urlscan.io logo urlscan.io
SecurityTrails logo

login.session.secure.auth.cspucs.com Open in urlscan Pro
188.166.42.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://redirect.viglink.com/?u=https%3A%2F%2Fwww.highnoon.com.au%2F.....%2F%3Fpzone%3D4143526f6265727473406472686f72746f6e2e...
Effective URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764...
Submission: On February 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 188.166.42.231, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is login.session.secure.auth.cspucs.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 1st 2020. Valid for: 3 months.
This is the only time login.session.secure.auth.cspucs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.19.90.181 16509 (AMAZON-02)
1 2 13.210.183.26 16509 (AMAZON-02)
2 152.199.19.160 15133 (EDGECAST)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 22 188.166.42.231 14061 (DIGITALOC...)
24 4
1    52.19.90.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-90-181.eu-west-1.compute.amazonaws.com
redirect.viglink.com
2    13.210.183.26 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: awcp007.server-cpanel.com
www.highnoon.com.au
2    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
22    188.166.42.231 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: bizcloud-clarke.powertce.com
login.session.secure.auth.cspucs.com
Apex Domain
Subdomains		 Transfer
22 cspucs.com
login.session.secure.auth.cspucs.com
745 KB
2 ipapi.co
ipapi.co
676 B
2 aspnetcdn.com
ajax.aspnetcdn.com
173 KB
2 highnoon.com.au
www.highnoon.com.au
2 KB
1 viglink.com
redirect.viglink.com
536 B
24 5
Domain Requested by
22 login.session.secure.auth.cspucs.com 3 redirects www.highnoon.com.au
login.session.secure.auth.cspucs.com
2 ipapi.co ajax.aspnetcdn.com
2 ajax.aspnetcdn.com www.highnoon.com.au
login.session.secure.auth.cspucs.com
2 www.highnoon.com.au 1 redirects
1 redirect.viglink.com 1 redirects
24 5

This site contains no links.

Subject Issuer Validity Valid
highnoon.com.au
cPanel, Inc. Certification Authority		 2020-01-31 -
2020-04-30		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-13 -
2020-10-09		 a year crt.sh
login.session.secure.auth.cspucs.com
cPanel, Inc. Certification Authority		 2020-02-01 -
2020-05-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Frame ID: A9F218DBD54D17305F9A1CD2F4594EDF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://redirect.viglink.com/?u=https%3A%2F%2Fwww.highnoon.com.au%2F.....%2F%3Fpzone%3D4143526f6265727473... HTTP 302
    https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d Page URL
  2. https://www.highnoon.com.au/...../?jrFTWXsa8210219132=jrFTWXsa8210219132-324be8&pzone=4143526f6265727473... HTTP 302
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?rOnJNXIdz7BQTaWmA8vSH0ejyuxbPKVCFoD9EM6Ghsqic5Rl... HTTP 302
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQ... Page URL
  3. https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?sJZtGhmB8210219132=sJZtGhmB8210219132-... HTTP 302
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd38098604... HTTP 301
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd38098604... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

24
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

916 kB
Transfer

914 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://redirect.viglink.com/?u=https%3A%2F%2Fwww.highnoon.com.au%2F.....%2F%3Fpzone%3D4143526f6265727473406472686f72746f6e2e636f6d&cuid=prkk1fswmpz&key=fd5de1d096b38be9fffd6ddc1948df4f HTTP 302
    https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d Page URL
  2. https://www.highnoon.com.au/...../?jrFTWXsa8210219132=jrFTWXsa8210219132-324be8&pzone=4143526f6265727473406472686f72746f6e2e636f6d& HTTP 302
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?rOnJNXIdz7BQTaWmA8vSH0ejyuxbPKVCFoD9EM6Ghsqic5Rltfk32ZLw14gUYp=Aw5D6eb2HI0EdoiuM73nUTRNqPChpm1YzWQjcZ9VKg4LOBGtJl8SkfvFsxXyar&email=4143526f6265727473406472686f72746f6e2e636f6d&zenR3uDfQaXdCPV0hZ5rmyGtSLxi427vBWkTFU6KHE1jqYAN8gJOplbIsMo9cw=puVza2fY9APHUR1nlcoOIjdXKmLv7eEJMtwqkSWxTQBbshZNg4F38D65yCrG0i& HTTP 302
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q= Page URL
  3. https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?sJZtGhmB8210219132=sJZtGhmB8210219132-8c2096&email=4143526f6265727473406472686f72746f6e2e636f6d HTTP 302
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront HTTP 301
    https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://redirect.viglink.com/?u=https%3A%2F%2Fwww.highnoon.com.au%2F.....%2F%3Fpzone%3D4143526f6265727473406472686f72746f6e2e636f6d&cuid=prkk1fswmpz&key=fd5de1d096b38be9fffd6ddc1948df4f HTTP 302
  • https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Request Chain 3
  • https://www.highnoon.com.au/...../?jrFTWXsa8210219132=jrFTWXsa8210219132-324be8&pzone=4143526f6265727473406472686f72746f6e2e636f6d& HTTP 302
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?rOnJNXIdz7BQTaWmA8vSH0ejyuxbPKVCFoD9EM6Ghsqic5Rltfk32ZLw14gUYp=Aw5D6eb2HI0EdoiuM73nUTRNqPChpm1YzWQjcZ9VKg4LOBGtJl8SkfvFsxXyar&email=4143526f6265727473406472686f72746f6e2e636f6d&zenR3uDfQaXdCPV0hZ5rmyGtSLxi427vBWkTFU6KHE1jqYAN8gJOplbIsMo9cw=puVza2fY9APHUR1nlcoOIjdXKmLv7eEJMtwqkSWxTQBbshZNg4F38D65yCrG0i& HTTP 302
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.highnoon.com.au/...../
Redirect Chain
  • https://redirect.viglink.com/?u=https%3A%2F%2Fwww.highnoon.com.au%2F.....%2F%3Fpzone%3D4143526f6265727473406472686f72746f6e2e636f6d&cuid=prkk1fswmpz&key=fd5de1d096b38be9fffd6ddc1948df4f
  • https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
2 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.210.183.26 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
awcp007.server-cpanel.com
Software
Apache / PHP/5.3.29
Resource Hash
cbbef308610b6f02ca3ed5a516c192b56fd505bb95cd53b9b3b4a0dbea75c897

Request headers

Host
www.highnoon.com.au
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Wed, 12 Feb 2020 12:43:20 GMT
Server
Apache
X-Powered-By
PHP/5.3.29
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=60, private, must-revalidate
Content-Length
579
Keep-Alive
timeout=3, max=150
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Cache-Control
no-cache no-store
Date
Wed, 12 Feb 2020 12:43:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Pragma
no-cache
Set-Cookie
vglnk.PartnerRfsh.p=""; Domain=.viglink.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ vglnk.Agent.p=v-35c1623df08848c2341ada04a811a315; Domain=.viglink.com; Expires=Fri, 13-Mar-2020 12:43:18 GMT; Path=/
Content-Length
0
Connection
keep-alive
jquery-3.4.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Requested by
Host: www.highnoon.com.au
URL: https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B04) /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 12:43:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2019 17:22:26 GMT
server
ECAcc (ama/8B04)
age
17663767
etag
"c1ebe9218bf0d41:0"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
88151
x-xss-protection
1; mode=block
/
ipapi.co/org/ 		19 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/org/
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Origin
https://www.highnoon.com.au
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 12 Feb 2020 12:43:20 GMT
vary
Host, Origin
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
HEAD, POST, OPTIONS, OPTIONS, GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.highnoon.com.au
cf-ray
563ea5cd1bc51f41-FRA
content-length
19
inline.php
login.session.secure.auth.cspucs.com/.login.session.secure.auth/
Redirect Chain
  • https://www.highnoon.com.au/...../?jrFTWXsa8210219132=jrFTWXsa8210219132-324be8&pzone=4143526f6265727473406472686f72746f6e2e636f6d&
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?rOnJNXIdz7BQTaWmA8vSH0ejyuxbPKVCFoD9EM6Ghsqic5Rltfk32ZLw14gUYp=Aw5D6eb2HI0EdoiuM73nUTRNqPChpm1YzWQjcZ9VKg4LOBGtJl8SkfvFsxXya...
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwY...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
Requested by
Host: www.highnoon.com.au
URL: https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
b584c157e1930e71d8c37024f708aa8c9cf59f7b441e111665ec9aead905eee5

Request headers

Host
login.session.secure.auth.cspucs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://www.highnoon.com.au/...../?pzone=4143526f6265727473406472686f72746f6e2e636f6d

Response headers

Date
Wed, 12 Feb 2020 12:43:21 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 12 Feb 2020 12:43:21 GMT
Server
Apache
Location
inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery-3.4.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B04) /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 12:43:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2019 17:22:26 GMT
server
ECAcc (ama/8B04)
age
17663768
etag
"c1ebe9218bf0d41:0"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
88151
x-xss-protection
1; mode=block
/
ipapi.co/org/ 		19 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/org/
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 12 Feb 2020 12:43:21 GMT
vary
Host, Origin
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
POST, HEAD, OPTIONS, OPTIONS, GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://login.session.secure.auth.cspucs.com
cf-ray
563ea5d42f2e1f41-FRA
content-length
19
Primary Request /
login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/
Redirect Chain
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?sJZtGhmB8210219132=sJZtGhmB8210219132-8c2096&email=4143526f6265727473406472686f72746f6e2e636f6d
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43?764c47f97ee545d01ce29176322465553536313436303637313035333538...
  • https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce2917632246555353631343630363731303533353...
14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
61028284a3a4bf346dd5ec1674895a27877153f04df06b772afe03562fdcd085

Request headers

Host
login.session.secure.auth.cspucs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=.NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&email=4143526f6265727473406472686f72746f6e2e636f6d&loginpage=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=&reff=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=NDM4YzA3Zjg4NzQwYmE5NWJmMzc1MTQzZTBhYjFlM2Q=

Response headers

Date
Wed, 12 Feb 2020 12:43:21 GMT
Server
Apache
Keep-Alive
timeout=5, max=96
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 12 Feb 2020 12:43:21 GMT
Server
Apache
Location
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Content-Length
934
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
rdx.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ 		397 KB
397 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/rdx.css
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
f512b1c7b49a4d1af362ebd101a2051a6648a7a369a24c52534f38bbc63e1d83

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 20 Jan 2020 14:56:02 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
406447
base.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/base.css
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
86e7d27908a1e8f073270209229f4f71d57020f7a3b38327665abcfa99681448

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 20 Jan 2020 14:56:04 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
36215
citrix-fonts.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/citrix-fonts.css
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
13fc4b7a465f3458acaa898b644fca2092fc73ab128a166644ebe56f49debf2a

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 20 Jan 2020 14:56:04 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4720
custom.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/custom.css
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
dd27635d09c1176381ae00c210a5e412e00d1bf277cd5e3487a877a43be2cea0

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 20 Jan 2020 14:56:04 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3811
in_progress.gif
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.session.secure.auth.cspucs.com/vpn/js/rdx/core/images/in_progress.gif
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
new.outlook.web.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/new.outlook.web.png
Requested by
Host: login.session.secure.auth.cspucs.com
URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
feeda96e5bf1b1f1c836ca77fdfb0e27d17d7dbc16b6cf02ebca8580cccaca1f

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth676745a5fdd380986045b26e7da5749c43/?764c47f97ee545d01ce29176322465553536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735=3536313436303637313035333538343432333631343535303334393630303638373539353936353738353738373035363435383630313136313735&email=4143526f6265727473406472686f72746f6e2e636f6d&forfront=forfront
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 20 Jan 2020 14:56:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17131
css.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/ 		265 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/css.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
27a844eb767c3627787e795f39be4fc62e2ba7a2dad56f10604ab87c4ef948d7

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 27 Jan 2020 12:48:06 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
271430
citrixsans_regular.woff
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/citrixsans_regular.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/citrix-fonts.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
header_gradient.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/header_gradient.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/rdx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=94
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
oie_10214410XSsRriIV.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/oie_10214410XSsRriIV.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash
1614b958b010ac7f43ddd0252c599b9140fb998bf4586a8ef9f04bb015dd3015

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Last-Modified
Mon, 20 Jan 2020 14:56:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1273
citrixsans_semibold.woff
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/citrixsans_semibold.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/citrix-fonts.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
citrixsans_regular.ttf
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/citrixsans_regular.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/citrix-fonts.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
citrixsans_semibold.ttf
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/citrixsans_semibold.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/citrix-fonts.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
citrixsans_regular.woff
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/citrixsans_regular.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/rdx.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
citrixsans_semibold.woff
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/citrixsans_semibold.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/rdx.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
citrixsans_regular.ttf
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/citrixsans_regular.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/rdx.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
citrixsans_semibold.ttf
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/citrixsans_semibold.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.42.231 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bizcloud-clarke.powertce.com
Software
Apache /
Resource Hash

Request headers

Referer
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/rdx.css
Origin
https://login.session.secure.auth.cspucs.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 12:43:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies