0nlinesecuremessagetrans.decofficesecurelfilex.sbs Open in urlscan Pro
172.232.53.88  Public Scan

Submitted URL: http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Effective URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission Tags: falconsandbox
Submission: On December 05 via api from US — Scanned from FR

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 172.232.53.88, located in Paris, France and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is 0nlinesecuremessagetrans.decofficesecurelfilex.sbs.
TLS certificate: Issued by E5 on December 5th 2024. Valid for: 3 months.
This is the only time 0nlinesecuremessagetrans.decofficesecurelfilex.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 10 172.232.53.88 63949 (AKAMAI-LI...)
11 2
Domain Requested by
5 0nlinesecuremessagetrans.decofficesecurelfilex.sbs 2 redirects 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
3 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
1 3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
1 0ffice.decofficesecurelfilex.sbs 1 redirects
0 l1ve.decofficesecurelfilex.sbs Failed 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
11 5

This site contains no links.

Subject Issuer Validity Valid
decofficesecurelfilex.sbs
E5
2024-12-05 -
2025-03-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Frame ID: 8C15CCA9943078546CA9DB0F38E9229F
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Connectez-vous à votre compte

Page URL History Show full URLs

  1. http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 307
    https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ Page URL
  2. https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 302
    https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 302
    https://0ffice.decofficesecurelfilex.sbs/login HTTP 302
    https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

64 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

2
IPs

1
Countries

198 kB
Transfer

592 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 307
    https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ Page URL
  2. https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 302
    https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 302
    https://0ffice.decofficesecurelfilex.sbs/login HTTP 302
    https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 307
  • https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Redirect Chain
  • http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
  • https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
165 KB
63 KB
Document
General
Full URL
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
ecce04e1f33e33535e9be697326bbfa5bf62f9ad1aa09f62a1c82840fb9e04ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 17:37:08 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request authorize
0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/
Redirect Chain
  • https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
  • https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
  • https://0ffice.decofficesecurelfilex.sbs/login
  • https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2F...
178 KB
64 KB
Document
General
Full URL
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
a9c0e50702bafa4f823c37bd4b9ea766bb8abf8e2eb29a53097c6cf32f5519c5

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs
Referer
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-length
64441
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 17:37:11 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://c7e5a2d3-7eb3ac8c.decofficesecurelfilex.sbs/api/report?catId=GW+estsfd+frc"}]}
server
nginx
vary
Accept-Encoding
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.19492.3 - FRC ProdSlices
x-ms-request-id
5d6e8398-a100-4cab-a208-b19550dbaa00
x-ms-srs
1.P

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
content-encoding
gzip
content-length
20
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 17:37:10 GMT
location
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
referrer-policy
strict-origin-when-cross-origin
request-context
appId=
server
nginx
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 1D38CE66826145308B4DBC8251FACF5C Ref B: AMS231032604035 Ref C: 2024-12-05T17:37:10Z
x-ua-compatible
IE=edge,chrome=1
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/
0
0

ConvergedLogin_PCore_h6TdaK6cfsrg175w47aRCA2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/shared/1.0/content/js/
0
0

ux.converged.login.strings-fr.min_5ak7by3q3urdlt5likmn_w2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/
0
0

Me.htm
l1ve.decofficesecurelfilex.sbs/
0
0

converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/
111 KB
20 KB
Stylesheet
General
Full URL
https://3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
Requested by
Host: 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs
Referer
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCDDAAF34D1A25
content-encoding
gzip
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Thu, 05 Dec 2024 17:37:13 GMT
content-type
text/css
last-modified
Wed, 25 Sep 2024 21:42:27 GMT
cache-control
public, max-age=31536000
x-ms-request-id
c4bc6510-b01e-0030-3154-444234000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20400
x-azure-ref
20241205T173712Z-168d58c4c99mdlk7hC1PARm2u000000008yg000000000cha
x-ms-blob-type
BlockBlob
server
nginx
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/
117 KB
40 KB
Script
General
Full URL
https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
8a7314a652fc87cb66229552a1d0f7fe6c8e965b7bf07d715c11e7067a54acbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs
Referer
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D8DA1E5A71125A
age
22086330
content-encoding
gzip
x-cache
HIT
date
Thu, 05 Dec 2024 17:37:12 GMT
content-type
application/x-javascript
last-modified
Fri, 26 Feb 2021 06:18:37 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
1949424e-001e-0077-495c-7e7928000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
40481
x-ms-blob-type
BlockBlob
server
nginx
frameworksupport.min_oadrnc13magb009k4d20lg2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/
12 KB
5 KB
Script
General
Full URL
https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
a842e0a2e0c3d8f5bfb672a2206045a8426edabbf9b34e1328c6ab949c5196ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs
Referer
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D876CB1F3EA0D9
age
22173350
content-encoding
gzip
x-cache
HIT
date
Thu, 05 Dec 2024 17:37:13 GMT
content-type
application/x-javascript
last-modified
Thu, 22 Oct 2020 20:43:24 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
d6f61876-b01e-00a4-1491-7d3048000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
4895
x-ms-blob-type
BlockBlob
server
nginx
watson.min_q5ptmu8aniymd4ftuqdkda2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/
9 KB
4 KB
Script
General
Full URL
https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: 0nlinesecuremessagetrans.decofficesecurelfilex.sbs
URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs
Referer
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DA5944E2DB65A3
age
22086306
content-encoding
gzip
x-cache
HIT
date
Thu, 05 Dec 2024 17:37:13 GMT
content-type
application/x-javascript
last-modified
Tue, 28 Jun 2022 20:29:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
04fab102-d01e-00ca-425c-7ed077000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3921
x-ms-blob-type
BlockBlob
server
nginx
watson
0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/handlers/
265 B
884 B
XHR
General
Full URL
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/handlers/watson
Requested by
Host: 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
URL: https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.53.88 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-232-53-88.ip.linodeusercontent.com
Software
nginx /
Resource Hash
56b4d9a9ae03158a99453a7b99aa86f6acc3e783134f44dd84625e70f8e65e49

Request headers

hpgid
1104
Referer
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
hpgact
1800
canary
PAQABDgEAAADW6jl31mB3T7ugrWTT8pFeKmZdPaAjhCzYX1Op4qlCKzDu2-K1cG9kxMyjM35wNOiYGvmkDuw_KXJkSA1yZiW0PaPDAOVR0SEamVaEW-J6GMkd5_Rr-zZmwRDbNfS4yw5cwOPz244L3-PpgDj_cF4rJp5BGcU83qbbWrAXqdPjGfnYeinuX1jMSxFaMoVOp-1bdd0DPtSBCdokv73eIVfgKFEs-Yo164WoSd4MosXWiSAA
client-request-id
9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json; charset=UTF-8

Response headers

x-ms-ests-server
2.1.19492.3 - FRC ProdSlices
content-encoding
gzip
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://c7e5a2d3-7eb3ac8c.decofficesecurelfilex.sbs/api/report?catId=GW+estsfd+frc"}]}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
date
Thu, 05 Dec 2024 17:37:14 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-ms-srs
1.P
cache-control
no-store, no-cache
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-ms-request-id
37eb3750-afac-4b9b-9a18-f14d8dfc5700
client-request-id
9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f
access-control-allow-origin
*
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
URL
https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
Domain
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
URL
https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/shared/1.0/content/js/ConvergedLogin_PCore_h6TdaK6cfsrg175w47aRCA2.js
Domain
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
URL
https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ux.converged.login.strings-fr.min_5ak7by3q3urdlt5likmn_w2.js
Domain
l1ve.decofficesecurelfilex.sbs
URL
https://l1ve.decofficesecurelfilex.sbs/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

5 Cookies

Domain/Path Name / Value
.decofficesecurelfilex.sbs/ Name: ve70yu
Value: "N2ViM2FjOGMtNTYxNi00Yzg2LWIwMDItYWFlYmY4YzgxY2I1OmM4YzM1N2M1LTE5M2YtNGZkOC1hNmI2LWVmMTdiZDE4ZmM2NA=="
0ffice.decofficesecurelfilex.sbs/ Name: OH.DCAffinity
Value: OH-weu
0ffice.decofficesecurelfilex.sbs/ Name: OH.FLID
Value: 87fcb7e0-f680-4aef-af7d-e0148c331fb8
0ffice.decofficesecurelfilex.sbs/ Name: .AspNetCore.OpenIdConnect.Nonce.1UMUiTrhQFDjMwyt3OD03RwwrJcmWk7hw_oYzOHccTI6JdhY9X_tV057j-Fxk1cda7mIDgHhWXmNQQOyOgh7JQJ3MI5s67xq4FUQWi__LfyebGg8HjE4Nc9vpHnC4JeTjlZYvS8yMa4wr36E9xdv4aY2BDcOsMDvqfCaIagN2iyXHj-K3OK1X4yhwwkAOmcfKBP8MjfgJzWMeh2ACOocFHqIGkQfZTOIgfg9CE0eiX5k0REvD2pIknoAUpKLQ3T9
Value: N
0ffice.decofficesecurelfilex.sbs/ Name: .AspNetCore.Correlation.rES0V6Yts9QNoZZd-_sIwmapUI5DGYoHzU2d2V-H0uM
Value: N

2 Console Messages

Source Level URL
Text
rendering warning URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01D041C170000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A06057041C170000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.