lmo.sdfghjkjhngbvscxcvb.com Open in urlscan Pro
87.121.221.172 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bing.com/ck/a?!&&p=41c9aead20cc32b4JmltdHM9MTY4NTkyMzIwMCZpZ3VpZD0xMjhlNmQzYy1iYzBlLTZlMWYtM2VkMi03ZTFhYm...
Effective URL:
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true
Submission: On June 07 via manual (June 7th 2023, 5:13:58 am UTC) from IT — Scanned from IT

Summary HTTP 75 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 75 HTTP transactions. The main IP is 87.121.221.172, located in Reston, United States and belongs to AS_DELIS, US. The main domain is lmo.sdfghjkjhngbvscxcvb.com.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.

This is the only time lmo.sdfghjkjhngbvscxcvb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:310... 2a02:26f0:3100::1725:e25a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.179.192.229 108.179.192.229	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
39	87.121.221.172 87.121.221.172	211252 (AS_DELIS) (AS_DELIS)
75	6

1 2a02:26f0:3100::1725:e25a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.179.192.229 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv180-ip05.prodns.com.br

www.dominissiniroletes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 87.121.221.172 (Reston, United States)

ASN211252 (AS_DELIS, US)

lmo.sdfghjkjhngbvscxcvb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.sdfghjkjhngbvscxcvb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	sdfghjkjhngbvscxcvb.com lmo.sdfghjkjhngbvscxcvb.com live.sdfghjkjhngbvscxcvb.com 662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com	1 MB
1	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1357	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	28 KB
1	dominissiniroletes.com.br www.dominissiniroletes.com.br	7 KB
1	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 62	402 B
75	6

	Domain	Requested by
23	e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com	5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
9	662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com	lmo.sdfghjkjhngbvscxcvb.com 662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com
4	lmo.sdfghjkjhngbvscxcvb.com	www.dominissiniroletes.com.br lmo.sdfghjkjhngbvscxcvb.com
2	5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com	662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
1	live.sdfghjkjhngbvscxcvb.com	lmo.sdfghjkjhngbvscxcvb.com
1	aadcdn.msftauth.net	www.dominissiniroletes.com.br
1	fonts.googleapis.com	www.dominissiniroletes.com.br
1	cdnjs.cloudflare.com	www.dominissiniroletes.com.br
1	www.dominissiniroletes.com.br
1	www.bing.com	1 redirects
75	10

This site contains links to these domains. Also see Links.

Domain
live.sdfghjkjhngbvscxcvb.com
wwwms.sdfghjkjhngbvscxcvb.com
33b1e74a-7e4b12f6.sdfghjkjhngbvscxcvb.com

Subject Issuer	Validity	Valid
www.dominissiniroletes.com.br R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh
sdfghjkjhngbvscxcvb.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true
Frame ID: 6E47F4EF7EB92304F1B4E598331C29A2
Requests: 20 HTTP requests in this frame

Frame: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx
Frame ID: 256C933BC53EDE9127FB90845ACCA8DF
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accesso all'account

Page URL History Show full URLs

https://www.bing.com/ck/a?!&&p=41c9aead20cc32b4JmltdHM9MTY4NTkyMzIwMCZpZ3VpZD0xMjhlNmQzYy1iYzBlLT... HTTP 302
https://www.dominissiniroletes.com.br/roletes-livres.php Page URL
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username= Page URL
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username= Page URL
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

57 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

6
IPs

2
Countries

1220 kB
Transfer

4493 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://live.sdfghjkjhngbvscxcvb.com/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2flmo.sdfghjkjhngbvscxcvb.com%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQepmvcs7qQ6LJ4vcf-6TLvO2cxcsbnZJaBVa5iVCZsnP4FRsYXjIy3mAT9i9I9U8KL3VJTUosSSzLz8y6wCLxi4TFgtuLg4BJgkGBQYPjBwriIFWhr-S1t6crPYe6Lv8q-2yhewHCKVT_d0iQpuKrC27GgtCTc16fKPD8xKdTfyd_EM7sqKzwvojLEJ8OowtslwyfS1tjKcAKb0AQ2plNsDB_YGDvYGWaxMxzgZNzAw3iAl-EH3-v_757df3Tzrccrfh13t9DQUN9Cp-wKi9wK_ULHiqSUkIhS7YIsN_8C46rMlEKXwKiU1KzACtNQWwA1&estsfed=1&uaid=de2867e1d03a4461a3af48bf971cef89&signup=1&lw=1&fl=easi2&fci=https%3a%2f%2f5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com.orgid.com
Title: fare clic qui per crearne uno.

Search URL Search Domain Scan URL

URL: https://wwwms.sdfghjkjhngbvscxcvb.com/it-IT/servicesagreement/
Title: Condizioni per l'utilizzo

Search URL Search Domain Scan URL

URL: https://33b1e74a-7e4b12f6.sdfghjkjhngbvscxcvb.com/it-IT/privacystatement
Title: Privacy e cookie

Search URL Search Domain Scan URL

URL: https://wwwms.sdfghjkjhngbvscxcvb.com/it-it/accessibility/accessibilite/accessibility-statement
Title: Accessibilità

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bing.com/ck/a?!&&p=41c9aead20cc32b4JmltdHM9MTY4NTkyMzIwMCZpZ3VpZD0xMjhlNmQzYy1iYzBlLTZlMWYtM2VkMi03ZTFhYmRhMjZmMTAmaW5zaWQ9NTI1NQ&ptn=3&hsh=3&fclid=128e6d3c-bc0e-6e1f-3ed2-7e1abda26f10&u=a1aHR0cHM6Ly93d3cuZG9taW5pc3Npbmlyb2xldGVzLmNvbS5ici9yb2xldGVzLWxpdnJlcy5waHA HTTP 302
https://www.dominissiniroletes.com.br/roletes-livres.php Page URL
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username= Page URL
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username= Page URL
https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.bing.com/ck/a?!&&p=41c9aead20cc32b4JmltdHM9MTY4NTkyMzIwMCZpZ3VpZD0xMjhlNmQzYy1iYzBlLTZlMWYtM2VkMi03ZTFhYmRhMjZmMTAmaW5zaWQ9NTI1NQ&ptn=3&hsh=3&fclid=128e6d3c-bc0e-6e1f-3ed2-7e1abda26f10&u=a1aHR0cHM6Ly93d3cuZG9taW5pc3Npbmlyb2xldGVzLmNvbS5ici9yb2xldGVzLWxpdnJlcy5waHA HTTP 302
https://www.dominissiniroletes.com.br/roletes-livres.php

75 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

roletes-livres.php Show response
www.dominissiniroletes.com.br/
Redirect Chain

https://www.bing.com/ck/a?!&&p=41c9aead20cc32b4JmltdHM9MTY4NTkyMzIwMCZpZ3VpZD0xMjhlNmQzYy1iYzBlLTZlMWYtM2VkMi03ZTFhYmRhMjZmMTAmaW5zaWQ9NTI1NQ&ptn=3&hsh=3&fclid=128e6d3c-bc0e-6e1f-3ed2-7e1abda26f10&...
https://www.dominissiniroletes.com.br/roletes-livres.php

14 KB
7 KB

1903ms
140ms

Document
text/html

108.179.192.229
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominissiniroletes.com.br/roletes-livres.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.192.229 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv180-ip05.prodns.com.br
Software: Apache /
Resource Hash: dfb25da6ce7fcc5852da75cbf8e2d44510e6dcb22d694d204976ebfab7e97636

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: gzip
content-length: 7150
content-type: text/html; charset=UTF-8
date: Wed, 07 Jun 2023 05:13:51 GMT
expires: Wed, 07 Jun 2023 06:13:51 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
cache-control: no-cache, must-revalidate
content-length: 0
date: Wed, 07 Jun 2023 05:13:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://www.dominissiniroletes.com.br/roletes-livres.php
pragma: no-cache
x-cdn-traceid: 0.56e22517.1686114829.60328fcc
x-msedge-ref: Ref A: D89F4CB9C0F244EDA735C80B8055BE49 Ref B: VIEEDGE1317 Ref C: 2023-06-07T05:13:49Z

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 59ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.dominissiniroletes.com.br
URL: https://www.dominissiniroletes.com.br/roletes-livres.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.dominissiniroletes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 643363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qdp%2BrrQ3tppWRE0clSzxvErI%2FyNvGMvHxKeXQfsiZncgTFIjZj%2BrFeti%2BWHWSEaDIyryV6lWCliWHdeUXTxvAWA1jsEXkr20BpOw0x7RqY3hEB7hHvQ1MOhfvBuC0oN%2F70DtjWEwL2qaj5Mj5ieQZBVI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d36688338a459b3-MXP
expires: Mon, 27 May 2024 05:13:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 118ms
36ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.dominissiniroletes.com.br
URL: https://www.dominissiniroletes.com.br/roletes-livres.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.dominissiniroletes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 05:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 04:51:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 05:13:51 GMT

GET
H2 200 favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 17 KB
17 KB 82ms
19ms Image
image/x-icon 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Requested by: Host: www.dominissiniroletes.com.br
URL: https://www.dominissiniroletes.com.br/roletes-livres.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C82) /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.dominissiniroletes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:51 GMT
content-md5: EuPayFgGHQiAI7K9SOL6lg==
age: 5923550
x-cache: HIT
content-length: 17174
x-ms-lease-status: unlocked
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (mil/6C82)
etag: 0x8D8731240E548EB
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: 1dd62735-701e-0017-401f-637961000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
lmo.sdfghjkjhngbvscxcvb.com/ 358 KB
121 KB 304ms
211ms Document
text/html 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=

Requested by

Host: www.dominissiniroletes.com.br
URL: https://www.dominissiniroletes.com.br/roletes-livres.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

c3dcab5ae7e7c18ed4f0ea155da973527898d34e9f65bda75ee6caa504805f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominissiniroletes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 05:13:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 / Show response
lmo.sdfghjkjhngbvscxcvb.com/ 210 B
349 B 141ms
141ms Fetch
application/json 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=

Requested by

Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

82029cea5f626fdf1fc4c43c5c88955c58d5cc48c9837b066bc21da4c808c3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Jun 2023 05:13:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
lmo.sdfghjkjhngbvscxcvb.com/ 462 KB
158 KB 667ms
666ms Document
text/html 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=

Requested by

Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0631f9ab085de57fbfb216962b1bc92aa4ea3ae951daf6bcd7dd5582fe0dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 05:13:53 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://055ee22b-7e4b12f6.sdfghjkjhngbvscxcvb.com/api/report?catId=GW+estsfd+ams2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - WEULR1 ProdSlices
x-ms-request-id: 0aee357a-b3f4-4d03-a992-cb95bfdef200

GET
H2 200 Primary Request / Show response
lmo.sdfghjkjhngbvscxcvb.com/ 509 KB
153 KB 646ms
646ms Document
text/html 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true

Requested by

Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

1ac3ffbf9efb5bd1e56378b5d42621b5a21cbd365a59d77e18263d672040d6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 05:13:54 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://055ee22b-7e4b12f6.sdfghjkjhngbvscxcvb.com/api/report?catId=GW+estsfd+ams2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - NEULR2 ProdSlices
x-ms-request-id: 1b2bda77-f379-4756-a3f5-1deeb1177000

GET
H2 200 Me.htm
live.sdfghjkjhngbvscxcvb.com/ 0
0 384ms
354ms Other
text/html 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sdfghjkjhngbvscxcvb.com/Me.htm?v=3
Requested by: Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Show response
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ 410 KB
114 KB 682ms
592ms Script
application/x-javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Requested by

Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

5de01ba2cda3b8c9cbdf574fc0efc859d13f2db3877a3d8836cd7c5e62ffbce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
Origin: https://lmo.sdfghjkjhngbvscxcvb.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2982608
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Mon, 01 May 2023 23:53:01 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 78a33502-101e-0001-38de-7d2088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 oneDs_5b54317b5869f142bd86.js Show response
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ 186 KB
60 KB 423ms
422ms Script
application/x-javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/oneDs_5b54317b5869f142bd86.js

Requested by

Host: 662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

ee3690e794941bf8bee876bfd81b4008e3ae2f73668cf8bd93056a77f455fef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 4701248
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 12 Apr 2023 22:33:42 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3dd1b7a9-901e-0041-3b3c-6edc2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js Show response
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/asyncchunk/ 108 KB
32 KB 307ms
307ms Script
application/x-javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js

Requested by

Host: 662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

30d2afc4ad0777e5eed95f775153d955c0e04751465ff62bd0f928ae6d02529b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 3415328
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 26 Apr 2023 03:42:34 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 45922918-a01e-0090-47ee-7999e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 Prefetch.aspx Show response
5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/ Frame 256C 11 KB
3 KB 282ms
271ms Document
text/html 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Requested by

Host: 662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

7557af47e190339544c7f6ea283f2c4ade485c1ac78b68aa9e61a1ad9e9cd32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache,no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 05:13:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ua-compatible: IE=Edge

GET
H2 200 converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/ests/2.1/content/cdnbundles/ 0
20 KB 313ms
312ms Other
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/ests/2.1/content/cdnbundles/converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css

Requested by

Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2365020
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 10 May 2023 02:53:17 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8bf80826-701e-009d-1d7c-83ab66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-it.min_zrepzpfc3zux2_ipmk7-iq2.js
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/ests/2.1/content/cdnbundles/ 0
15 KB 276ms
275ms Other
application/x-javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-it.min_zrepzpfc3zux2_ipmk7-iq2.js

Requested by

Host: lmo.sdfghjkjhngbvscxcvb.com
URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2181976
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Mon, 01 May 2023 22:11:06 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1815b828-f01e-0014-5526-858a01000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 embeddedfonts.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 3 KB
1 KB 362ms
340ms Stylesheet
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/embeddedfonts.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

d988d2ae6a4c202ddd987303017733fbdc4a5f970d05c70b5d062a4479eb3199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:10 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4993"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 20deed7d-c01e-005e-489a-951477000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 admin.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/admin/css/ Frame 256C 1 MB
193 KB 1647ms
1625ms Stylesheet
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/admin/css/admin.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:43:05 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b498d"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f9268cab-101e-0062-15a6-953db0000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 o365themedefault.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 7 KB
2 KB 374ms
352ms Stylesheet
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/o365themedefault.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:31 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b49bb"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: df990e86-501e-003e-44ec-9568e8000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 masterstyles15.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 92 KB
26 KB 655ms
634ms Stylesheet
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/masterstyles15.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

56e42b75354be6c1100059bd6be362034a43cfa5abb3ca5f811a1489c28d9250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:12 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.c6247e68.1686114836.261d4ea1"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3ab75d0c-201e-0056-6c9a-950e78000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 masterstyles15mvc.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 15 KB
4 KB 624ms
603ms Stylesheet
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/masterstyles15mvc.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

70fa5919c8ef1dd9afc7b50fc6b68ea84ad94bc6eaac94903b3f3bfb5decc077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:12 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4c07"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: aa617df2-b01e-0019-459a-957f2c000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 404 website.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 768ms
747ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/website.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.c6247e68.1686114836.261d5290"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: c52510e6-301e-0057-3efe-9864f2000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET
H2 404 home.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 781ms
760ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/home.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4b78"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 2770b043-e01e-006b-1cfe-984d35000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET
H2 404 home15.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 810ms
789ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/home15.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4c11"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: a9d7d71c-401e-0062-76fe-9808e6000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET
H2 404 assistancepanel.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 811ms
790ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/assistancepanel.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4c3c"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 9ce09f7d-e01e-0026-23fe-9882d9000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET
H2 404 conciergehelper.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 472ms
452ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/conciergehelper.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.c6247e68.1686114836.261d4ec1"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: a9d102ea-701e-0056-7ffe-983b2e000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET
H2 200 signup16.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/content/css/ Frame 256C 21 KB
5 KB 465ms
445ms Stylesheet
text/css 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/content/css/signup16.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

3fac89f0f515b641360f58a3c93b61e5270617e772634bcc704f318a7cc56dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:47:33 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4abc"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9370edaf-701e-0029-0aec-95c1e3000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 404 adoption.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 939ms
919ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/adoption.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b49d3"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: a9d7d5cf-401e-0062-50fe-9808e6000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET
H2 404 commonhealthdashboard.css
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/ Frame 256C 0
0 602ms
582ms Stylesheet
application/xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/commonhealthdashboard.css

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4aaa"}],"include_subdomains ":true}
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: adc13673-401e-0010-35fe-980fa9000000
access-control-expose-headers: date,Akamai-Request-BC
timing-allow-origin: *

GET webcontrols.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/ Frame 256C 0
0

GET transparent.gif
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Images/ Frame 256C 0
0

GET header_bg_signup_office.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET O365SharedClusteredImage.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET servicestatus.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/ Frame 256C 0
0

GET pagelayout_white_panel.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET pagelayout_mos_background_right.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET pagelayout_mos_background_left.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET pagelayout_nav_highlight.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET header_wizard_hl_mos.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/ Frame 256C 0
0

GET list_bullet_5x5.gif
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Images/ Frame 256C 0
0

GET spinner_16x16_metro.gif
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/ Frame 256C 0
0

GET spinner_24x24_metro.gif
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/ Frame 256C 0
0

GET signup_ms_logo.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/shell/images/ Frame 256C 0
0

GET o365_gallatin_logo.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/shell/images/ Frame 256C 0
0

GET image1.jpg
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/backgrounds/ Frame 256C 0
0

GET arrow_staticup_16.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/scrollbar/ Frame 256C 0
0

GET arrow_staticdown_16.png
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/scrollbar/ Frame 256C 0
0

GET
H2 200 WebResource.axd Show response
5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/ Frame 256C 23 KB
5 KB 282ms
276ms Script
application/x-javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=638137640945220281

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-as-routekey: weu
date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 07 Mar 2023 05:34:54 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
x-as-routekeyapplicationendpointlist: weuportal.office.com
access-control-allow-headers: *
x-ua-compatible: IE=Edge

GET
H2 200 microsoftajaxcombined.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 223 KB
56 KB 438ms
437ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/microsoftajaxcombined.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

907f4c6ec4a247e174efea65dbf04b3cbded60375a4caba5023e8052e75259ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:09 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4ea7"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3cef669f-901e-000e-459a-95d627000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 jquery-1_10_2_min.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/jquery/ Frame 256C 91 KB
33 KB 310ms
309ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/jquery/jquery-1_10_2_min.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:08 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.c6247e68.1686114836.261d57d9"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3cef5ff9-901e-000e-3d9a-95d627000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 headbundle.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 79 KB
17 KB 360ms
359ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/headbundle.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

c41c4f05f95a49a0427a953d9342747399ecb4a55aba87bcff09d1fd8b29b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:42:31 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114836.253b4f07"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3ab75f84-201e-0056-769a-950e78000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 controlbundle.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 87 KB
21 KB 363ms
362ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/controlbundle.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:42:32 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.c6247e68.1686114836.261d583e"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5df182c0-d01e-000f-519a-9589fb000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 angularlib.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 156 KB
57 KB 462ms
461ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/angularlib.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

5f2321ed7b7acce480689a0a4e28e74cfc45df2fc97b10343dc047a41fc7475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:42:44 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114837.253b4fec"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 912da17c-701e-0029-27a6-95c1e3000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET angularextensions.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 0
0

GET adminbootstrap.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 0
0

GET adminapp.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 0
0

GET
H2 200 mscorlib.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 24 KB
8 KB 235ms
234ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/mscorlib.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:34 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114837.253b515b"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae792838-301e-0017-3cec-95569c000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 listgrid.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/ Frame 256C 60 KB
14 KB 481ms
480ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/listgrid.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:17 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114837.253b53cf"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 915ebe90-701e-0029-21ad-95c1e3000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 peoplepicker.js Show response
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/ Frame 256C 11 KB
4 KB 241ms
241ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/peoplepicker.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

a7321f5898d11c794e86f016f4be7d8355872a94081adc22d551d5298d1a2900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:34 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114837.253b5304"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d545bab2-d01e-0030-1aec-954158000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 productkeycontrol.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/ Frame 256C 6 KB
3 KB 289ms
286ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/productkeycontrol.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:35 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114837.253b5534"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a60ca4b0-301e-005a-78ec-959970000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 gridview.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/ Frame 256C 8 KB
3 KB 261ms
261ms Script
application/javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/gridview.js

Requested by

Host: 5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 31 May 2023 19:46:36 GMT
server: nginx
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.05257e68.1686114837.253b54c2"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3b4159c0-601e-0068-20a7-959907000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=630720000
timing-allow-origin: *

GET netperf.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET searchbox.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET passwordstrengthmeter.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET hipcontrol.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/ Frame 256C 0
0

GET geminiwizard.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/ Frame 256C 0
0

GET webuivalidation.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET webtrends.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET webtrendsstream.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET home.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET reporting.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET assistancepanel.js
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/ Frame 256C 0
0

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 295ms
294ms Image
image/svg+xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 15565394
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3b27cec4-801e-006c-5f6d-0b90f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/images/ 4 KB
2 KB 302ms
300ms Image
image/svg+xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 15565391
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e853f86a-c01e-004f-2b6d-0b1dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js Show response
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/asyncchunk/ 111 KB
36 KB 715ms
714ms Script
application/x-javascript 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js

Requested by

Host: 662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

6868f1cb3fb5918bcabf611b3901a514ed889a9d90e2406fa70e846f99414ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 3414554
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 26 Apr 2023 03:42:37 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c85c4995-c01e-000a-3bf0-79f4c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/images/ 2 KB
1 KB 397ms
397ms Image
image/svg+xml 87.121.221.172
AS_DELIS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.121.221.172 Reston, United States, ASN211252 (AS_DELIS, US),

Reverse DNS

Software

nginx /

Resource Hash

8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://lmo.sdfghjkjhngbvscxcvb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Jun 2023 05:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 15565396
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fbad164b-e01e-0092-046d-0b9485000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/webcontrols.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Images/transparent.gif

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/header_bg_signup_office.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/O365SharedClusteredImage.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/servicestatus.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/pagelayout_white_panel.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/pagelayout_mos_background_right.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/pagelayout_mos_background_left.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/pagelayout_nav_highlight.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Shell/Images/header_wizard_hl_mos.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/Images/list_bullet_5x5.gif

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/spinner_16x16_metro.gif

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/spinner_24x24_metro.gif

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/shell/images/signup_ms_logo.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/shell/images/o365_gallatin_logo.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/backgrounds/image1.jpg

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/scrollbar/arrow_staticup_16.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/images/scrollbar/arrow_staticdown_16.png

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/angularextensions.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/adminbootstrap.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/adminapp.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/netperf.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/searchbox.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/passwordstrengthmeter.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/jsc/hipcontrol.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/webcontrols/js/geminiwizard.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/webuivalidation.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/webtrends.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/webtrendsstream.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/home.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/reporting.js

Domain: e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/js/assistancepanel.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sdfghjkjhngbvscxcvb.com/	1970-01-20 12:43:30	Name: QzA8SD Value: N2U0YjEyZjYtZTUzOC00NmVkLTkzMzctZWM1MWNkMjQ0ZDhhOmM2MDNkY2Y2LWMwODUtNDFjNC04NGM0LTAyNzRjNTNmY2MwNA==
.lmo.sdfghjkjhngbvscxcvb.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
lmo.sdfghjkjhngbvscxcvb.com/	1970-01-20 12:21:54	Name: SSOCOOKIEPULLED Value: 1
lmo.sdfghjkjhngbvscxcvb.com/	1970-01-20 21:07:30	Name: MicrosoftApplicationsTelemetryDeviceId Value: d017f393-18b4-4332-9f1e-85d2f08c65e6
.lmo.sdfghjkjhngbvscxcvb.com/	1969-12-31 23:59:59	Name: CkTst Value: G1686114835564
.lmo.sdfghjkjhngbvscxcvb.com/	1970-01-20 21:43:30	Name: brcap Value: 0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true(Line 137) Message: WebSocket connection to 'wss://lmo.sdfghjkjhngbvscxcvb.com/websocket/hook/?QzA8SD=N2U0YjEyZjZlNTM4NDZlZDkzMzdlYzUxY2QyNDRkOGE=' failed: Error during WebSocket handshake: Unexpected response code: 503
network	error	URL: https://lmo.sdfghjkjhngbvscxcvb.com/?cwomA1=Wm69pN&username=&sso_reload=true(Line 137) Message: WebSocket connection to 'wss://lmo.sdfghjkjhngbvscxcvb.com/websocket/hook/?QzA8SD=N2U0YjEyZjZlNTM4NDZlZDkzMzdlYzUxY2QyNDRkOGE=' failed: Error during WebSocket handshake: Unexpected response code: 503
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/conciergehelper.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/commonhealthdashboard.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/website.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/home.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/home15.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/assistancepanel.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com/admincenter/admin-pkg/2023.5.25.2/it/css/adoption.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5cfd801c-7e4b12f6.sdfghjkjhngbvscxcvb.com
662d5876-7e4b12f6.sdfghjkjhngbvscxcvb.com
aadcdn.msftauth.net
cdnjs.cloudflare.com
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
fonts.googleapis.com
live.sdfghjkjhngbvscxcvb.com
lmo.sdfghjkjhngbvscxcvb.com
www.bing.com
www.dominissiniroletes.com.br
e83bd42e-7e4b12f6.sdfghjkjhngbvscxcvb.com
108.179.192.229
152.199.23.37
2606:4700::6811:180e
2a00:1450:4001:813::200a
2a02:26f0:3100::1725:e25a
87.121.221.172
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1ac3ffbf9efb5bd1e56378b5d42621b5a21cbd365a59d77e18263d672040d6cf
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
30d2afc4ad0777e5eed95f775153d955c0e04751465ff62bd0f928ae6d02529b
3fac89f0f515b641360f58a3c93b61e5270617e772634bcc704f318a7cc56dfe
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
56e42b75354be6c1100059bd6be362034a43cfa5abb3ca5f811a1489c28d9250
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
5de01ba2cda3b8c9cbdf574fc0efc859d13f2db3877a3d8836cd7c5e62ffbce4
5f2321ed7b7acce480689a0a4e28e74cfc45df2fc97b10343dc047a41fc7475c
6868f1cb3fb5918bcabf611b3901a514ed889a9d90e2406fa70e846f99414ea6
70fa5919c8ef1dd9afc7b50fc6b68ea84ad94bc6eaac94903b3f3bfb5decc077
7557af47e190339544c7f6ea283f2c4ade485c1ac78b68aa9e61a1ad9e9cd32c
82029cea5f626fdf1fc4c43c5c88955c58d5cc48c9837b066bc21da4c808c3c8
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
907f4c6ec4a247e174efea65dbf04b3cbded60375a4caba5023e8052e75259ce
965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1
a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073
a7321f5898d11c794e86f016f4be7d8355872a94081adc22d551d5298d1a2900
c3dcab5ae7e7c18ed4f0ea155da973527898d34e9f65bda75ee6caa504805f29
c41c4f05f95a49a0427a953d9342747399ecb4a55aba87bcff09d1fd8b29b345
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
d988d2ae6a4c202ddd987303017733fbdc4a5f970d05c70b5d062a4479eb3199
dfb25da6ce7fcc5852da75cbf8e2d44510e6dcb22d694d204976ebfab7e97636
ee3690e794941bf8bee876bfd81b4008e3ae2f73668cf8bd93056a77f455fef6
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
fd0631f9ab085de57fbfb216962b1bc92aa4ea3ae951daf6bcd7dd5582fe0dcc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

lmo.sdfghjkjhngbvscxcvb.com Open in urlscan Pro 87.121.221.172 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

57 %HTTPS

50 %IPv6

6 Domains

10 Subdomains

6 IPs

2 Countries

1220 kBTransfer

4493 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lmo.sdfghjkjhngbvscxcvb.com Open in urlscan Pro
87.121.221.172 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

57 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

6
IPs

2
Countries

1220 kB
Transfer

4493 kB
Size

6
Cookies

75 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!