0ffice365.pdf.keshington01.com Open in urlscan Pro
157.173.198.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://0ffice365.pdf.keshington01.com/
Submission Tags: @phishunt_io
Submission: On June 07 via api (June 7th 2024, 10:54:36 pm UTC) from DE — Scanned from GB

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 157.173.198.12, located in United Kingdom and belongs to NL-811-40021, US. The main domain is 0ffice365.pdf.keshington01.com.
TLS certificate: Issued by E6 on June 7th 2024. Valid for: 3 months.

This is the only time 0ffice365.pdf.keshington01.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	157.173.198.12 157.173.198.12	40021 (NL-811-40021) (NL-811-40021)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
17	4

12 157.173.198.12 (United Kingdom)

ASN40021 (NL-811-40021, US)
PTR: mail.caringhton01.com

0ffice365.pdf.keshington01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	keshington01.com 0ffice365.pdf.keshington01.com	3 MB
3	gstatic.com fonts.gstatic.com	48 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 461 fonts.googleapis.com — Cisco Umbrella Rank: 70	33 KB
17	3

	Domain	Requested by
12	0ffice365.pdf.keshington01.com	ajax.googleapis.com 0ffice365.pdf.keshington01.com
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	0ffice365.pdf.keshington01.com
1	ajax.googleapis.com	0ffice365.pdf.keshington01.com
17	4

This site contains no links.

Subject Issuer	Validity	Valid
0ffice365.pdf.keshington01.com E6	`2024-06-07` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://0ffice365.pdf.keshington01.com/
Frame ID: 23BC3A01B308F0862BC83BB2B65280BA
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Office 365 Share Point

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

2945 kB
Transfer

3123 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
0ffice365.pdf.keshington01.com/ 2 KB
1 KB 534ms
223ms Document
text/html 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://0ffice365.pdf.keshington01.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 54cc27e5639c5ca564a092fb75e9ee3fe3be9d0566f9a2b8647580da81d76c43

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 879
content-type: text/html
date: Fri, 07 Jun 2024 22:54:30 GMT
etag: "827-5cbad352-3609a6;br"
last-modified: Sat, 20 Apr 2019 08:07:46 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 209ms
38ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 11:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 11:23:12 GMT

GET
H2 200 index-home.html Show response
0ffice365.pdf.keshington01.com/ 4 KB
1 KB 126ms
124ms XHR
text/html 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://0ffice365.pdf.keshington01.com/index-home.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 3aece2fabae7970f2503bcd93e64d928fa985106082266e64c22740b8700c049

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: */*
Referer: https://0ffice365.pdf.keshington01.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 07:57:16 GMT
server: LiteSpeed
etag: "f89-5d8b1ddc-3609a5;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1070

GET
H2 404 favicon.ico
0ffice365.pdf.keshington01.com/ 1 KB
795 B 125ms
125ms Other
text/html 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://0ffice365.pdf.keshington01.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 22:54:31 GMT
content-encoding: gzip
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 style.css
0ffice365.pdf.keshington01.com/css/ 4 KB
1015 B 124ms
123ms Stylesheet
text/css 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://0ffice365.pdf.keshington01.com/css/style.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: fc980caf7a7593fee1cabca298f929c525035694be95eb7ce8839fed6191356c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
content-encoding: br
last-modified: Wed, 03 Jul 2019 07:06:56 GMT
server: LiteSpeed
etag: "f09-5d1c5410-36097c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 881
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H2 200 logo.jpg
0ffice365.pdf.keshington01.com/images/ 91 KB
91 KB 222ms
221ms Image
image/jpeg 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/logo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 285ac469f0d0ab686e2274df58bcffdf94e5ad2b772899a246b8fb0fc866d1b9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 18:43:56 GMT
server: LiteSpeed
etag: "16bf9-5d1ba5ec-360996;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 93177
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 215ms
62ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6953682c0ea668bba8f2d7259f4227f9edc14e69115084b7d9b7f32a177513b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 22:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:17:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 22:54:31 GMT

GET
H3 200 log-bg.jpg
0ffice365.pdf.keshington01.com/images/ 3 MB
3 MB 126ms
126ms Image
image/jpeg 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/log-bg.jpg
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 91e1b7521dd977cdc32b29eb4d71f81b0c0ff1a2d0edccb4a69edd999e6e4337

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 19:38:38 GMT
server: LiteSpeed
etag: "29c987-5d1bb2be-360995;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2738567
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H3 200 a.png
0ffice365.pdf.keshington01.com/images/ 17 KB
17 KB 249ms
249ms Image
image/png 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/a.png
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 41d625de6eecd85639aab5e2d01fa31bc941731dd1344fb2f26839206822dbeb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 20:12:16 GMT
server: LiteSpeed
etag: "4357-5d1bbaa0-360986;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 17239
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H3 200 b.png
0ffice365.pdf.keshington01.com/images/ 14 KB
14 KB 253ms
253ms Image
image/png 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/b.png
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 6f129365d3d9b96555cdbc4937b138fa47ae922b69809745cf9d0ff542545873

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 20:12:52 GMT
server: LiteSpeed
etag: "3877-5d1bbac4-360987;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 14455
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H3 200 c.png
0ffice365.pdf.keshington01.com/images/ 11 KB
11 KB 254ms
253ms Image
image/png 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/c.png
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: df2f47c480d388ae0a97de04a37b6c57fb676598507b2fbeff3dd363e44bc798

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 20:13:20 GMT
server: LiteSpeed
etag: "2a79-5d1bbae0-360988;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10873
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H3 200 d.png
0ffice365.pdf.keshington01.com/images/ 18 KB
18 KB 257ms
256ms Image
image/png 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/d.png
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 1d15606ba2e2e02d1167abdb56f7eea791522cea112312ac8fd4cf48dc7f9d9c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 20:13:52 GMT
server: LiteSpeed
etag: "4605-5d1bbb00-36098a;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 17925
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H3 200 e.png
0ffice365.pdf.keshington01.com/images/ 22 KB
22 KB 260ms
259ms Image
image/png 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/e.png
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 16d4df68f185821550402d87b01658239e15fe7a533f21a8bb585e39c7f4b44c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 20:14:14 GMT
server: LiteSpeed
etag: "5939-5d1bbb16-36098b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22841
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H3 200 f.png
0ffice365.pdf.keshington01.com/images/ 12 KB
12 KB 260ms
260ms Image
image/png 157.173.198.12
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0ffice365.pdf.keshington01.com/images/f.png
Requested by: Host: 0ffice365.pdf.keshington01.com
URL: https://0ffice365.pdf.keshington01.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.173.198.12 , United Kingdom, ASN40021 (NL-811-40021, US),
Reverse DNS: mail.caringhton01.com
Software: LiteSpeed /
Resource Hash: 22bb91ffbc860974aed90280564827a320f6e509d2a307ef1e1c58f1d5ec99b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://0ffice365.pdf.keshington01.com/css/style.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:54:31 GMT
last-modified: Tue, 02 Jul 2019 20:14:38 GMT
server: LiteSpeed
etag: "2fe8-5d1bbb2e-36098c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12264
expires: Fri, 14 Jun 2024 22:54:31 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 203ms
59ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://0ffice365.pdf.keshington01.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 19:47:36 GMT
x-content-type-options: nosniff
age: 11215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 19:47:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 194ms
194ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://0ffice365.pdf.keshington01.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 19:47:36 GMT
x-content-type-options: nosniff
age: 11215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 19:47:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 162ms
161ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://0ffice365.pdf.keshington01.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 19:47:36 GMT
x-content-type-options: nosniff
age: 11215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 19:47:36 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://0ffice365.pdf.keshington01.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ffice365.pdf.keshington01.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
157.173.198.12
2a00:1450:4001:801::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:829::200a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16d4df68f185821550402d87b01658239e15fe7a533f21a8bb585e39c7f4b44c
1d15606ba2e2e02d1167abdb56f7eea791522cea112312ac8fd4cf48dc7f9d9c
22bb91ffbc860974aed90280564827a320f6e509d2a307ef1e1c58f1d5ec99b0
285ac469f0d0ab686e2274df58bcffdf94e5ad2b772899a246b8fb0fc866d1b9
3aece2fabae7970f2503bcd93e64d928fa985106082266e64c22740b8700c049
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d625de6eecd85639aab5e2d01fa31bc941731dd1344fb2f26839206822dbeb
54cc27e5639c5ca564a092fb75e9ee3fe3be9d0566f9a2b8647580da81d76c43
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
6953682c0ea668bba8f2d7259f4227f9edc14e69115084b7d9b7f32a177513b8
6f129365d3d9b96555cdbc4937b138fa47ae922b69809745cf9d0ff542545873
91e1b7521dd977cdc32b29eb4d71f81b0c0ff1a2d0edccb4a69edd999e6e4337
df2f47c480d388ae0a97de04a37b6c57fb676598507b2fbeff3dd363e44bc798
fc980caf7a7593fee1cabca298f929c525035694be95eb7ce8839fed6191356c

0ffice365.pdf.keshington01.com Open in urlscan Pro 157.173.198.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

2945 kBTransfer

3123 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

0ffice365.pdf.keshington01.com Open in urlscan Pro
157.173.198.12 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

2945 kB
Transfer

3123 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions