Submitted URL: http://nixdev.cz/Qfn63sN
Effective URL: https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s=
Submission: On May 22 via manual from US — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 162.33.179.235, located in Chicago, United States and belongs to BLNWX, US. The main domain is meheff.dckoi.com.
TLS certificate: Issued by R3 on May 22nd 2024. Valid for: 3 months.
This is the only time meheff.dckoi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2a00:1ed0:150... 43541 (VSHOSTING)
1 3 162.33.179.235 399629 (BLNWX)
2 2
Apex Domain
Subdomains
Transfer
3 dckoi.com
meheff.dckoi.com
78 KB
2 nixdev.cz
nixdev.cz
737 B
2 2
Domain Requested by
3 meheff.dckoi.com 1 redirects
2 nixdev.cz 2 redirects
2 2

This site contains no links.

Subject Issuer Validity Valid
meheff.dckoi.com
R3
2024-05-22 -
2024-08-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s=
Frame ID: 036F5C5B76B028F43E24ED5C00F11F79
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Download File

Page URL History Show full URLs

  1. http://nixdev.cz/Qfn63sN HTTP 307
    https://nixdev.cz/Qfn63sN HTTP 307
    http://nixdev.cz/Qfn63sN HTTP 301
    https://nixdev.cz/Qfn63sN HTTP 302
    https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s= Page URL

Page Statistics

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

78 kB
Transfer

126 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nixdev.cz/Qfn63sN HTTP 307
    https://nixdev.cz/Qfn63sN HTTP 307
    http://nixdev.cz/Qfn63sN HTTP 301
    https://nixdev.cz/Qfn63sN HTTP 302
    https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://meheff.dckoi.com/favicon.ico HTTP 302
  • https://meheff.dckoi.com/owa/favicon.ico

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request XV2PZ13KL2114&45s=
meheff.dckoi.com/view/Encryption/
Redirect Chain
  • http://nixdev.cz/Qfn63sN
  • https://nixdev.cz/Qfn63sN
  • http://nixdev.cz/Qfn63sN
  • https://nixdev.cz/Qfn63sN
  • https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s=
68 KB
69 KB
Document
General
Full URL
https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.33.179.235 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
/
Resource Hash
d285f14e3ef6100112ecb4560674327fcc9e2994c955a53ec7214596189f8143

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 May 2024 16:44:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s=
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
truncated
/
48 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8865d2dbc9c0d28fae96beaacc73b7cba36e7d26f64f268b998080d7eb75a4dd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a50c416939808df52012d853b03a71734b6c2cfd88a0893eaeb81d3b11c7fe58

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
meheff.dckoi.com/owa/
Redirect Chain
  • https://meheff.dckoi.com/favicon.ico
  • https://meheff.dckoi.com/owa/favicon.ico
8 KB
9 KB
Other
General
Full URL
https://meheff.dckoi.com/owa/favicon.ico
Protocol
HTTP/1.1
Server
162.33.179.235 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://meheff.dckoi.com/view/Encryption/XV2PZ13KL2114&45s=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

X-Beserver
CY4PR03MB3253
Date
Wed, 22 May 2024 16:44:56 GMT
X-Backendhttpstatus
200, 200
X-Proxy-Backendserverstatus
200
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-Backend-End
2024-05-22T16:44:57.424
X-Rum-Notupdatequerieddbcopy
1
X-Calculatedfetarget
CY5PR17CU002.internal.outlook.com
X-Feserver
CY5PR17CA0039, CH0PR03CA0305
Transfer-Encoding
chunked
X-Feproxyinfo
CH0PR03CA0305.NAMPRD03.PROD.OUTLOOK.COM
X-Rum-Validated
1
Connection
close
Request-Id
b56198ce-89f8-e068-d01b-3802030972d3
Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
X-Backend-Begin
2024-05-22T16:44:57.424
X-Ua-Compatible
IE=EmulateIE7
Last-Modified
Fri, 10 May 2024 09:08:10 GMT
Server
Microsoft-IIS/10.0
X-Calculatedbetarget
CY4PR03MB3253.namprd03.PROD.OUTLOOK.COM
Etag
"0f93494b9a2da1:0"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MDW&RemoteIP=162.33.179.0&Environment="}],"include_subdomains":true}
Content-Type
image/x-icon
X-Rum-Notupdatequeriedpath
1
Cache-Control
public,max-age=2592000
Access-Control-Allow-Credentials
true
X-Diaginfo
CY4PR03MB3253
X-Proxy-Routingcorrectness
1
X-Firsthopcafeefz
MDW
Accept-Ranges
bytes
X-Feefzinfo
MDW

Redirect headers

Date
Wed, 22 May 2024 16:44:56 GMT
Server
Microsoft-IIS/10.0
X-Feserver
CH0PR03CA0305
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Location
https://meheff.dckoi.com/owa/favicon.ico
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
X-Feproxyinfo
CH0PR03CA0305.NAMPRD03.PROD.OUTLOOK.COM
Connection
close
Ms-Cv
8yeOy8SnQwgkP2nw16iPNg.0
Request-Id
cb8e27f3-a7c4-0843-243f-69f0d7a88f36
X-Feefzinfo
MDW

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
nixdev.cz/ Name: PHPSESSID
Value: 2ebb28e539612859e86b04ee0310e6af
.dckoi.com/ Name: 5b4d-7328
Value: 0e196994fe9e5edda2a3263643003084893390bec9f94b303e0cdebb47d2dfe5
meheff.dckoi.com/ Name: ClientId
Value: 1724748CF4D94B95A0A3090D53F70BB0
meheff.dckoi.com/ Name: OIDC
Value: 1