
x-ms-request-id: 6b29192b-b6e3-4715-8f9b-ed2f0df65100

GET
H2

200

Primary Request login.htm
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/
Redirect Chain

https://des.almecogroups.com/?username=jonathan.lee@flex.com&sso_reload=true
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/app/office365/exkcxl4hi6TcQ6Kzv0x7/sso/wsfed/passive?login_hint=jonathan.lee%40flex.com&client-request-id=8fa768f1-a744-4822-b...
https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Djonathan.lee%2540flex...

18 KB
0

634ms
634ms

Document
text/html

212.224.88.75
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Djonathan.lee%2540flex.com%26client-request-id%3D8fa768f1-a744-4822-bb01-dd91449008d6%26username%3Djonathan.lee%2540flex.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ-Zizvd1mu5LGb8e5Elwkc11YxKhM2Qv8CI-MLRsZJTKJZ-XmJJRmJeXo5qakOaTmpFSDpW0yC_kXpninhxW6pKalFiSWZ-XmPmLGrvcAi8IqFx4DZioODS4BBgkGB4QcL4yJWoMssbjXtFv4i67AkokJ266pqhlOs-pVR-m6GRRlBIc7a3kaOuek5pha-mVFZxeHJVcGR4e7aGe7aLpGhTj4hFfm2llaGE9iEJrAxnWJj-MDG2MHOMIud4QAn4wFehh98Szf9-vLj0sK3HgA1
Requested by: Host: des.almecogroups.com
URL: https://des.almecogroups.com/?username=jonathan.lee@flex.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.224.88.75 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://des.almecogroups.com/?username=jonathan.lee@flex.com#/common/oauth2/authorize?client_id=0.018535143704403-0ff1-0.24065886495666&auth=1-0.90291466093758
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-language: de
content-type: text/html;charset=utf-8
date: Thu, 25 Aug 2022 12:44:33 GMT
expect-ct: report-uri="https://c60539cf-06e0-4c73-935a-98ad367930e1-22ed5c79.almecogroups.com/r/t/ct/reportOnly", max-age=0
p3p: CP="HONK"
pragma: no-cache
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://6374e70e-ad46-4484-b0ff-485ccf2c66aa-22ed5c79.almecogroups.com/r/default/hpkp/reportOnly"
server: nginx/1.21.6
vary: Accept-Encoding Accept-Encoding
x-okta-request-id: YwdusUiAsNIpGgPP_NAimwAABdg
x-rate-limit-limit: 1200
x-rate-limit-remaining: 1109
x-rate-limit-reset: 1661431491
x-robots-tag: noindex,nofollow
x-ua-compatible: IE=edge

Redirect headers

access-control-allow-headers: *
access-control-allow-origin: *
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 12:44:33 GMT
location: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkcxl4hi6TcQ6Kzv0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Djonathan.lee%2540flex.com%26client-request-id%3D8fa768f1-a744-4822-bb01-dd91449008d6%26username%3Djonathan.lee%2540flex.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ-Zizvd1mu5LGb8e5Elwkc11YxKhM2Qv8CI-MLRsZJTKJZ-XmJJRmJeXo5qakOaTmpFSDpW0yC_kXpninhxW6pKalFiSWZ-XmPmLGrvcAi8IqFx4DZioODS4BBgkGB4QcL4yJWoMssbjXtFv4i67AkokJ266pqhlOs-pVR-m6GRRlBIc7a3kaOuek5pha-mVFZxeHJVcGR4e7aGe7aLpGhTj4hFfm2llaGE9iEJrAxnWJj-MDG2MHOMIud4QAn4wFehh98Szf9-vLj0sK3HgA1
p3p: CP="HONK"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://6374e70e-ad46-4484-b0ff-485ccf2c66aa-22ed5c79.almecogroups.com/r/default/hpkp/reportOnly"
server: nginx/1.21.6
x-okta-request-id: YwdusOQwPpLp2vCwmlqMKAAAD3U

GET okta-sign-in.min.js
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/assets/js/sdk/okta-signin-widget/6.6.1/js/ 0
0

GET okta-sign-in.min.css
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/assets/js/sdk/okta-signin-widget/6.6.1/css/ 0
0

GET loginpage-theme.6ca7f7a516a56275837982a82a0a7533.css
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/assets/loginpage/css/ 0
0

GET style-sheet
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/api/internal/brand/theme/ 0
0

GET gfsa2vo23bcdUiNMC2p7
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/fs/bcg/4/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
URL: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/assets/js/sdk/okta-signin-widget/6.6.1/js/okta-sign-in.min.js

Domain: 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
URL: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/assets/js/sdk/okta-signin-widget/6.6.1/css/okta-sign-in.min.css

Domain: 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
URL: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/assets/loginpage/css/loginpage-theme.6ca7f7a516a56275837982a82a0a7533.css

Domain: 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
URL: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=28d025743b8fc0765a7cfe4c08fdf2a9

Domain: 0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
URL: https://0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com/fs/bcg/4/gfsa2vo23bcdUiNMC2p7

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.almecogroups.com/	1970-01-20 05:52:07	Name: __9H1M Value: MjJlZDVjNzktNTg2Yy00MzZlLTg5MjUtNDE1OTEzODY0NmQzOjllYzRjNjIzLTVhN2UtNDE0Yi1iZmQ3LTkwNTMxNzM3Nzc0Mw==
.des.almecogroups.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
des.almecogroups.com/	1970-01-20 05:30:31	Name: SSOCOOKIEPULLED Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
des.almecogroups.com
f-14b8f.web.app
xcharlie.org
0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com
103.8.25.22
212.224.88.75
2620:0:890::100
30ed5751d93ad0304f6c4e8ff7739c696be688521f45ac98d7c8cb4965062e49
6c67dd2b3d09d09e28fc271d6d50c1215f1b8c3c86e5ff16814cbc3f54a00a0b
8e11eb9f27670fbc5b0c8936d5ecb139e01a306e991e36b8832d6d32ab8e757f
d10372f9e59e7abd834fb2f6876eb9ec4aa52dcb4b0fe0f00a8ab6121bc18baa

0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com Open in urlscan Pro 212.224.88.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

50 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

106 kBTransfer

353 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

0b268afa-9322-4eee-ad37-22cdf51606da-22ed5c79.almecogroups.com Open in urlscan Pro
212.224.88.75 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

106 kB
Transfer

353 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions