urlscan.io logo urlscan.io
SecurityTrails logo

jcb-jcb-login.dsmosku.bar Open in urlscan Pro
134.209.209.127  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Effective URL: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On October 21 via manual from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 24 HTTP transactions. The main IP is 134.209.209.127, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is jcb-jcb-login.dsmosku.bar.
TLS certificate: Issued by R3 on October 6th 2021. Valid for: 3 months.
This is the only time jcb-jcb-login.dsmosku.bar was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 52.237.180.56 8075 (MICROSOFT...)
1 142.250.184.234 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
2 172.217.16.131 15169 (GOOGLE)
2 19 134.209.209.127 14061 (DIGITALOC...)
24 5
3    52.237.180.56 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fgz.basisfree.bar
jyhrty8.contemporarygallery.bar
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net
fonts.gstatic.com
19    134.209.209.127 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
dsmosku.bar
d8ngmj9vrrkbza8.dsmosku.bar
jcb-jcb-login.dsmosku.bar
7np70a2gfq540.dsmosku.bar
5y15eftqgj4bem3uy2854jr.dsmosku.bar
Domain Requested by
12 5y15eftqgj4bem3uy2854jr.dsmosku.bar jcb-jcb-login.dsmosku.bar
5y15eftqgj4bem3uy2854jr.dsmosku.bar
3 jcb-jcb-login.dsmosku.bar jyhrty8.contemporarygallery.bar
jcb-jcb-login.dsmosku.bar
5y15eftqgj4bem3uy2854jr.dsmosku.bar
2 7np70a2gfq540.dsmosku.bar jcb-jcb-login.dsmosku.bar
5y15eftqgj4bem3uy2854jr.dsmosku.bar
2 fonts.gstatic.com fonts.googleapis.com
2 fgz.basisfree.bar ajax.aspnetcdn.com
1 d8ngmj9vrrkbza8.dsmosku.bar 1 redirects
1 dsmosku.bar 1 redirects
1 jyhrty8.contemporarygallery.bar fgz.basisfree.bar
1 ajax.aspnetcdn.com fgz.basisfree.bar
1 fonts.googleapis.com fgz.basisfree.bar
24 10

This site contains links to these domains. Also see Links.

Domain
d8ngmj8kd7b0wy5x3w.dsmosku.bar
2wc2dj3dgj43w9rdtvyj8.dsmosku.bar
Subject Issuer Validity Valid
*.basisfree.bar
ZeroSSL RSA Domain Secure Site CA		 2021-10-21 -
2022-01-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.contemporarygallery.bar
ZeroSSL RSA Domain Secure Site CA		 2021-10-20 -
2022-01-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
dsmosku.bar
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Frame ID: F4A92A828F77E734A281969F86FFE98C
Requests: 23 HTTP requests in this frame

Frame: https://7np70a2gfq540.dsmosku.bar/Me.htm?v=3
Frame ID: 36F662634918A070E99D6A0D8EFDC440
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w Page URL
  2. https://dsmosku.bar/?emlkb=kate.hesp@jcb.com HTTP 302
    https://d8ngmj9vrrkbza8.dsmosku.bar/login HTTP 302
    https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
  3. https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

10
Subdomains

5
IPs

1
Countries

405 kB
Transfer

1042 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w Page URL
  2. https://dsmosku.bar/?emlkb=kate.hesp@jcb.com HTTP 302
    https://d8ngmj9vrrkbza8.dsmosku.bar/login HTTP 302
    https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0 Page URL
  3. https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://dsmosku.bar/?emlkb=kate.hesp@jcb.com HTTP 302
  • https://d8ngmj9vrrkbza8.dsmosku.bar/login HTTP 302
  • https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
fgz.basisfree.bar/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.237.180.56 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3127068a1a0e29c152738413ead777c055247fc44c11bbc579bc6fc502864cc5

Request headers

Host
fgz.basisfree.bar
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 21 Oct 2021 12:58:15 GMT
Server
Apache/2.4.41 (Ubuntu)
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Requested by
Host: fgz.basisfree.bar
URL: https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
e9c0b065066c3f2ac454fdc3d237dcf68111baec2fb972f58cfd3b89589c2423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 11:27:37 GMT
server
ESF
date
Thu, 21 Oct 2021 12:58:16 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 21 Oct 2021 12:58:16 GMT
jquery-3.4.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Requested by
Host: fgz.basisfree.bar
URL: https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA0) /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fgz.basisfree.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:58:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11188898
x-cache
HIT
content-length
39406
x-xss-protection
1; mode=block
last-modified
Thu, 11 Apr 2019 17:22:26 GMT
server
ECAcc (frc/8FA0)
etag
"c1ebe9218bf0d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
source.js
jyhrty8.contemporarygallery.bar/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jyhrty8.contemporarygallery.bar/source.js
Requested by
Host: fgz.basisfree.bar
URL: https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.237.180.56 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
038b24210c44593b4049bb9c5a6ff4715a65a36382052f2ecc678b78f905498d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fgz.basisfree.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:58:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 20:28:44 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"23cf-5cea6642bed8b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1626
redirect.php
fgz.basisfree.bar/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fgz.basisfree.bar/redirect.php
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.237.180.56 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Origin
https://fgz.basisfree.bar
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Content-Length
29
Pragma
no-cache
Host
fgz.basisfree.bar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 21 Oct 2021 12:58:16 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fgz.basisfree.bar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 11:16:53 GMT
x-content-type-options
nosniff
age
351683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16064
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Oct 2022 11:16:53 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
d0c7b4b57111f15113e69d61cf461b70f3624ca86a90ab6c6be7446888710a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fgz.basisfree.bar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:36:57 GMT
x-content-type-options
nosniff
age
120079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9532
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:36:57 GMT
Cookie set authorize
jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/
Redirect Chain
  • https://dsmosku.bar/?emlkb=kate.hesp@jcb.com
  • https://d8ngmj9vrrkbza8.dsmosku.bar/login
  • https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id...
148 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0
Requested by
Host: jyhrty8.contemporarygallery.bar
URL: https://jyhrty8.contemporarygallery.bar/source.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
jcb-jcb-login.dsmosku.bar
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://fgz.basisfree.bar/
Accept-Encoding
gzip, deflate, br
Cookie
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrcnvIVhkH3WeJ2Y7NVL0KvmneKdcLHnIRGiuw049Z1pSd1m0qwP3vu_d53KJoIkIbgOC72Y23i9D3ZEHt0P5X9hn1f1lWN13CJxmWFFXzcgpgKd8Nwig2D5GMv60FIvaQt3z8Jrs1qm2OaTA-1ywRmFCjQPmY3npmBdRNwxbB0FsgAA; bgd=kate.hesp@jcb.com; MUID=19D1359C7BD86E220380254B7ABA6F76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
54619
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Oct 2021 12:58:17 GMT
Expires
-1
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Set-Cookie
fpc=AnfUwKZASvRGgDE_EbKCwgQ; expires=Sat, 20-Nov-2021 12:58:17 GMT; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly bgd=kate.hesp@jcb.com;Path=/;Domain=.dsmosku.bar;Expires=Sat, 26-Oct-2025 18:54:56 GMT;Priority=HIGH
Vary
Accept-Encoding
X-Ms-Clitelem
1,50168,0,,
X-Ms-Ests-Server
2.1.12108.11 - SCUS ProdSlices
X-Ms-Request-Id
582652de-1bdb-44df-bdc4-d902e52e9200

Redirect headers

Content-Encoding
gzip
Content-Length
28
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Oct 2021 12:58:16 GMT
Location
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0
Set-Cookie
OH.DCAffinity=OH-eus; expires=Thu, 21 Oct 2021 20:58:17 GMT; path=/; secure; samesite=none; httponly OH.FLID=e47e315f-fc65-4d0d-89f8-62e79b114181; expires=Fri, 21 Oct 2022 12:58:17 GMT; path=/; secure; samesite=none; httponly OH.SID=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/ .AspNetCore.OpenIdConnect.Nonce.AX8M4Dw1FUrU_2nUAxmdY-xo8u-cxBUEbVbIpjZNrvtJJstpZUGb_YU1kMSSQddOzRlNMQj7oTaG8V--v5zIchJVwkwDhyG7Qa6a1SeTrOlCu-jestmkP1W5-U4ohz3GcBktRhhaqcbP5oRRW8HnsDDEYmDFdPGbdaHoUqgGkt1b7cm2QC8RyQfFRVZgusk5n8t_pWL1uHJQBXU6j0ivYZujh6_JnSRkLz-9xq__nk7WYdJAVFeCgr8b-FUVQna2=N; expires=Thu, 21 Oct 2021 13:13:17 GMT; path=/; secure; samesite=none; httponly .AspNetCore.Correlation.OpenIdConnectV2.gMpCp-IswdMq5kEuj7DLD5VswjZFcgH5jQcSFggmwmk=N; expires=Thu, 21 Oct 2021 13:13:17 GMT; path=/; secure; samesite=none; httponly MUID=19D1359C7BD86E220380254B7ABA6F76; path=/; secure; expires=Tue, 15-Nov-2022 12:58:17 GMT; domain=dsmosku.bar bgd=kate.hesp@jcb.com;Path=/;Domain=.dsmosku.bar;Expires=Sat, 26-Oct-2025 18:54:56 GMT;Priority=HIGH
Vary
Accept-Encoding
X-Cache
CONFIG_NOCACHE
X-Msedge-Ref
Ref A: E9E87832A9394E65B4AE62323504C5F3 Ref B: EWR311000106027 Ref C: 2021-10-21T12:58:17Z
X-Ua-Compatible
IE=edge,chrome=1
Primary Request Cookie set authorize
jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/ 		198 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Requested by
Host: jcb-jcb-login.dsmosku.bar
URL: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
01476912fa45fea4259af36cd5e673dc59eb3f03e8b089fb6a4b5fc6335d51b9

Request headers

Host
jcb-jcb-login.dsmosku.bar
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0
Accept-Encoding
gzip, deflate, br
Cookie
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrcnvIVhkH3WeJ2Y7NVL0KvmneKdcLHnIRGiuw049Z1pSd1m0qwP3vu_d53KJoIkIbgOC72Y23i9D3ZEHt0P5X9hn1f1lWN13CJxmWFFXzcgpgKd8Nwig2D5GMv60FIvaQt3z8Jrs1qm2OaTA-1ywRmFCjQPmY3npmBdRNwxbB0FsgAA; bgd=kate.hesp@jcb.com; MUID=19D1359C7BD86E220380254B7ABA6F76; fpc=AnfUwKZASvRGgDE_EbKCwgQ; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
51585
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Oct 2021 12:58:17 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Set-Cookie
buid=0.AQ8AMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrs5ZoLLdNpNsIYSsUmccDnfzLTy-ejMP-d29LgTcUJwRY_rco9-mXkbdCm7S6yeZYpvZ_zeVVNJVbXy0Lz-ARo2L_1VgyH5pRrOSXiwkirWIgAA; expires=Sat, 20-Nov-2021 12:58:18 GMT; path=/; secure; HttpOnly; SameSite=None fpc=AnfUwKZASvRGgDE_EbKCwgS8Ae7AAQAAAOlaA9kOAAAA; expires=Sat, 20-Nov-2021 12:58:18 GMT; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly bgd=kate.hesp@jcb.com;Path=/;Domain=.dsmosku.bar;Expires=Sat, 26-Oct-2025 18:54:56 GMT;Priority=HIGH
Vary
Accept-Encoding
X-Dns-Prefetch-Control
on
X-Ms-Clitelem
1,0,0,,
X-Ms-Ests-Server
2.1.12158.6 - SCUS ProdSlices
X-Ms-Request-Id
a010dd5e-4d2a-46db-afdf-25a54b6d8600
Me.htm
7np70a2gfq540.dsmosku.bar/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://7np70a2gfq540.dsmosku.bar/Me.htm?v=3
Requested by
Host: jcb-jcb-login.dsmosku.bar
URL: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ 		459 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Requested by
Host: jcb-jcb-login.dsmosku.bar
URL: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a4b46af591648fcbbb870855d1faae241186770f7f94e8402b2b49757de9b534

Request headers

Referer
https://jcb-jcb-login.dsmosku.bar/
Origin
https://jcb-jcb-login.dsmosku.bar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:17 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
0uAxvYQAAAACMlEbGKUAJR5RVzheDRvUKRVdSMzBFREdFMDYyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
BSs8Gc14P9TaLpeyn5PUdg==
X-Cache
TCP_HIT
Content-Length
128730
X-Ms-Lease-Status
unlocked
Last-Modified
Tue, 28 Sep 2021 19:30:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D982B67DC5B02B
X-Azure-Ref
06mNxYQAAAACyy2qFsI/FTKWj1u9hpd08RVdSMzExMDAwMTEwMDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
fb9a8b7a-001e-0097-6858-c3010a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
X-Ms-Version
2009-09-19
oneDs_005362965f8408780df6.js
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/oneDs_005362965f8408780df6.js
Requested by
Host: 5y15eftqgj4bem3uy2854jr.dsmosku.bar
URL: https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3f341e0e8fcc5a0cb8812bdda9d0bb9e8c96750eb0e60c8dbbbad1ef515dec12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
0N9FrYQAAAACfG57WknFcSapx6VpEKWl/RVdSMzBFREdFMDUxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
3uhC6s1i3bJlze1D6G2nAg==
X-Cache
TCP_HIT
Content-Length
18875
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 19 May 2021 21:22:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D91B0C3C423BAB
X-Azure-Ref
062NxYQAAAABI9kNJaZVNSLSiYt5GosgVRVdSMzExMDAwMTEwMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
dfa4d8e5-201e-0069-73eb-c20642000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
5y15eftqgj4bem3uy2854jr.dsmosku.bar/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: jcb-jcb-login.dsmosku.bar
URL: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
04+hrYQAAAAC4TG8CWDNxRoNroMsUtPyXRVdSMzBFREdFMDYwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
0O2H9juGYL0zkzcYWr0NIg==
X-Cache
TCP_HIT
Content-Length
19877
X-Ms-Lease-Status
unlocked
Last-Modified
Tue, 28 Sep 2021 21:43:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D982C8F81F4375
X-Azure-Ref
062NxYQAAAACeBh2jLfiGRpV6ibg9MISqRVdSMzExMDAwMTA5MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Ms-Request-Id
5987fdbc-201e-0001-0c25-c31c71000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
ux.converged.login.strings-de.min_kj-yserlnrdtmy-7hhuvaw2.js
5y15eftqgj4bem3uy2854jr.dsmosku.bar/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_kj-yserlnrdtmy-7hhuvaw2.js
Requested by
Host: jcb-jcb-login.dsmosku.bar
URL: https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
0dx1sYQAAAAB9p/FLiTivQrHRDQ/IQI1bRVdSMzBFREdFMDUwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
Ivzc+Uca39yIFhZKwxbqUw==
X-Cache
TCP_HIT
Content-Length
13798
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 17 Sep 2021 22:13:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D97A285969802C
X-Azure-Ref
062NxYQAAAABnBOWmrmNqQZpXeax8c6WCRVdSMzExMDAwMTEwMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
8b61aa97-f01e-0028-6528-c3fe51000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
convergedlogin_pfetchsessionsprogress_4cdd5a3fcbb2bfaeeb01.js
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4cdd5a3fcbb2bfaeeb01.js
Requested by
Host: 5y15eftqgj4bem3uy2854jr.dsmosku.bar
URL: https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
106106f1554b2822fb8d68c27fd2698787e415885446b3080181a027157d9cbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
0+clrYQAAAACNDydntfiGTomDASkT+v2ZRVdSMzBFREdFMDUwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
NkwN0eJgZ/C7oMjuKLxHag==
X-Cache
TCP_HIT
Content-Length
5484
X-Ms-Lease-Status
unlocked
Last-Modified
Thu, 09 Sep 2021 23:52:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D973ECD3CC3F09
X-Azure-Ref
062NxYQAAAAChX9pGuZwSQYBQ+OPjC2cERVdSMzExMDAwMTEwMDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
570fe53b-b01e-0000-07f7-c23773000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
X-Azure-Ref-Originshield
0mpxrYQAAAAB21mNGR4ZGQoRsVMKOZHxQRVdSMzBFREdFMDYwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
Fm3lNHEmUlOrOkVt7+baIw==
X-Cache
TCP_HIT
Content-Length
2672
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D79B83739984DD
X-Azure-Ref
062NxYQAAAABnGBEv5RgiR7brhz771Rm3RVdSMzExMDAwMTEwMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Ms-Request-Id
6490f132-d01e-0052-2ffa-c20244000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:18 GMT
X-Azure-Ref-Originshield
0u0txYQAAAAB36TDl1lDySpk/LLCiAHFCRVdSMzBFREdFMDYyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
tUCo5RgDcZLjLE/li/Lbqw==
X-Cache
TCP_HIT
Content-Length
3620
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D79B8373B17F89
X-Azure-Ref
062NxYQAAAACGSB6SX2eDSbXSLVKwtmmeRVdSMzExMDAwMTEwMDI1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Ms-Request-Id
6209adb2-001e-0013-233c-c5fa57000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Cookie set reportpageload
jcb-jcb-login.dsmosku.bar/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jcb-jcb-login.dsmosku.bar/common/instrumentation/reportpageload?mkt=de-DE
Requested by
Host: 5y15eftqgj4bem3uy2854jr.dsmosku.bar
URL: https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
223522e7a501b3f976d8c2b62cd96232c0778a253df6e11cfc5b77bd558a109c

Request headers

Sec-Fetch-Mode
cors
Origin
https://jcb-jcb-login.dsmosku.bar
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
client-request-id
6c215e87-afef-43cd-913c-ccb3c60eb64b
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevrkDocaj9KrnDBU1pndNkQYtW1w4kt1WJW7oHl9ehG9qmgSAWy622YRhOXWUWuRPHzeOGtFazhOV2a35r6zNa6vOafzIUZhSpBpK5XhnLoxuFROjVAUeW2kVMMLDZZXRnDk1HDElBjPJH5LfVlBoJ2OdtMvhoIRiTo8l_hng-MABVcWRaQ-DtyCSX-k3HHRuWwy6L2q7KUPWFjY3f_7YUSJyAA
Sec-Fetch-Dest
empty
Cookie
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrcnvIVhkH3WeJ2Y7NVL0KvmneKdcLHnIRGiuw049Z1pSd1m0qwP3vu_d53KJoIkIbgOC72Y23i9D3ZEHt0P5X9hn1f1lWN13CJxmWFFXzcgpgKd8Nwig2D5GMv60FIvaQt3z8Jrs1qm2OaTA-1ywRmFCjQPmY3npmBdRNwxbB0FsgAA; bgd=kate.hesp@jcb.com; MUID=19D1359C7BD86E220380254B7ABA6F76; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=0.AQ8AMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrs5ZoLLdNpNsIYSsUmccDnfzLTy-ejMP-d29LgTcUJwRY_rco9-mXkbdCm7S6yeZYpvZ_zeVVNJVbXy0Lz-ARo2L_1VgyH5pRrOSXiwkirWIgAA; fpc=AnfUwKZASvRGgDE_EbKCwgS8Ae7AAQAAAOlaA9kOAAAA; uaid=05277ff5c3e448a8ab828e0af82d853e; MSPRequ=id=N&lt=1634821098&co=1; brcap=0
Connection
keep-alive
Content-Length
3862
hpgact
1800
Pragma
no-cache
hpgrequestid
a010dd5e-4d2a-46db-afdf-25a54b6d8600
Host
jcb-jcb-login.dsmosku.bar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Cache-Control
no-cache
Referer
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
Sec-Fetch-Site
same-origin
hpgrequestid
a010dd5e-4d2a-46db-afdf-25a54b6d8600
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
client-request-id
6c215e87-afef-43cd-913c-ccb3c60eb64b
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevrkDocaj9KrnDBU1pndNkQYtW1w4kt1WJW7oHl9ehG9qmgSAWy622YRhOXWUWuRPHzeOGtFazhOV2a35r6zNa6vOafzIUZhSpBpK5XhnLoxuFROjVAUeW2kVMMLDZZXRnDk1HDElBjPJH5LfVlBoJ2OdtMvhoIRiTo8l_hng-MABVcWRaQ-DtyCSX-k3HHRuWwy6L2q7KUPWFjY3f_7YUSJyAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://jcb-jcb-login.dsmosku.bar/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.5t3cg9e3.dsmosku.bar%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637704178971968490.YzlhODI1OWItODIwOS00MGM5LWExMGQtNjg2ZDM1ZThkODk0ZTZlMTBkNzUtYjdiMC00ZGJiLWExZTMtZjc3YWY1ODA1YTY2&ui_locales=de-DE&mkt=de-DE&state=s_el9OUqWfgBvtk8d3X_iFG9t4bfW35wMxyBWjGATtgXBZzvx3tqAWsYaXT9R_LNDaXo7GTy6o9yJw64OGHNutz2C_E4LfIUa6s4RQZoTlCL-1FMu5HzRRi8XZO7luQWh5dprXmh0OrJ40RV4I5rPRskEo5YWiI3941Y8VZXV4glWDCUo_0pWhVDHKcDHFE8AI1euHTncGXf7PuBN-b0lNXCeoYSshqyfzhZfIjZTjjB8t55AN4IEQzqVGtACe_7woVr93QA0WoqYVQF2efvNA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0&sso_reload=true
hpgact
1800

Response headers

Date
Thu, 21 Oct 2021 12:58:19 GMT
Access-Control-Allow-Methods
POST, OPTIONS
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Client-Request-Id
6c215e87-afef-43cd-913c-ccb3c60eb64b
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
Pragma
no-cache
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://jcb-jcb-login.dsmosku.bar
X-Ms-Request-Id
c49abce8-f649-4f02-9cbb-e2567efa2900
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
Set-Cookie
fpc=AnfUwKZASvRGgDE_EbKCwgS8Ae7AAQAAAOlaA9kOAAAA; expires=Sat, 20-Nov-2021 12:58:19 GMT; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly bgd=kate.hesp@jcb.com;Path=/;Domain=.dsmosku.bar;Expires=Sat, 26-Oct-2025 18:54:56 GMT;Priority=HIGH
X-Ms-Ests-Server
2.1.12158.6 - NCUS ProdSlices
Expires
-1
marching_ants_white_166de53471265253ab3a456defe6da23.gif
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: 5y15eftqgj4bem3uy2854jr.dsmosku.bar
URL: https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
X-Azure-Ref-Originshield
0mpxrYQAAAAB21mNGR4ZGQoRsVMKOZHxQRVdSMzBFREdFMDYwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
Fm3lNHEmUlOrOkVt7+baIw==
X-Cache
TCP_HIT
Content-Length
2672
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D79B83739984DD
X-Azure-Ref
062NxYQAAAAD2NBkfsRccSbEan4YYnbv5RVdSMzExMDAwMTEwMDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Ms-Request-Id
6490f132-d01e-0052-2ffa-c20244000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: 5y15eftqgj4bem3uy2854jr.dsmosku.bar
URL: https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
X-Azure-Ref-Originshield
0u0txYQAAAAB36TDl1lDySpk/LLCiAHFCRVdSMzBFREdFMDYyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
tUCo5RgDcZLjLE/li/Lbqw==
X-Cache
TCP_HIT
Content-Length
3620
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D79B8373B17F89
X-Azure-Ref
062NxYQAAAADd40fk/3X8SpIfHtucc8jARVdSMzExMDAwMTEwMDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Ms-Request-Id
6209adb2-001e-0013-233c-c5fa57000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/backgrounds/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
011lxYQAAAACSmGipwMlFT5bJ0e/psL9BRVdSMzBFREdFMDUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
DhdidjYrlCeaRJJRG/y9mA==
X-Cache
TCP_HIT
Content-Length
673
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 12 Feb 2020 22:01:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D7B0071D86E386
X-Azure-Ref
062NxYQAAAACFctz7HM0rSqNx3uM74EuvRVdSMzExMDAwMTEwMDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
4f9cc84d-f01e-0090-7e16-c6d004000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Cookie set Me.htm
7np70a2gfq540.dsmosku.bar/ Frame 36F6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7np70a2gfq540.dsmosku.bar/Me.htm?v=3
Requested by
Host: 5y15eftqgj4bem3uy2854jr.dsmosku.bar
URL: https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/js/ConvergedLogin_PCore_fWZ7O1i3T6oi9LeexbmJjw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1de725c40e77b67945dabaa2072e7828f23c288efd7d45498263dec135e5ca5

Request headers

Host
7np70a2gfq540.dsmosku.bar
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jcb-jcb-login.dsmosku.bar/
Accept-Encoding
gzip, deflate, br
Cookie
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrcnvIVhkH3WeJ2Y7NVL0KvmneKdcLHnIRGiuw049Z1pSd1m0qwP3vu_d53KJoIkIbgOC72Y23i9D3ZEHt0P5X9hn1f1lWN13CJxmWFFXzcgpgKd8Nwig2D5GMv60FIvaQt3z8Jrs1qm2OaTA-1ywRmFCjQPmY3npmBdRNwxbB0FsgAA; bgd=kate.hesp@jcb.com; MUID=19D1359C7BD86E220380254B7ABA6F76; uaid=05277ff5c3e448a8ab828e0af82d853e; MSPRequ=id=N&lt=1634821098&co=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/

Response headers

Cache-Control
max-age=315360000
Content-Encoding
deflate
Content-Length
2470
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Oct 2021 12:58:19 GMT
Expires
Sun, 19 Oct 2031 12:58:19 GMT
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Ppserver
PPV: 30 H: BL02PF7CC55AC33 V: 0
Set-Cookie
uaid=9025d92a70194311933a44e31edd9366; domain=dsmosku.bar; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=N&lt=1634821100&co=2; domain=dsmosku.bar; Secure; path=/; SameSite=None; HttpOnly bgd=kate.hesp@jcb.com;Path=/;Domain=.dsmosku.bar;Expires=Sat, 26-Oct-2025 18:54:56 GMT;Priority=HIGH
Vary
Accept-Encoding
X-Ms-Request-Id
3ef896a7-a708-4c74-b6fd-6f3f251b7330
X-Ms-Route-Info
R3_BL2
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:19 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
0Qg1wYQAAAACFUXPtWchjRq6nfUJF8vFMRVdSMzBFREdFMDYxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
nzaLxFgP7ZB3dfMcaybWzw==
X-Cache
TCP_HIT
Content-Length
1435
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D79B8373CB2849
X-Azure-Ref
062NxYQAAAAC2MJ1c5zqlRKLSJUMvoM7TRVdSMzExMDAwMTEwMDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
8cb4b429-e01e-001d-2d69-c5584a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5y15eftqgj4bem3uy2854jr.dsmosku.bar/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.209.127 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jcb-jcb-login.dsmosku.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Thu, 21 Oct 2021 12:58:20 GMT
Content-Encoding
gzip
X-Azure-Ref-Originshield
0HYhrYQAAAACyTPfqOEBgTrbSoUSiqykRRVdSMzBFREdFMDUwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Md5
R2FAVxfpONfnQAuxVxXbHg==
X-Cache
TCP_HIT
Content-Length
621
X-Ms-Lease-Status
unlocked
Last-Modified
Tue, 10 Nov 2020 03:41:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Etag
0x8D8852A7FA6B761
X-Azure-Ref
07GNxYQAAAABwD+wzbbXmRY6sPIyreGuBRVdSMzExMDAwMTEwMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
da6abcdf-e01e-0049-7c33-c29771000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ function| lp object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_4cdd5a3fcbb2bfaeeb01 function| __assign function| __extends

19 Cookies

Domain/Path Name / Value
dsmosku.bar/ Name: fpc
Value: AmJqoQUfM5VGuSofdsz3TZA
.dsmosku.bar/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrcnvIVhkH3WeJ2Y7NVL0KvmneKdcLHnIRGiuw049Z1pSd1m0qwP3vu_d53KJoIkIbgOC72Y23i9D3ZEHt0P5X9hn1f1lWN13CJxmWFFXzcgpgKd8Nwig2D5GMv60FIvaQt3z8Jrs1qm2OaTA-1ywRmFCjQPmY3npmBdRNwxbB0FsgAA
dsmosku.bar/ Name: x-ms-gateway-slice
Value: estsfd
dsmosku.bar/ Name: stsservicecookie
Value: estsfd
.dsmosku.bar/ Name: bgd
Value: kate.hesp@jcb.com
d8ngmj9vrrkbza8.dsmosku.bar/ Name: OH.DCAffinity
Value: OH-eus
d8ngmj9vrrkbza8.dsmosku.bar/ Name: OH.FLID
Value: e47e315f-fc65-4d0d-89f8-62e79b114181
d8ngmj9vrrkbza8.dsmosku.bar/ Name: .AspNetCore.OpenIdConnect.Nonce.AX8M4Dw1FUrU_2nUAxmdY-xo8u-cxBUEbVbIpjZNrvtJJstpZUGb_YU1kMSSQddOzRlNMQj7oTaG8V--v5zIchJVwkwDhyG7Qa6a1SeTrOlCu-jestmkP1W5-U4ohz3GcBktRhhaqcbP5oRRW8HnsDDEYmDFdPGbdaHoUqgGkt1b7cm2QC8RyQfFRVZgusk5n8t_pWL1uHJQBXU6j0ivYZujh6_JnSRkLz-9xq__nk7WYdJAVFeCgr8b-FUVQna2
Value: N
d8ngmj9vrrkbza8.dsmosku.bar/ Name: .AspNetCore.Correlation.OpenIdConnectV2.gMpCp-IswdMq5kEuj7DLD5VswjZFcgH5jQcSFggmwmk
Value: N
.dsmosku.bar/ Name: MUID
Value: 19D1359C7BD86E220380254B7ABA6F76
jcb-jcb-login.dsmosku.bar/ Name: x-ms-gateway-slice
Value: estsfd
jcb-jcb-login.dsmosku.bar/ Name: stsservicecookie
Value: estsfd
.jcb-jcb-login.dsmosku.bar/ Name: AADSSO
Value: NA|NoExtension
jcb-jcb-login.dsmosku.bar/ Name: SSOCOOKIEPULLED
Value: 1
jcb-jcb-login.dsmosku.bar/ Name: buid
Value: 0.AQ8AMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrs5ZoLLdNpNsIYSsUmccDnfzLTy-ejMP-d29LgTcUJwRY_rco9-mXkbdCm7S6yeZYpvZ_zeVVNJVbXy0Lz-ARo2L_1VgyH5pRrOSXiwkirWIgAA
jcb-jcb-login.dsmosku.bar/ Name: fpc
Value: AnfUwKZASvRGgDE_EbKCwgS8Ae7AAQAAAOlaA9kOAAAA
.dsmosku.bar/ Name: uaid
Value: 05277ff5c3e448a8ab828e0af82d853e
.dsmosku.bar/ Name: MSPRequ
Value: id=N&lt=1634821098&co=1
.jcb-jcb-login.dsmosku.bar/ Name: brcap
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://fgz.basisfree.bar/98kczAfqtZXJ0PWEyRjBaUzVvWlhOd1FHcGpZaTVqYjIwPQ==4z8w
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5y15eftqgj4bem3uy2854jr.dsmosku.bar
7np70a2gfq540.dsmosku.bar
ajax.aspnetcdn.com
d8ngmj9vrrkbza8.dsmosku.bar
dsmosku.bar
fgz.basisfree.bar
fonts.googleapis.com
fonts.gstatic.com
jcb-jcb-login.dsmosku.bar
jyhrty8.contemporarygallery.bar
134.209.209.127
142.250.184.234
152.199.19.160
172.217.16.131
52.237.180.56
01476912fa45fea4259af36cd5e673dc59eb3f03e8b089fb6a4b5fc6335d51b9
038b24210c44593b4049bb9c5a6ff4715a65a36382052f2ecc678b78f905498d
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
106106f1554b2822fb8d68c27fd2698787e415885446b3080181a027157d9cbb
223522e7a501b3f976d8c2b62cd96232c0778a253df6e11cfc5b77bd558a109c
3127068a1a0e29c152738413ead777c055247fc44c11bbc579bc6fc502864cc5
3f341e0e8fcc5a0cb8812bdda9d0bb9e8c96750eb0e60c8dbbbad1ef515dec12
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a4b46af591648fcbbb870855d1faae241186770f7f94e8402b2b49757de9b534
b1de725c40e77b67945dabaa2072e7828f23c288efd7d45498263dec135e5ca5
d0c7b4b57111f15113e69d61cf461b70f3624ca86a90ab6c6be7446888710a0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c0b065066c3f2ac454fdc3d237dcf68111baec2fb972f58cfd3b89589c2423
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0