urlscan.io logo urlscan.io
SecurityTrails logo

goldsmitt.com Open in urlscan Pro
132.148.221.136  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u10428269.ct.sendgrid.net/wf/click?upn=aXrlSCB8kK4YewFbmmCU-2FuwP2Fl0ryfDQ4gWDGTA8Uo4HrQEdjCeXx2ZH4n1ghzq_AT2O9swSS0KWjjRr...
Effective URL: https://goldsmitt.com/office365/
Submission: On June 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 47 HTTP transactions. The main IP is 132.148.221.136, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is goldsmitt.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 6th 2019. Valid for: 2 years.
This is the only time goldsmitt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.35 11377 (SENDGRID)
1 2 132.148.221.136 26496 (AS-26496-...)
3 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
15 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 40.77.226.250 8075 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 40.126.9.6 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.114.132.74 8075 (MICROSOFT...)
47 13
1    167.89.118.35 (United States)

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u10428269.ct.sendgrid.net
2    132.148.221.136 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-221-136.ip.secureserver.net
goldsmitt.com
3    2a02:26f0:f1:18c::37 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
mem.gfx.ms
15    2a02:26f0:6c00:28e::38f3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
wusofficehome.msocdn.com
2    2a02:26f0:6c00::210:ba0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
statics-uhf-wus.akamaized.net
4    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com
1    2a02:26f0:6c00::210:ba1b (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
img-prod-cms-rt-microsoft-com.akamaized.net
1    2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
statics-uhf-wus.akamaized.net
3    2a02:26f0:6c00:29d::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
c.s-microsoft.com
1    2a02:26f0:f1:191::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.microsoft.com
1    40.126.9.6 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.microsoftonline.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c1.microsoft.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c.bing.com
2    52.114.132.74 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com
Domain Requested by
15 wusofficehome.msocdn.com goldsmitt.com
4 web.vortex.data.microsoft.com goldsmitt.com
wusofficehome.msocdn.com
3 c.s-microsoft.com goldsmitt.com
3 statics-uhf-wus.akamaized.net goldsmitt.com
3 mem.gfx.ms goldsmitt.com
2 browser.pipe.aria.microsoft.com wusofficehome.msocdn.com
2 c1.microsoft.com 1 redirects
2 goldsmitt.com 1 redirects
1 c.bing.com 1 redirects
1 login.microsoftonline.com wusofficehome.msocdn.com
1 www.microsoft.com goldsmitt.com
1 img-prod-cms-rt-microsoft-com.akamaized.net goldsmitt.com
1 u10428269.ct.sendgrid.net 1 redirects
47 13
Subject Issuer Validity Valid
goldsmitt.com
Go Daddy Secure Certificate Authority - G2		 2019-06-06 -
2021-06-06		 2 years crt.sh
mem.gfx.ms
Microsoft IT TLS CA 2		 2018-02-05 -
2020-02-05		 2 years crt.sh
*.msocdn.com
Microsoft IT TLS CA 4		 2018-01-02 -
2020-01-02		 2 years crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-10-18 -
2019-10-18		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft IT TLS CA 5		 2018-01-30 -
2020-01-30		 2 years crt.sh
www.microsoft.com
Microsoft IT TLS CA 4		 2018-01-16 -
2020-01-16		 2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 1		 2018-09-24 -
2020-09-24		 2 years crt.sh
c.msn.com
Microsoft IT TLS CA 1		 2018-09-13 -
2020-09-13		 2 years crt.sh
*.events.data.microsoft.com
Microsoft IT TLS CA 2		 2017-11-07 -
2019-11-07		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://goldsmitt.com/office365/
Frame ID: EFC859C207725159CF0604355DB3C6A8
Requests: 48 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?wreply=https://www.office.com/&appid=4345a7b9-9a63-4910-a426-35363201d503
Frame ID: 9A47C0A0CC270A19FF2E4F53B1DB4B47
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u10428269.ct.sendgrid.net/wf/click?upn=aXrlSCB8kK4YewFbmmCU-2FuwP2Fl0ryfDQ4gWDGTA8Uo4HrQEdjCeXx2ZH4n1g... HTTP 302
    https://goldsmitt.com/office365 HTTP 301
    https://goldsmitt.com/office365/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

47
Requests

74 %
HTTPS

57 %
IPv6

9
Domains

13
Subdomains

13
IPs

4
Countries

517 kB
Transfer

1148 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u10428269.ct.sendgrid.net/wf/click?upn=aXrlSCB8kK4YewFbmmCU-2FuwP2Fl0ryfDQ4gWDGTA8Uo4HrQEdjCeXx2ZH4n1ghzq_AT2O9swSS0KWjjRr5fn9rSBvEfK-2F835Ci5ZaHoMdVGc68OXY-2Frrlo5fbiluzs71UXYOBhWlpIopy2AeExKLQu-2FHh2m-2BYrjJJT7DR9rWJ-2F8AobKbQ6l47d3Xz1P4-2B5PYtY5akbz8vqqvoMpJwJzFC1uF0YJB-2BYnjOCWQneUFllCgJOA7vvFUOlEjGCRO1u4jGDpjNXYs0zsPZN6TQLiB28g-3D-3D HTTP 302
    https://goldsmitt.com/office365 HTTP 301
    https://goldsmitt.com/office365/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A2C6480DC84F4CF29BE2D16B05F14A9D&RedC=c1.microsoft.com&MXFR=1B4C4C8F52116549216F41FC56116373 HTTP 302
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A2C6480DC84F4CF29BE2D16B05F14A9D&MUID=06B711F27FBE626739DC1C817BBE649D

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
goldsmitt.com/office365/
Redirect Chain
  • https://u10428269.ct.sendgrid.net/wf/click?upn=aXrlSCB8kK4YewFbmmCU-2FuwP2Fl0ryfDQ4gWDGTA8Uo4HrQEdjCeXx2ZH4n1ghzq_AT2O9swSS0KWjjRr5fn9rSBvEfK-2F835Ci5ZaHoMdVGc68OXY-2Frrlo5fbiluzs71UXYOBhWlpIopy2Ae...
  • https://goldsmitt.com/office365
  • https://goldsmitt.com/office365/
105 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
132.148.221.136 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-132-148-221-136.ip.secureserver.net
Software
Apache /
Resource Hash
0e8e9ba1b257d4c83230940c28c6583ca9198b7553d5a6842598fe309a0a80ae

Request headers

:method
GET
:authority
goldsmitt.com
:scheme
https
:path
/office365/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 06 Jun 2019 19:27:34 GMT
server
Apache
last-modified
Wed, 17 Apr 2019 06:30:33 GMT
etag
"220903-1a260-586b405cb5440-gzip"
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
16436
content-type
text/html

Redirect headers

status
301
date
Thu, 06 Jun 2019 19:27:33 GMT
server
Apache
location
https://goldsmitt.com/office365/
content-length
240
content-type
text/html; charset=iso-8859-1
segoeui_light.woff2
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_regular.woff2
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_semibold.woff2
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_semilight.woff2
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
meCore.min.js
mem.gfx.ms/me/MeControl/9.18275.0/en-US/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/MeControl/9.18275.0/en-US/meCore.min.js
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:18c::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
a5693840ce6d35ad3894fd9839a1ce5ccfc781eefd0688a865f63ea593fa4a72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 19:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 02:37:53 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12768
X-UA-Compatible
IE=edge
meBoot.min.js
mem.gfx.ms/me/MeControl/9.18275.0/en-US/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/MeControl/9.18275.0/en-US/meBoot.min.js
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:18c::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
aec8f974d2d598678f5e972f9c0452b2fdd6c390116f2a0bb5fc944b9027b58b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 19:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 02:37:53 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8120
X-UA-Compatible
IE=edge
unauth-cb054a4daf.css
wusofficehome.msocdn.com/bundles/ 		42 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wusofficehome.msocdn.com/bundles/unauth-cb054a4daf.css
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ace9b1695d000131663e54b09b1046abaec389351b3da19e07c932a40cfac09c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1554474561, 1558030800
content-length
23525
last-modified
Fri, 05 Apr 2019 00:05:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6cf03b8f-301e-0028-4bbb-eb4c90000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
sharedFontStyles-f545463dfd.css
wusofficehome.msocdn.com/bundles/ 		1 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wusofficehome.msocdn.com/bundles/sharedFontStyles-f545463dfd.css
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ed44e216bdae961289490f55f7ed92d5aa1134bd8b0b8cd0238bb8fdaeb73230
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1555468400, 1559412983
content-length
272
last-modified
Fri, 05 Apr 2019 00:05:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
280d82d2-301e-0105-80c5-f48905000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
51-6d3a1e
statics-uhf-wus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/ 		160 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-wus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3abc05cf7fcd206115a9f2871547be6a8649c34b2efc0d1f77441147a5a78bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id
800e6003a17f864b8dd3fdac612f1d55
Date
Thu, 06 Jun 2019 19:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2019-02-28T23:18:06
P3P
CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id
00000000-3e5d-4689-a2e7-6fe23e5c6574
Connection
keep-alive
MS-CV
SokEeciP/keMlt5G.0
Vary
Accept-Encoding
Content-Length
21538
X-XSS-Protection
1
Last-Modified
Thu, 28 Feb 2019 23:18:06 GMT
Server
Microsoft-IIS/10.0
X-Az
{did:-, rid: -, sn: uhf-wus-prod, dt: 2019-02-28T19:44:09.0780073Z, bt: 2019-02-27T00:18:04.0000000Z}
X-S1
2019-02-28T23:18:06
Access-Control-Allow-Methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23082638
Timing-Allow-Origin
*
X-AppVersion
1.0.6997.542
Expires
Fri, 28 Feb 2020 23:18:12 GMT
override.css
statics-uhf-wus.akamaized.net/statics/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-wus.akamaized.net/statics/override.css?c=7
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 06 Jun 2019 19:27:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 19:05:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6A19D82194196
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
5993af6b-501e-003c-7c8e-d38cb2000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
t.js
web.vortex.data.microsoft.com/collect/v1/ 		45 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272019-04-06T19%3A43%3A44.884Z%27&os=%27Windows%27&appId=%27JS%3Awww.office.com-unauth%27&*baseType=%27Ms.Content.PageView%27&-ver=%271.0%27&-impressionGuid=%2791d4b19a-c2e0-44a1-9d2b-40be3a9d28aa%27&-pageName=%27UnauthOhp%27&-uri=%27https%3A%2F%2Fwww.office.com%2F%27&-referrerUri=%27https%3A%2F%2Fwww.google.com%2F%27&-pageTags=%27%7B%22metaTags%22%3A%7B%22ver%22%3A%225%22%2C%22ms.lang%22%3A%22en%22%2C%22ms.loc%22%3A%22IN%22%2C%22ms.ocpub.assetid%22%3A%22UnauthOhp%22%2C%22ms.env%22%3A%22prod%22%2C%22ms.sitever%22%3A%225%22%2C%22ms.flightid%22%3A%22virtualappswipe%7Cfastsubstrate%7Cdirectinstall%7Crecommendedswipecf%22%7D%7D%27&-behavior=0&-resHeight=864&-resWidth=1536&-market=%27en-IN%27&*cookieEnabled=true&*flashInstalled=false&*cookies=%27MSFPC%3DGUID%3D46c4ce3b103b468fb0404e24d3ef39b8%26HASH%3D46c4%26LV%3D201904%26V%3D4%26LU%3D1554502360356%3B%27&*isJs=true&*title=%27Office%20365%20Login%20%7C%20Microsoft%20Office%27&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.1.0%27&ext-javascript-domain=%27www.office.com%27&ext-javascript-msfpc=%27GUID%3D46c4ce3b103b468fb0404e24d3ef39b8%26HASH%3D46c4%26LV%3D201904%26V%3D4%26LU%3D1554502360356%27&ext-user-localId=%27t%3A070B6CEAA2F16D6E1D3361DFA3BD6CD6%27
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 19:27:34 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
ExH0yrXAnEOU23qWNyIedQ.0
Content-Type
application/javascript
Content-Length
45
Expires
0
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cms-cdninvalkey
am:RE1Mu3b
date
Thu, 06 Jun 2019 19:27:34 GMT
x-aspnet-version
4.0.30319
x-source-length
4054
x-powered-by
ASP.NET
status
200
x-activityid
e14b30d4-f5fb-4257-9e8f-656ce0007669
content-location
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
x-deployment
a89a5014e89c41b7b60a64d7ee950637
content-length
4054
last-modified
Mon, 03 Jun 2019 01:25:20 GMT
server
Microsoft-IIS/10.0
x-datacenter
NorthEU
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=107884
x-instance
Resizer.Web_IN_2
timing-allow-origin
*
expires
Sat, 08 Jun 2019 01:25:38 GMT
hero-still-image-desktop.jpg
wusofficehome.msocdn.com/s/9b4a755b/Content/images/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/9b4a755b/Content/images/hero-still-image-desktop.jpg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
d89bb86fe481803aa172b1cd9a3993fe59f23cffcc938bd2b827c9d2e0997ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
content-length
158097
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:52 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
whatisoffice365-apps.svg
wusofficehome.msocdn.com/s/93c195ea/Content/images/ 		48 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/93c195ea/Content/images/whatisoffice365-apps.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
2cc93012d9521672b673c5ba6516c8c14545bf8a0c360101fc81fb2f5ef08e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
18324
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
whatisoffice365-desktop.svg
wusofficehome.msocdn.com/s/3d474670/Content/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/3d474670/Content/images/whatisoffice365-desktop.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
2d118489673523294b9508495dcbd741cb6a1b9904e386714ef5f0ce2b2dae48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
1496
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
whatisoffice365-devices.svg
wusofficehome.msocdn.com/s/7bc7c2c3/Content/images/ 		41 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/7bc7c2c3/Content/images/whatisoffice365-devices.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e294ff513ce1f0d15ae99d887d3bf236759ea8639e3f46df8f09f8a8d2984b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
5328
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
whatisoffice365-cloud.svg
wusofficehome.msocdn.com/s/ed4e324d/Content/images/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/ed4e324d/Content/images/whatisoffice365-cloud.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
03adaae97c2e84886a7a3aee1d3a603be518f870edbe8c4c332678e7a3342a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
2399
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
whatisoffice365-communication.svg
wusofficehome.msocdn.com/s/55f07fcf/Content/images/ 		23 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/55f07fcf/Content/images/whatisoffice365-communication.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
36943fad2df3e04ba5a4f6f79064f8ba96026857ffdfd0ea8b4a2a08966a40f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
4125
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
linkedin.svg
wusofficehome.msocdn.com/s/a81acccc/Content/images/ 		1 KB
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/a81acccc/Content/images/linkedin.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bf9578346260d4c6405e2d4e8066997964c3e3336edde6188c6e91e86eb31a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
616
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
facebook.svg
wusofficehome.msocdn.com/s/b3340616/Content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/b3340616/Content/images/facebook.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
39bcdfd243ddbabbba3b0e5891f10d8d85eb8faa29c63fe0303e30d0e7ee6f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
745
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:52 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
twitter.svg
wusofficehome.msocdn.com/s/9321b9bd/Content/images/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/9321b9bd/Content/images/twitter.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
099d88645d5c051b01e35bd64f58474ace99f185692dd8245b5a3b3c2e8bf4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
1123
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:54 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
instagram.svg
wusofficehome.msocdn.com/s/bcce9da3/Content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wusofficehome.msocdn.com/s/bcce9da3/Content/images/instagram.svg
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
8154b1e1c9cacc02391ffc8b8949764d60286f85be618b2ca575a1e907a49fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
1958
status
200
x-cache-start
1559847296
vary
Accept-Encoding
content-length
1294
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 May 2019 01:03:52 GMT
date
Thu, 06 Jun 2019 19:27:34 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jun 2020 18:54:56 GMT
unauth-vendor-b5e15713c1.js
wusofficehome.msocdn.com/bundles/ 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wusofficehome.msocdn.com/bundles/unauth-vendor-b5e15713c1.js
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ea6a668a4814c97bcbf65218ef96fa3ff0a56791fc83a38fab834f125ffdfe0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
72278
status
200
x-cache-start
1554474567, 1554546845, 1558764766
content-length
33809
last-modified
Fri, 05 Apr 2019 00:05:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4895460b-101e-0095-5bbb-eb5a1c000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
sharedScripts-5c45111535.js
wusofficehome.msocdn.com/bundles/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wusofficehome.msocdn.com/bundles/sharedScripts-5c45111535.js
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
79370d7e9b625ccfb78e0cc8f918ff7abc604f07684373f63bfcc947ad7e4050
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-cache-start
1555468375, 1559412983
content-length
14820
last-modified
Fri, 05 Apr 2019 00:05:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
280d4b3d-301e-0105-7cc5-f48905000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
unauth-49e566bfcb.js
wusofficehome.msocdn.com/bundles/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wusofficehome.msocdn.com/bundles/unauth-49e566bfcb.js
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28e::38f3 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f64687b2cf6a3bd34cf2da531b120ef5ae0a3002f9bb35078f3d14614c32b0fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
982875
status
200
x-cache-start
1555216765, 1556199640
content-length
17224
last-modified
Fri, 05 Apr 2019 00:05:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3c9ee730-501e-0077-7b7c-f2be6e000000
access-control-expose-headers
content-length
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
18-d72213
statics-uhf-wus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc01... 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-uhf-wus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/75-71ddfc/db-bc0148/dc-7e9864/78-4c7d22/9f-d154ca/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/32-6dafa3/93-283c2d/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/18-d72213?ver=2.0&iife=1
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ms-operation-id
9ac1dea978624735a42f71f997862fd8
Date
Thu, 06 Jun 2019 19:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-S2
2019-02-28T20:26:45
P3P
CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id
00000000-d0d9-4877-b70e-9815ce280c12
Connection
keep-alive
MS-CV
wzqy4lZHIku1Wlb1.0
Vary
Accept-Encoding
Content-Length
33384
X-XSS-Protection
1
Last-Modified
Thu, 28 Feb 2019 20:26:45 GMT
Server
Microsoft-IIS/10.0
X-Az
{did:-, rid: -, sn: uhf-wus-prod, dt: 2019-02-28T20:25:34.9097559Z, bt: 2019-02-27T00:18:04.0000000Z}
X-S1
2019-02-28T20:26:45
Access-Control-Allow-Methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23072356
Timing-Allow-Origin
*
X-AppVersion
1.0.6997.542
Expires
Fri, 28 Feb 2020 20:26:50 GMT
meversion
mem.gfx.ms/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=office&market=en-in&uhf=1
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:18c::37 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
630be020a11ef415429c1e1b6842b12061376554a2580923264c8c8cdebbd22b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 06 Jun 2019 19:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Type
application/javascript
Expires
Fri, 07 Jun 2019 02:58:51 GMT
Cache-Control
public, no-transform, max-age=86400
Connection
keep-alive
Content-Length
8876
X-UA-Compatible
IE=edge
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c81876e873c09b16821fbf22db91c76d99df502aaa3d934eb01714e7d4d21d3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://statics-uhf-wus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://goldsmitt.com

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
last-modified
Thu, 10 Jan 2019 23:01:34 GMT
access-control-allow-origin
*
etag
"dc2a306f38a9d41:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
status
200
cache-control
public, max-age=527580
accept-ranges
bytes
content-length
34052
expires
Wed, 12 Jun 2019 22:00:34 GMT
mwfmdl2-v3.07.woff
www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/mwfmdl2-v3.07.woff
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:191::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://statics-uhf-wus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://goldsmitt.com

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
status
200
x-activity-id
8e9c150c-e873-4e85-b320-3ae42805b5ed
tls_version
tls1.2
ms-cv
/9SnGqd2L0CnVKDg.0
content-length
22376
x-xss-protection
1
last-modified
Tue, 11 Dec 2018 05:55:06 GMT
x-az
{did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 5, sn: mwf-eus-prod, dt: 2018-12-07T13:58:13.9231850Z, bt: 2018-12-01T00:33:22.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=16194466
access-control-allow-headers
*
x-appversion
1.0.6909.1001
expires
Wed, 11 Dec 2019 05:55:20 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://goldsmitt.com

Response headers

Content-Type
application/octet-stream
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://statics-uhf-wus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://goldsmitt.com

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
last-modified
Thu, 10 Jan 2019 23:01:34 GMT
access-control-allow-origin
*
etag
"dc2a306f38a9d41:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
status
200
cache-control
public, max-age=527580
accept-ranges
bytes
content-length
29388
expires
Wed, 12 Jun 2019 22:00:34 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by
Host: goldsmitt.com
URL: https://goldsmitt.com/office365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://statics-uhf-wus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/e9-4413b1/4e-bb306d/a9-963a11/10-aee09b/51-465167/1d-9730ee/34-521645/51-6d3a1e?ver=2.0
Origin
https://goldsmitt.com

Response headers

date
Thu, 06 Jun 2019 19:27:34 GMT
last-modified
Thu, 10 Jan 2019 23:01:34 GMT
access-control-allow-origin
*
etag
"93f246f38a9d41:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
status
200
cache-control
public, max-age=527611
accept-ranges
bytes
content-length
30132
expires
Wed, 12 Jun 2019 22:01:05 GMT
segoeui_semibold.woff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_regular.woff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_light.woff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_semilight.woff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_semibold.tff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_regular.tff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_light.tff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
segoeui_semilight.tff
wusofficehome.msocdn.com/s/versionless/css/webfonts/ 		0
0
Cookie set savedusers
login.microsoftonline.com/ Frame 9A47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://www.office.com/&appid=4345a7b9-9a63-4910-a426-35363201d503
Requested by
Host: wusofficehome.msocdn.com
URL: https://wusofficehome.msocdn.com/bundles/unauth-vendor-b5e15713c1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.9.6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Host
login.microsoftonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://goldsmitt.com/office365/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://goldsmitt.com/office365/

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
x-ms-request-id
39eb99d2-7f78-44a7-b79c-a7dd23f7ed00
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
fpc=AoKqx-P37RVAgwUxMIrNCI0; expires=Sat, 06-Jul-2019 19:27:35 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAADCoMpjJXrxTq9VG9te-7FX4faF_HoiEMM4WK9GzAltirQ3LxwqNuLDyecyF9aWUrP6b6NBFhI1v9OtrHfJjvVW1ObQsWYwgrVazFpmO2LUK0LMgz3CNtbu_JNY4b-wyXW-eZ8ua3-OnNGE1oNhc9O8pldEwbQnM98h3kktjG_q3im96EJq0Qmw5--b0QToYHEgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=prod; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Date
Thu, 06 Jun 2019 19:27:35 GMT
Content-Length
1018
t.js
web.vortex.data.microsoft.com/collect/v1/ 		260 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272019-06-06T19%3A27%3A35.635Z%27&os=%27MacOS%27&appId=%27JS%3Awww.office.com-unauth%27&*baseType=%27Ms.Content.PageView%27&-ver=%271.0%27&-impressionGuid=%27216b2ae1-d978-4206-870c-fb2d228bbc58%27&-pageName=%27UnauthOhp%27&-uri=%27https%3A%2F%2Fgoldsmitt.com%2Foffice365%2F%27&-pageTags=%27%7B%22metaTags%22%3A%7B%22ver%22%3A%225%22%2C%22ms.lang%22%3A%22en%22%2C%22ms.loc%22%3A%22IN%22%2C%22ms.ocpub.assetid%22%3A%22UnauthOhp%22%2C%22ms.env%22%3A%22prod%22%2C%22ms.sitever%22%3A%225%22%2C%22ms.flightid%22%3A%22virtualappswipe%7Cfastsubstrate%7Cdirectinstall%7Crecommendedswipecf%22%7D%7D%27&-behavior=0&-resHeight=1200&-resWidth=1600&-market=%27en-IN%27&*cookieEnabled=true&*flashInstalled=false&*isJs=true&*title=%27Office%20365%20Login%20%7C%20Microsoft%20Office%27&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.1.0%27&ext-javascript-domain=%27goldsmitt.com%27
Requested by
Host: wusofficehome.msocdn.com
URL: https://wusofficehome.msocdn.com/bundles/unauth-49e566bfcb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b5c2bbe7ca1393349fb04aab20c6232c14764f05221b17856e25a0efb3d7abc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2019 19:27:35 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
vwwT7uXCPk6bLNL8xcPBmw.0
Content-Type
application/javascript
Content-Length
260
Expires
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: wusofficehome.msocdn.com
URL: https://wusofficehome.msocdn.com/bundles/unauth-49e566bfcb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://goldsmitt.com/office365/
Origin
https://goldsmitt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://goldsmitt.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: wusofficehome.msocdn.com
URL: https://wusofficehome.msocdn.com/bundles/unauth-49e566bfcb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://goldsmitt.com/office365/
Origin
https://goldsmitt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://goldsmitt.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
c.gif
c1.microsoft.com/
Redirect Chain
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A2C6480DC84F4CF29BE2D16B05F14A9D&RedC=c1.microsoft.com&MXFR=1B4C4C8F52116549216F41FC56116373
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A2C6480DC84F4CF29BE2D16B05F14A9D&MUID=06B711F27FBE626739DC1C817BBE649D
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A2C6480DC84F4CF29BE2D16B05F14A9D&MUID=06B711F27FBE626739DC1C817BBE649D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://goldsmitt.com/office365/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jun 2019 19:27:37 GMT
last-modified
Fri, 29 Mar 2019 20:38:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e71593696fe6d41:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status
200
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 06 Jun 2019 19:27:36 GMT
x-msedge-ref
Ref A: 251DA88F58B04BF9B9DC6B9C4927C5E6 Ref B: VIEEDGE0814 Ref C: 2019-06-06T19:27:37Z
x-powered-by
ASP.NET
location
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A2C6480DC84F4CF29BE2D16B05F14A9D&MUID=06B711F27FBE626739DC1C817BBE649D
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status
302
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=ea6758984c4b43529f9929667d8d3198-c52d4a8b-47fe-4fdf-99b8-5f897ff4e33b-7365&client-time-epoch-millis=1559849256630&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: wusofficehome.msocdn.com
URL: https://wusofficehome.msocdn.com/bundles/sharedScripts-5c45111535.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.132.74 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://goldsmitt.com/office365/
Origin
https://goldsmitt.com

Response headers

Date
Thu, 06 Jun 2019 19:27:37 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1842
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=ea6758984c4b43529f9929667d8d3198-c52d4a8b-47fe-4fdf-99b8-5f897ff4e33b-7365&client-time-epoch-millis=1559849258535&time-delta-to-apply-millis=1842
Requested by
Host: wusofficehome.msocdn.com
URL: https://wusofficehome.msocdn.com/bundles/sharedScripts-5c45111535.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.132.74 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://goldsmitt.com/office365/
Origin
https://goldsmitt.com

Response headers

Date
Thu, 06 Jun 2019 19:27:37 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
78
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_light.woff2
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_regular.woff2
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_semibold.woff2
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_semilight.woff2
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_semibold.woff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_regular.woff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_light.woff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_semilight.woff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_semibold.tff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_regular.tff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_light.tff
Domain
wusofficehome.msocdn.com
URL
https://wusofficehome.msocdn.com/s/versionless/css/webfonts/segoeui_semilight.tff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| MSA function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| isValidMsaUser function| isValidAadUser function| getAadData function| getMsaData function| getAadMsaData function| getAccount object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions boolean| enableConsoleLog boolean| msaFedEnabled function| $ function| jQuery object| StandaloneAriaLogger object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| HomePage object| awa string| behaviorKey object| DefaultSignInHandler string| signInUrl string| viewType object| myConfigOptions function| setShellOptions function| SendMeControlSignInEvent function| SetConsent object| shellOptions object| onShellReadyToLoad string| aadUserForgetUrlFormat object| MeControl function| MeControlDefine function| MeControlImport object| lazyImages number| lazyLoadAnimationId object| msCommonShell

4 Cookies

Domain/Path Name / Value
login.microsoftonline.com/ Name: stsservicecookie
Value: ests
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: prod
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAADCoMpjJXrxTq9VG9te-7FX4faF_HoiEMM4WK9GzAltirQ3LxwqNuLDyecyF9aWUrP6b6NBFhI1v9OtrHfJjvVW1ObQsWYwgrVazFpmO2LUK0LMgz3CNtbu_JNY4b-wyXW-eZ8ua3-OnNGE1oNhc9O8pldEwbQnM98h3kktjG_q3im96EJq0Qmw5--b0QToYHEgAA
login.microsoftonline.com/ Name: fpc
Value: AoKqx-P37RVAgwUxMIrNCI0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.pipe.aria.microsoft.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
goldsmitt.com
img-prod-cms-rt-microsoft-com.akamaized.net
login.microsoftonline.com
mem.gfx.ms
statics-uhf-wus.akamaized.net
u10428269.ct.sendgrid.net
web.vortex.data.microsoft.com
wusofficehome.msocdn.com
www.microsoft.com
wusofficehome.msocdn.com
132.148.221.136
167.89.118.35
2620:1ec:c11::200
2a02:26f0:6c00:28e::38f3
2a02:26f0:6c00:29d::356e
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba1b
2a02:26f0:6c00::210:ba20
2a02:26f0:f1:18c::37
2a02:26f0:f1:191::356e
40.126.9.6
40.77.226.250
52.114.132.74
52.142.114.2
03adaae97c2e84886a7a3aee1d3a603be518f870edbe8c4c332678e7a3342a3d
099d88645d5c051b01e35bd64f58474ace99f185692dd8245b5a3b3c2e8bf4a3
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
0e8e9ba1b257d4c83230940c28c6583ca9198b7553d5a6842598fe309a0a80ae
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
2cc93012d9521672b673c5ba6516c8c14545bf8a0c360101fc81fb2f5ef08e43
2d118489673523294b9508495dcbd741cb6a1b9904e386714ef5f0ce2b2dae48
36943fad2df3e04ba5a4f6f79064f8ba96026857ffdfd0ea8b4a2a08966a40f3
39bcdfd243ddbabbba3b0e5891f10d8d85eb8faa29c63fe0303e30d0e7ee6f04
3abc05cf7fcd206115a9f2871547be6a8649c34b2efc0d1f77441147a5a78bc8
3c81876e873c09b16821fbf22db91c76d99df502aaa3d934eb01714e7d4d21d3
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
55afd02f9ca1fe1b8d3705ef8eba7c9a8e2f0ba4b8d1ab8853a2a10fae9e4ac8
630be020a11ef415429c1e1b6842b12061376554a2580923264c8c8cdebbd22b
79370d7e9b625ccfb78e0cc8f918ff7abc604f07684373f63bfcc947ad7e4050
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
8154b1e1c9cacc02391ffc8b8949764d60286f85be618b2ca575a1e907a49fe1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a5693840ce6d35ad3894fd9839a1ce5ccfc781eefd0688a865f63ea593fa4a72
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd
ace9b1695d000131663e54b09b1046abaec389351b3da19e07c932a40cfac09c
aec8f974d2d598678f5e972f9c0452b2fdd6c390116f2a0bb5fc944b9027b58b
b5c2bbe7ca1393349fb04aab20c6232c14764f05221b17856e25a0efb3d7abc7
bf9578346260d4c6405e2d4e8066997964c3e3336edde6188c6e91e86eb31a42
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
d89bb86fe481803aa172b1cd9a3993fe59f23cffcc938bd2b827c9d2e0997ca4
e294ff513ce1f0d15ae99d887d3bf236759ea8639e3f46df8f09f8a8d2984b95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6a668a4814c97bcbf65218ef96fa3ff0a56791fc83a38fab834f125ffdfe0a
ed44e216bdae961289490f55f7ed92d5aa1134bd8b0b8cd0238bb8fdaeb73230
f64687b2cf6a3bd34cf2da531b120ef5ae0a3002f9bb35078f3d14614c32b0fe