login.barryxxywor.com Open in urlscan Pro
167.99.44.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz
Effective URL:
https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true
Submission: On May 27 via automatic, source openphish (May 27th 2023, 1:05:49 am UTC) — Scanned from NL

Summary HTTP 70 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 70 HTTP transactions. The main IP is 167.99.44.15, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is login.barryxxywor.com.
TLS certificate: Issued by R3 on May 25th 2023. Valid for: 3 months.

This is the only time login.barryxxywor.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
33	167.99.44.15 167.99.44.15		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
70	2

33 167.99.44.15 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

login.barryxxywor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.barryxxywor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2b988e29-cf09b9d1.barryxxywor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1c8eafad-cf09b9d1.barryxxywor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
22b5d42b-cf09b9d1.barryxxywor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	barryxxywor.com login.barryxxywor.com live.barryxxywor.com 2b988e29-cf09b9d1.barryxxywor.com 1c8eafad-cf09b9d1.barryxxywor.com 22b5d42b-cf09b9d1.barryxxywor.com	1 MB
70	1

	Domain	Requested by
18	22b5d42b-cf09b9d1.barryxxywor.com	1c8eafad-cf09b9d1.barryxxywor.com
8	2b988e29-cf09b9d1.barryxxywor.com	login.barryxxywor.com 2b988e29-cf09b9d1.barryxxywor.com
4	login.barryxxywor.com	login.barryxxywor.com
2	1c8eafad-cf09b9d1.barryxxywor.com	2b988e29-cf09b9d1.barryxxywor.com 1c8eafad-cf09b9d1.barryxxywor.com
1	live.barryxxywor.com	login.barryxxywor.com
70	5

This site contains links to these domains. Also see Links.

Domain
live.barryxxywor.com
wwwms.barryxxywor.com
4a9fef6f-cf09b9d1.barryxxywor.com

Subject Issuer	Validity	Valid
barryxxywor.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true
Frame ID: 152E448B31ECF7045F7F974BABAB8019
Requests: 15 HTTP requests in this frame

Frame: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx
Frame ID: 6CD5B048E8AF380D98B899D86DF7F10E
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aanmelden bij uw account

Page URL History Show full URLs

https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz Page URL
https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz Page URL
https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

47 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

2
IPs

1
Countries

1118 kB
Transfer

4155 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://live.barryxxywor.com/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.barryxxywor.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATkdHoLxXfre8zSM523sHDayVmMnPE5mWVglasYlQkbp3-BkfEFI-MkJrmqtNK05KTUVIeUpMrKssS0pMTU0rTUqqTERL2UpKpbTIL-RemeKeHFbqkpqUWJJZn5eY-YCWi6wCLwioXHgNmKg4NLgEGCQYHhBwvjIlagu-2bk7I4Jl7zWffStT3eUIDhFKt-UGBoultSapRBSHCqb0lyVHF6ZWB2nk-JkXa2Z3GKRZB5iWF4ZJFBQHpQtq25leEENqEJbEyn2Bg-sDF2sDPMYmc4wMm4gYfxAC_DD76rh341vTh5_a3HK36ddIuUcKfiqryU_PLASsdy76Jw0wKftEpzXx9nb8Miz2B9_Yog_0ozowyPSFsA0&login_hint=zfufcbee%40dbyyvafbaeufezbaa.dbz&estsfed=1&uaid=718d2c1ebb17482f9a2e359ea17196c9&signup=1&lw=1&fl=easi2&fci=https%3a%2f%2f1c8eafad-cf09b9d1.barryxxywor.com.orgid.com
Title: Maak nu een account

Search URL Search Domain Scan URL

URL: https://wwwms.barryxxywor.com/nl-NL/servicesagreement/
Title: Gebruiksvoorwaarden

Search URL Search Domain Scan URL

URL: https://4a9fef6f-cf09b9d1.barryxxywor.com/nl-NL/privacystatement
Title: Privacy en cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz Page URL
https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz Page URL
https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
login.barryxxywor.com/ 416 KB
164 KB 292ms
205ms Document
text/html 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c70e7f7d7dbb755c0d43b359077115b255f8250bde13ae6118e93d6bfad33972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 27 May 2023 01:05:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 858 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19b8ee66ab60c45d5d24988d090b61c938b44c2ee9a5f8558335b27a2f315072

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64c2019b369b4f3b45009d1740f4c7ae0856bb2608aea7d7628b78f43cecb3fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
login.barryxxywor.com/ 202 B
344 B 99ms
99ms Fetch
application/json 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz

Requested by

Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dae2e8b71caaa34eb681c30fc17168001dd1c792d3ea2ae4cd4174a9edfcd18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 27 May 2023 01:05:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
login.barryxxywor.com/ 462 KB
157 KB 614ms
614ms Document
text/html 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz

Requested by

Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

117721433c71b9a35c3833a0238114189a427d5b5b85386a9101060a0f221380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 27 May 2023 01:05:45 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://739a9198-cf09b9d1.barryxxywor.com/api/report?catId=GW+estsfd+ams2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - WEULR1 ProdSlices
x-ms-request-id: 39ebcd7a-0ce3-40c2-91ba-9e3276681000

GET
H2 200 Primary Request / Show response
login.barryxxywor.com/ 509 KB
153 KB 1026ms
1025ms Document
text/html 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true

Requested by

Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cec1d7a3ac9534aae6597466d3c241d57d02e2518da1ba3f5e7640df857957d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 27 May 2023 01:05:46 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://739a9198-cf09b9d1.barryxxywor.com/api/report?catId=GW+estsfd+ams2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - NEULR1 ProdSlices
x-ms-request-id: 6a62833f-9108-4cd6-aee9-45875f311000

GET
H2 200 Me.htm
live.barryxxywor.com/ 0
0 1239ms
1180ms Other
text/html 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://live.barryxxywor.com/Me.htm?v=3
Requested by: Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Show response
2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/ 410 KB
114 KB 1194ms
1089ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Requested by

Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9ea5de698667358de44f06f2962259a174dfc079b215b27bf64aab07ce6ba2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.barryxxywor.com/
Origin: https://login.barryxxywor.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 01 May 2023 23:52:42 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0a1dxZAAAAAAU12gI1PuNS6DE3VFKg/ExQU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9f7104e5-b01e-0068-5908-902d40000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js Show response
2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/asyncchunk/ 108 KB
32 KB 289ms
288ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js

Requested by

Host: 2b988e29-cf09b9d1.barryxxywor.com
URL: https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ee2cf5e4d58ffa8453d6357c6f937c279d14369369917e36dc6d452f73f91600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 26 Apr 2023 03:42:36 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0bFdxZAAAAAAyH/KPs8m5TqCODpv4tSMiQU1TMDRFREdFMTkxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 59086165-001e-003f-7063-8f9f7d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 Prefetch.aspx Show response
1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/ Frame 6CD5 11 KB
3 KB 314ms
258ms Document
text/html 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Requested by

Host: 2b988e29-cf09b9d1.barryxxywor.com
URL: https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5f3b2359218785ec450e6583a9c0755d25f1494df47ae037376801a89bddb02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.barryxxywor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache,no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 27 May 2023 01:05:48 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ua-compatible: IE=Edge

GET
H2 200 converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css
2b988e29-cf09b9d1.barryxxywor.com/ests/2.1/content/cdnbundles/ 0
20 KB 395ms
394ms Other
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/ests/2.1/content/cdnbundles/converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css

Requested by

Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 10 May 2023 02:52:54 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 20230527T010548Z-ynp7hqpah164mbud6h8mhu3yns00000002rg00000000p9cv
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d13eacb4-001e-0087-7f97-8bb128000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-nl.min_oldcpp6psoctkq-dbehzyq2.js
2b988e29-cf09b9d1.barryxxywor.com/ests/2.1/content/cdnbundles/ 0
15 KB 410ms
409ms Other
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_oldcpp6psoctkq-dbehzyq2.js

Requested by

Host: login.barryxxywor.com
URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 01 May 2023 22:09:49 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 20230527T010548Z-ynp7hqpah164mbud6h8mhu3yns00000002r000000000vqd1
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8bfa8983-001e-006b-5d92-885046000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 244ms
244ms Image
image/svg+xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 20230527T010548Z-72wy862t5h7e12f4nkhpd0t3a400000002qg00000000gyqz
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5d2eebbd-e01e-0049-3c93-869771000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/images/ 4 KB
2 KB 199ms
198ms Image
image/svg+xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0bFdxZAAAAAD2HYqOylb3QYMQmE1TNUj2QU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5906bf18-001e-003f-2862-8f9f7d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 embeddedfonts.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 3 KB
1 KB 573ms
531ms Stylesheet
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/embeddedfonts.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

98c0385f1a6817e57c8c4a2c0a2610c963a06b722ac4fbe34f674d629fa0d6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16987
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:31 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=170196076628889026004626666626989693991"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 73f9cc7c-b01e-003b-080f-908f65000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 admin.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/admin/css/ Frame 6CD5 1 MB
193 KB 1335ms
1293ms Stylesheet
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/admin/css/admin.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0093e7f5a7d370f583314aac4a4d8dff0b737d0cd2ef2f6f4d33c20ce84fbc90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16875
x-cache: HIT
last-modified: Fri, 26 May 2023 16:47:23 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=7592985982296194539574994933299666358"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 9ef5a773-201e-0016-2810-903c16000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 o365themedefault.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 7 KB
2 KB 283ms
242ms Stylesheet
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/o365themedefault.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16500
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:58 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=1108315733215769973217929084651332103566"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: f569be47-201e-0074-0910-90fe31000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 masterstyles15.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 92 KB
26 KB 428ms
386ms Stylesheet
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/masterstyles15.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

db33307524612c482d15896f8c3ad61a40fe18b05b926a6c26195b204197bdb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16987
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:34 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=732830055297686532412308088347783000189"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: d0059b83-001e-0001-4c0f-90951d000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 masterstyles15mvc.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 15 KB
4 KB 437ms
396ms Stylesheet
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/masterstyles15mvc.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

edfca74592116918570ccd7fa784621d7d720b820624759520ea63666517997a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16987
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:34 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=42381146174005427823301028940472556983"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: c00b49df-601e-004a-450f-90694e000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 website.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 920ms
879ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/website.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=107556555873148511875796528655367291934"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 80276114-a01e-0008-1737-90d0ce000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 home.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 885ms
844ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/home.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=252106663612412509412021184858747634089"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 55579b2f-101e-001d-1a37-90c77d000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 home15.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 924ms
883ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/home15.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=178985476449081690279362173234693724930"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 92a821a0-e01e-0026-2d37-9082d9000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 assistancepanel.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 834ms
793ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/assistancepanel.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=1421336099711505476015293238441478582658"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 89bc79af-d01e-0002-2f37-907479000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 conciergehelper.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 854ms
813ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/conciergehelper.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=165843328854712555896679776841213325440"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 7fbca01a-a01e-0055-4137-90da4a000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 signup16.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/content/css/ Frame 6CD5 21 KB
5 KB 423ms
382ms Stylesheet
text/css 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/content/css/signup16.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8fc7b24e9c2892625fd6c4e8abebe5ccc4911b929d7ccf696ebc7a8aefb390d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 15580
x-cache: HIT
last-modified: Fri, 26 May 2023 16:50:48 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=34523675474775332738728500971805876401"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 59913a1c-d01e-003d-4813-90bcda000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 adoption.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 925ms
884ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/adoption.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=15682250815166819644527316856469888622"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: fbbfd8ae-601e-0065-7637-906485000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 commonhealthdashboard.css
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/ Frame 6CD5 0
0 871ms
830ms Stylesheet
application/xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/commonhealthdashboard.css

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=16071140736990881578839550323785084050"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 13636783-d01e-0012-1d37-90b111000000
timing-allow-origin: *
access-control-allow-headers: *

GET webcontrols.png
22b5d42b-cf09b9d1.barryxxywor.com/images/ Frame 6CD5 0
0

GET transparent.gif
22b5d42b-cf09b9d1.barryxxywor.com/Images/ Frame 6CD5 0
0

GET header_bg_signup_office.jpg
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET O365SharedClusteredImage.png
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET servicestatus.png
22b5d42b-cf09b9d1.barryxxywor.com/images/ Frame 6CD5 0
0

GET pagelayout_white_panel.jpg
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET pagelayout_mos_background_right.jpg
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET pagelayout_mos_background_left.jpg
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET pagelayout_nav_highlight.jpg
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET header_wizard_hl_mos.jpg
22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/ Frame 6CD5 0
0

GET list_bullet_5x5.gif
22b5d42b-cf09b9d1.barryxxywor.com/Images/ Frame 6CD5 0
0

GET spinner_16x16_metro.gif
22b5d42b-cf09b9d1.barryxxywor.com/images/ Frame 6CD5 0
0

GET spinner_24x24_metro.gif
22b5d42b-cf09b9d1.barryxxywor.com/images/ Frame 6CD5 0
0

GET signup_ms_logo.png
22b5d42b-cf09b9d1.barryxxywor.com/shell/images/ Frame 6CD5 0
0

GET o365_gallatin_logo.png
22b5d42b-cf09b9d1.barryxxywor.com/shell/images/ Frame 6CD5 0
0

GET image1.jpg
22b5d42b-cf09b9d1.barryxxywor.com/images/backgrounds/ Frame 6CD5 0
0

GET arrow_staticup_16.png
22b5d42b-cf09b9d1.barryxxywor.com/images/scrollbar/ Frame 6CD5 0
0

GET arrow_staticdown_16.png
22b5d42b-cf09b9d1.barryxxywor.com/images/scrollbar/ Frame 6CD5 0
0

GET
H2 200 WebResource.axd Show response
1c8eafad-cf09b9d1.barryxxywor.com/ Frame 6CD5 23 KB
5 KB 317ms
313ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://1c8eafad-cf09b9d1.barryxxywor.com/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=638137640945220281

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-as-routekey: weu
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 07 Mar 2023 05:34:54 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
x-as-routekeyapplicationendpointlist: weuportal.office.com
access-control-allow-headers: *
x-ua-compatible: IE=Edge

GET
H2 200 microsoftajaxcombined.js Show response
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 223 KB
56 KB 601ms
600ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/microsoftajaxcombined.js

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e900f0b5c972346ddaaf997f5c149e924dd868cdd3fa9c7f22121b29fa5dc5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 17152
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:29 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=3117174151126617222648600191385800037"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 9ca42287-201e-0029-4d0f-90f4b5000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 jquery-1_10_2_min.js Show response
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/jquery/ Frame 6CD5 91 KB
33 KB 260ms
260ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/jquery/jquery-1_10_2_min.js

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16988
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:27 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=113218239422051715344596001297918273297"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: f312fb9e-f01e-0015-5f0f-90dd72000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 headbundle.js Show response
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 79 KB
17 KB 280ms
280ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/headbundle.js

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e8bc7862f555406cdf43985621f6e0c4f5910aa6aa388516a6206d1de1a3208b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16988
x-cache: HIT
last-modified: Fri, 26 May 2023 16:46:46 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=52704757471774722722226082391746902661"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 9ca65c95-201e-0029-0b0f-90f4b5000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 controlbundle.js Show response
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 87 KB
21 KB 389ms
389ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/controlbundle.js

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16988
x-cache: HIT
last-modified: Fri, 26 May 2023 16:46:47 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=1491315689675936869714197108038441752216"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 0c79af71-501e-000c-350f-905dc9000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 angularlib.js Show response
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 156 KB
57 KB 593ms
592ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/angularlib.js

Requested by

Host: 1c8eafad-cf09b9d1.barryxxywor.com
URL: https://1c8eafad-cf09b9d1.barryxxywor.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d3ec38f34539f58020f27d77691e4d66a5794e1ab83cd0fc6b09f4b3d2084154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1c8eafad-cf09b9d1.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 01:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 16875
x-cache: HIT
last-modified: Fri, 26 May 2023 16:47:02 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Amsterdam&ASN=14061&Country=NL&Region=NH&RequestIdentifier=82663851790434590535924053075365259278"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 361e49de-f01e-0058-4110-90129e000000
timing-allow-origin: *
access-control-allow-headers: *

GET angularextensions.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 0
0

GET adminbootstrap.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 0
0

GET adminapp.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 0
0

GET mscorlib.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET listgrid.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/ Frame 6CD5 0
0

GET peoplepicker.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/ Frame 6CD5 0
0

GET productkeycontrol.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/ Frame 6CD5 0
0

GET gridview.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/ Frame 6CD5 0
0

GET netperf.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET searchbox.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET passwordstrengthmeter.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET hipcontrol.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/ Frame 6CD5 0
0

GET geminiwizard.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/ Frame 6CD5 0
0

GET webuivalidation.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET webtrends.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET webtrendsstream.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET home.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET reporting.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET assistancepanel.js
22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/ Frame 6CD5 0
0

GET
H2 200 convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js Show response
2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/asyncchunk/ 111 KB
36 KB 431ms
430ms Script
application/x-javascript 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js

Requested by

Host: 2b988e29-cf09b9d1.barryxxywor.com
URL: https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ed3c16c005ab9e88019fe1d788c8f4ada05b5281ac01a02a9d71c2adac80171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 26 Apr 2023 03:42:37 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 20230527T010548Z-4kfnf52fm57n31vyqa202nxmbs0000000b5000000000shd3
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6d2bb9ab-a01e-0009-33a4-864460000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/images/ 2 KB
1 KB 217ms
217ms Image
image/svg+xml 167.99.44.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2b988e29-cf09b9d1.barryxxywor.com/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.44.15 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.barryxxywor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 May 2023 01:05:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0bFdxZAAAAAAyo7LKBba2SJpB7Vuc5cjpQU1TMDRFREdFMTkyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6b1f77d4-b01e-0068-70e0-8f2d40000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/webcontrols.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Images/transparent.gif

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/header_bg_signup_office.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/O365SharedClusteredImage.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/servicestatus.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/pagelayout_white_panel.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/pagelayout_mos_background_right.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/pagelayout_mos_background_left.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/pagelayout_nav_highlight.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Shell/Images/header_wizard_hl_mos.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/Images/list_bullet_5x5.gif

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/spinner_16x16_metro.gif

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/spinner_24x24_metro.gif

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/shell/images/signup_ms_logo.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/shell/images/o365_gallatin_logo.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/backgrounds/image1.jpg

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/scrollbar/arrow_staticup_16.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/images/scrollbar/arrow_staticdown_16.png

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/angularextensions.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/adminbootstrap.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/adminapp.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/mscorlib.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/listgrid.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/peoplepicker.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/productkeycontrol.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/gridview.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/netperf.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/searchbox.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/passwordstrengthmeter.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/jsc/hipcontrol.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/webcontrols/js/geminiwizard.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/webuivalidation.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/webtrends.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/webtrendsstream.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/home.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/reporting.js

Domain: 22b5d42b-cf09b9d1.barryxxywor.com
URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/js/assistancepanel.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barryxxywor.com/	1970-01-20 12:27:25	Name: rN3QTj Value: Y2YwOWI5ZDEtYWY4ZS00NjkxLTg4ODItYzU2MjJmYzQ3MTQzOjI3NjQxNjg4LTVkM2EtNDgxNy1iMWZkLWZhZGU1MDg3ZmNlZQ==
.login.barryxxywor.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.barryxxywor.com/	1970-01-20 12:05:49	Name: SSOCOOKIEPULLED Value: 1
.login.barryxxywor.com/	1969-12-31 23:59:59	Name: CkTst Value: G1685149547880
.login.barryxxywor.com/	1970-01-20 21:27:25	Name: brcap Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.barryxxywor.com/?username=zfufcbee@dbyyvafbaeufezbaa.dbz&sso_reload=true(Line 140) Message: WebSocket connection to 'wss://login.barryxxywor.com/websocket/hook/?rN3QTj=Y2YwOWI5ZDFhZjhlNDY5MTg4ODJjNTYyMmZjNDcxNDM=' failed: Error during WebSocket handshake: Unexpected response code: 503
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/assistancepanel.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/conciergehelper.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/commonhealthdashboard.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/home.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/website.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/home15.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://22b5d42b-cf09b9d1.barryxxywor.com/admincenter/admin-pkg/2023.5.22.2/nl/css/adoption.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c8eafad-cf09b9d1.barryxxywor.com
22b5d42b-cf09b9d1.barryxxywor.com
2b988e29-cf09b9d1.barryxxywor.com
live.barryxxywor.com
login.barryxxywor.com
22b5d42b-cf09b9d1.barryxxywor.com
167.99.44.15
0093e7f5a7d370f583314aac4a4d8dff0b737d0cd2ef2f6f4d33c20ce84fbc90
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
117721433c71b9a35c3833a0238114189a427d5b5b85386a9101060a0f221380
19b8ee66ab60c45d5d24988d090b61c938b44c2ee9a5f8558335b27a2f315072
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
5f3b2359218785ec450e6583a9c0755d25f1494df47ae037376801a89bddb02e
64c2019b369b4f3b45009d1740f4c7ae0856bb2608aea7d7628b78f43cecb3fa
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8fc7b24e9c2892625fd6c4e8abebe5ccc4911b929d7ccf696ebc7a8aefb390d1
98c0385f1a6817e57c8c4a2c0a2610c963a06b722ac4fbe34f674d629fa0d6bd
9ea5de698667358de44f06f2962259a174dfc079b215b27bf64aab07ce6ba2bb
c70e7f7d7dbb755c0d43b359077115b255f8250bde13ae6118e93d6bfad33972
cec1d7a3ac9534aae6597466d3c241d57d02e2518da1ba3f5e7640df857957d8
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
d3ec38f34539f58020f27d77691e4d66a5794e1ab83cd0fc6b09f4b3d2084154
dae2e8b71caaa34eb681c30fc17168001dd1c792d3ea2ae4cd4174a9edfcd18b
db33307524612c482d15896f8c3ad61a40fe18b05b926a6c26195b204197bdb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bc7862f555406cdf43985621f6e0c4f5910aa6aa388516a6206d1de1a3208b
e900f0b5c972346ddaaf997f5c149e924dd868cdd3fa9c7f22121b29fa5dc5b8
ed3c16c005ab9e88019fe1d788c8f4ada05b5281ac01a02a9d71c2adac80171c
edfca74592116918570ccd7fa784621d7d720b820624759520ea63666517997a
ee2cf5e4d58ffa8453d6357c6f937c279d14369369917e36dc6d452f73f91600

login.barryxxywor.com Open in urlscan Pro 167.99.44.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

47 %HTTPS

0 %IPv6

1 Domains

5 Subdomains

2 IPs

1 Countries

1118 kBTransfer

4155 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.barryxxywor.com Open in urlscan Pro
167.99.44.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

47 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

2
IPs

1
Countries

1118 kB
Transfer

4155 kB
Size

5
Cookies

70 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!