urlscan.io logo urlscan.io
SecurityTrails logo

controlpanel.visi.com Open in urlscan Pro
185.64.215.78  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mail.claytoncountyia.gov/
Effective URL: https://controlpanel.visi.com/Portal/ADUser/Login
Submission Tags: insec_govpress_testing wordpress Search All
Submission: On October 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 23 HTTP transactions. The main IP is 185.64.215.78, located in United Kingdom and belongs to IMED, GB. The main domain is controlpanel.visi.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 26th 2020. Valid for: a year.
This is the only time controlpanel.visi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

1    209.98.94.140 (United States)

ASN8015 (VISI-AS, US)
PTR: v-209-98-94-140.ip.visi.com
mail.claytoncountyia.gov
15    185.64.215.78 (United Kingdom)

ASN50152 (IMED, GB)
PTR: sslproxy-lo-2.serverdata.net
controlpanel.visi.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
15 controlpanel.visi.com 1 redirects controlpanel.visi.com
3 www.google-analytics.com controlpanel.visi.com
www.google-analytics.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
1 www.google.de controlpanel.visi.com
1 www.google.com controlpanel.visi.com
1 stats.g.doubleclick.net www.google-analytics.com
1 az416426.vo.msecnd.net controlpanel.visi.com
1 mail.claytoncountyia.gov 1 redirects
23 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
www.google.com
outdatedbrowser.com
Subject Issuer Validity Valid
controlpanel.visi.com
Go Daddy Secure Certificate Authority - G2		 2020-08-26 -
2021-09-11		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://controlpanel.visi.com/Portal/ADUser/Login
Frame ID: 7254FA01EDE2014D321B2CAD03410832
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mail.claytoncountyia.gov/ HTTP 301
    https://controlpanel.visi.com/asp/MManager/Login.asp?owa=1 HTTP 302
    https://controlpanel.visi.com/Portal/ADUser/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<(?:div|html)[^>]+ng-app=/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

23
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

5
Countries

392 kB
Transfer

976 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mail.claytoncountyia.gov/ HTTP 301
    https://controlpanel.visi.com/asp/MManager/Login.asp?owa=1 HTTP 302
    https://controlpanel.visi.com/Portal/ADUser/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
controlpanel.visi.com/Portal/ADUser/
Redirect Chain
  • http://mail.claytoncountyia.gov/
  • https://controlpanel.visi.com/asp/MManager/Login.asp?owa=1
  • https://controlpanel.visi.com/Portal/ADUser/Login
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET ARR/2.5
Resource Hash
ab8cae68ebe61082bc37a73e64f32ff481f88a7970abdf18dc8b1568b790d2de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
controlpanel.visi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASPSESSIONIDCGSDSACT=OJMHEGGDMBHLODPGOAGAICMO; ARRAffinity=d1ecfd9dead9e0991be0eb7bac1f5c477c0d15e5bdbd52fc0b95e406a0f770a8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 14 Oct 2020 17:49:05 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
private
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-AspNetMvc-Version
5.2
Request-Context
appId=cid-v1:07f807be-9359-4cb3-9705-6753b14c1bf6
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET ARR/2.5
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 14 Oct 2020 17:49:05 GMT
Content-Type
text/html; Charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private,no-cache
Expires
Wed, 14 Oct 2020 17:48:05 GMT
Location
/Portal/ADUser/Login
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Set-Cookie
ASPSESSIONIDCGSDSACT=OJMHEGGDMBHLODPGOAGAICMO; secure; path=/ ARRAffinity=d1ecfd9dead9e0991be0eb7bac1f5c477c0d15e5bdbd52fc0b95e406a0f770a8;Path=/;Domain=controlpanel.visi.com
X-Frame-Options
DENY SAMEORIGIN
X-Powered-By
ASP.NET ARR/2.5
shared
controlpanel.visi.com/Portal/scripts/ 		616 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/Portal/scripts/shared?v=JOM21v7tQ23Jx5EUKoUQRCA4EArir5H65V-5d9qP6mQ1
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
cfdd68d84eb9a050383d2aa71e8298f8ceaef6b17b74fbc51b28d8fd4de6999f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Expires
Thu, 14 Oct 2021 17:49:06 GMT
Last-Modified
Wed, 14 Oct 2020 17:49:06 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Request-Context
appId=cid-v1:07f807be-9359-4cb3-9705-6753b14c1bf6
aduser
controlpanel.visi.com/Portal/bundles/styles/login/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
54cd0006ab5219d98a5c6d6e4ab7ac36444de6d41a99dd911cc6561157d1aadb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Expires
Thu, 14 Oct 2021 17:49:06 GMT
Last-Modified
Wed, 14 Oct 2020 17:49:06 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/css; charset=utf-8
Request-Context
appId=cid-v1:07f807be-9359-4cb3-9705-6753b14c1bf6
8974f6aa-63fd-4221-aeea-fcad205312b0.js
controlpanel.visi.com/ 		1013 B
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/8974f6aa-63fd-4221-aeea-fcad205312b0.js
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx /
Resource Hash
0ccece35ee7114ffcdd228d46f2cf1dc63f08ab722d85bff081ac22ebd0b4363

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 May 2019 03:20:02 GMT
Server
nginx
ETag
W/"7cd85f17166d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 14 Oct 2020 18:19:06 GMT
warning-orange_24.png
controlpanel.visi.com/Content/images/icons/24/ 		270 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlpanel.visi.com/Content/images/icons/24/warning-orange_24.png
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
021552f50478176acb8b290389a5b4758927f7eea728b66142ca701eaaaa3f1a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
ETag
"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
270
Expires
Wed, 14 Oct 2020 18:19:08 GMT
Captcha
controlpanel.visi.com/Portal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlpanel.visi.com/Portal/Captcha?id=2b8942c1138d4e099c519506a3e770ad&width=94&height=36&rnd=563689&httproute=True
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
dabaa427d9ee52f2de1b857230bf9c174df55a6ba25b24a49a3c95ac0e462a6f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Connection
keep-alive
Content-Type
image/png
Content-Length
1547
Request-Context
appId=cid-v1:07f807be-9359-4cb3-9705-6753b14c1bf6
form
controlpanel.visi.com/Portal/bundles/scripts/login/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/Portal/bundles/scripts/login/form?v=PULa9IcQj_BuCLSnrtofVaZ-UzW6MPmNF9CdW1pbKbU1
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
691b70f27d2782ca6efde281fc25c12277b75bc03782f6b7f2e0e3711a1948f1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Expires
Thu, 14 Oct 2021 17:49:06 GMT
Last-Modified
Wed, 14 Oct 2020 17:49:06 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Request-Context
appId=cid-v1:07f807be-9359-4cb3-9705-6753b14c1bf6
aduser
controlpanel.visi.com/Portal/bundles/scripts/login/form/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/Portal/bundles/scripts/login/form/aduser?v=XfObJY34heTP6lT7hqWSwhhAjZVg8QnoF4y7jt_Vddc1
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
c7ef041a2781e23b7cf5a49653b8acbde1c49ca7a5b363e8aecb2411326c0679
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Expires
Thu, 14 Oct 2021 17:49:07 GMT
Last-Modified
Wed, 14 Oct 2020 17:49:07 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Request-Context
appId=cid-v1:07f807be-9359-4cb3-9705-6753b14c1bf6
aduser.svg
controlpanel.visi.com/content/images/icons/custom/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlpanel.visi.com/content/images/icons/custom/aduser.svg
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
36f53d513f4ade6962ea9b5342113dfb07037c5c22252338ebecc6d20d4dd11e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
Content-Encoding
gzip
ETag
W/"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=900
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/svg+xml
Vary
Accept-Encoding
info-white_16.svg
controlpanel.visi.com/Content/images/icons/16/ 		859 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlpanel.visi.com/Content/images/icons/16/info-white_16.svg
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
e954ae1ddb505f8e8fbad2f1bbab6036287633051e969f09cf7b353589c1e3a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
Content-Encoding
gzip
ETag
W/"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=900
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/svg+xml
Vary
Accept-Encoding
dinot-webfont.woff
controlpanel.visi.com/content/font/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/content/font/dinot-webfont.woff
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
75769c069372a5f8d8da31d6f20c102b919269ef27b876b2a56b3dd381321a26
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://controlpanel.visi.com
Referer
https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
ETag
"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
font/x-woff
Content-Length
23584
dinot-medium-webfont.woff
controlpanel.visi.com/content/font/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/content/font/dinot-medium-webfont.woff
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
4d0ae714a36becfdb44141b5e04f6e7b8869d9f4a778c281fae28bf01a868afa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://controlpanel.visi.com
Referer
https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
ETag
"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
font/x-woff
Content-Length
25208
opensans-regular-webfont.woff
controlpanel.visi.com/content/font/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://controlpanel.visi.com/content/font/opensans-regular-webfont.woff
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
ca510e3ff10ec424392a2e5f5ff640c8059671b92fe8b42ae5911b6dc844e41b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://controlpanel.visi.com
Referer
https://controlpanel.visi.com/Portal/bundles/styles/login/aduser?v=W7BlBDeKoLwh8af7SGN3zTnaNVVx3_J0LsG11KaUjz81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
ETag
"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
font/x-woff
Content-Length
24780
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
7183
date
Wed, 14 Oct 2020 15:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 14 Oct 2020 17:49:25 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/8974f6aa-63fd-4221-aeea-fcad205312b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Oct 2020 17:49:08 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
851
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 01 Oct 2020 19:31:04 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8664089864073
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
19156a01-301e-007a-7f50-a28a26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 14 Oct 2020 18:19:08 GMT
collect
www.google-analytics.com/j/ 		4 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=277864847&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolpanel.visi.com%2FPortal%2FADUser%2FLogin&ul=en-us&de=UTF-8&dt=Outlook%20Web%20Access&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=936651483&gjid=1290396887&cid=493073685.1602697748&tid=UA-214873-15&_gid=1246711301.1602697748&_r=1&_slc=1&z=1540281788
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Oct 2020 17:49:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://controlpanel.visi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-214873-15&cid=493073685.1602697748&jid=936651483&gjid=1290396887&_gid=1246711301.1602697748&_u=IEBAAEAAAAAAAC~&z=1774167588
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 14 Oct 2020 17:49:08 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://controlpanel.visi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-214873-15&cid=493073685.1602697748&jid=936651483&_u=IEBAAEAAAAAAAC~&z=1102773705
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Oct 2020 17:49:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-214873-15&cid=493073685.1602697748&jid=936651483&_u=IEBAAEAAAAAAAC~&z=1102773705
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Oct 2020 17:49:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
progress_new_48.gif
controlpanel.visi.com/content/images/icons/48/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlpanel.visi.com/content/images/icons/48/progress_new_48.gif
Requested by
Host: controlpanel.visi.com
URL: https://controlpanel.visi.com/Portal/ADUser/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.215.78 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
sslproxy-lo-2.serverdata.net
Software
nginx / ASP.NET, ARR/2.5
Resource Hash
0e34717792324335a11b0329be7eaef6c00566d090e71b745a43705ecd59b18c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 17:49:08 GMT
ETag
"0cb7d21c2a0d61:0"
Last-Modified
Mon, 12 Oct 2020 18:04:30 GMT
Server
nginx
X-Powered-By
ASP.NET, ARR/2.5
X-Frame-Options
SAMEORIGIN
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
3895
Expires
Wed, 14 Oct 2020 18:19:08 GMT
collect
www.google-analytics.com/ 		35 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=277864847&t=timing&_s=2&dl=https%3A%2F%2Fcontrolpanel.visi.com%2FPortal%2FADUser%2FLogin&ul=en-us&de=UTF-8&dt=Outlook%20Web%20Access&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5140&pdt=1&dns=0&rrt=1694&srt=560&tcp=0&dit=4611&clt=4611&_gst=4330&_gbt=4342&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=493073685.1602697748&tid=UA-214873-15&_gid=1246711301.1602697748&z=1180616004
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 23:32:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65816
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://controlpanel.visi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Wed, 14 Oct 2020 17:49:08 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
862cafe255c0dd7466942361439b2c40c6c7f79760d90b65f64593fd719d3f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://controlpanel.visi.com/Portal/ADUser/Login
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
35464283-6170-4177-BC3E-69C21DBCE059
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
status
200
date
Wed, 14 Oct 2020 17:49:09 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| ui function| $ function| jQuery object| angular object| appInsights string| GoogleAnalyticsObject function| ga function| trackUlpLoginAttempt function| trackUlpLoginFailed function| initClickTracking function| adUserloginCtrl function| getStorageManager function| validateInput function| setInputErrorStyle function| showMixedValidation function| submitToUrl function| disable function| googleAnalytics function| onLoginSuccess function| onLoginFailed object| validationRules object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| AI object| Microsoft function| __extends function| _endsWith function| getQueryParameterByName function| getClientTypeFromQuery function| setLoginTab function| isFontAvailable

6 Cookies

Domain/Path Name / Value
controlpanel.visi.com/ Name: MySessionID2
Value: sfjqjb32ajyskm2o0r3qhds3
.visi.com/ Name: _ga
Value: GA1.2.493073685.1602697748
controlpanel.visi.com/ Name: ai_user
Value: 2vNMv|2020-10-14T17:49:08.068Z
.visi.com/ Name: _gid
Value: GA1.2.1246711301.1602697748
.visi.com/ Name: _gat
Value: 1
.controlpanel.visi.com/ Name: ARRAffinity
Value: cd8f7a564e9935338eea0e7898d2777bcde49a70ca460ba09300cbe93f428332

2 Console Messages

Source Level URL
Text
console-api log URL: https://controlpanel.visi.com/Portal/bundles/scripts/login/form?v=PULa9IcQj_BuCLSnrtofVaZ-UzW6MPmNF9CdW1pbKbU1(Line 1)
Message:
GA event tracking failed: "trackTabswitch" is not defined
console-api log URL: https://controlpanel.visi.com/Portal/bundles/scripts/login/form?v=PULa9IcQj_BuCLSnrtofVaZ-UzW6MPmNF9CdW1pbKbU1(Line 1)
Message:
GA event tracking failed: "trackTabswitch" is not defined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
controlpanel.visi.com
dc.services.visualstudio.com
mail.claytoncountyia.gov
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
185.64.215.78
209.98.94.140
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:400c:c00::9b
51.107.59.180
021552f50478176acb8b290389a5b4758927f7eea728b66142ca701eaaaa3f1a
0ccece35ee7114ffcdd228d46f2cf1dc63f08ab722d85bff081ac22ebd0b4363
0e34717792324335a11b0329be7eaef6c00566d090e71b745a43705ecd59b18c
36f53d513f4ade6962ea9b5342113dfb07037c5c22252338ebecc6d20d4dd11e
4d0ae714a36becfdb44141b5e04f6e7b8869d9f4a778c281fae28bf01a868afa
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
54cd0006ab5219d98a5c6d6e4ab7ac36444de6d41a99dd911cc6561157d1aadb
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
691b70f27d2782ca6efde281fc25c12277b75bc03782f6b7f2e0e3711a1948f1
75769c069372a5f8d8da31d6f20c102b919269ef27b876b2a56b3dd381321a26
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862cafe255c0dd7466942361439b2c40c6c7f79760d90b65f64593fd719d3f14
ab8cae68ebe61082bc37a73e64f32ff481f88a7970abdf18dc8b1568b790d2de
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c7ef041a2781e23b7cf5a49653b8acbde1c49ca7a5b363e8aecb2411326c0679
ca510e3ff10ec424392a2e5f5ff640c8059671b92fe8b42ae5911b6dc844e41b
cfdd68d84eb9a050383d2aa71e8298f8ceaef6b17b74fbc51b28d8fd4de6999f
dabaa427d9ee52f2de1b857230bf9c174df55a6ba25b24a49a3c95ac0e462a6f
e954ae1ddb505f8e8fbad2f1bbab6036287633051e969f09cf7b353589c1e3a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629