www.itheipdesk.com Open in urlscan Pro
20.50.64.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.itheipdesk.com/l/dc63592210770410c8c0d801dddff8e11?f=1
Effective URL:
http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
Submission: On February 19 via api (February 19th 2024, 11:26:43 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 20.50.64.14, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.itheipdesk.com.

This is the only time www.itheipdesk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

	IP Address		AS Autonomous System
18	20.50.64.14 20.50.64.14		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
19	2

18 20.50.64.14 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.itheipdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	itheipdesk.com www.itheipdesk.com	380 KB
0	terranovasite.com Failed secure2.terranovasite.com Failed
19	2

	Domain	Requested by
18	www.itheipdesk.com	www.itheipdesk.com
0	secure2.terranovasite.com Failed	www.itheipdesk.com
19	2

This site contains links to these domains. Also see Links.

Domain
intranet.tpg.ch

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
Frame ID: D8EDE23418FCCB1984EE6AB3E5656D08
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft

Page URL History Show full URLs

http://www.itheipdesk.com/l/dc63592210770410c8c0d801dddff8e11?f=1 Page URL
http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

380 kB
Transfer

841 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://intranet.tpg.ch/17-tpg-intranet/actualite/7171-attention-aux-actes-malveillants

Search URL Search Domain Scan URL

URL: https://intranet.tpg.ch/infos-pratiques/soutien-informatique/protection-des-donnees
Title: Les détails sont disponibles sur l’intranet

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.itheipdesk.com/l/dc63592210770410c8c0d801dddff8e11?f=1 Page URL
http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK dc63592210770410c8c0d801dddff8e11
www.itheipdesk.com/l/ 286 B
1 KB 373ms
172ms Document
text/html 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/l/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 350
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Feb 2024 23:26:37 GMT
Permissions-Policy: geolocation=()
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Primary Request dc63592210770410c8c0d801dddff8e11 Show response
www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/ 11 KB
6 KB 223ms
222ms Document
text/html 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/l/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aaee92ef50756dde7cf19878043e6db74ab100023fe2cce2ae3df4709831b76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.itheipdesk.com/l/dc63592210770410c8c0d801dddff8e11?f=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 3863
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Feb 2024 23:26:37 GMT
Permissions-Policy: geolocation=()
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.css
www.itheipdesk.com/common/bootstrap/css/ 169 KB
23 KB 101ms
100ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/bootstrap/css/bootstrap.css

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2797160125a75dddc44d8cbee398bad6770dbfe2f57479ca65c3f4142e1a9df0

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 23025
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 05 Feb 2024 15:43:19 GMT
Server: Microsoft-IIS/10.0
ETag: "805a1a4a58da1:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.min.css
www.itheipdesk.com/common/jqueryui/ 31 KB
11 KB 210ms
111ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/jqueryui/jquery-ui.min.css

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b0b53ea606e7397f37666242cd8d63d17186b3cc8513d49a9852bf4828a1fc46

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 9859
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 Mar 2023 16:55:02 GMT
Server: Microsoft-IIS/10.0
ETag: "f7ced6b64c5bd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.structure.min.css
www.itheipdesk.com/common/jqueryui/ 15 KB
7 KB 205ms
105ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/jqueryui/jquery-ui.structure.min.css

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e2ec0490ffa766a812249114b99f7b2b578c750619f3175d948be265f07af11

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 6263
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 Mar 2023 16:55:02 GMT
Server: Microsoft-IIS/10.0
ETag: "346bd7b64c5bd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.theme.min.css
www.itheipdesk.com/common/jqueryui/ 14 KB
3 KB 206ms
107ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/jqueryui/jquery-ui.theme.min.css

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

11e1cf2b2ee76191e1556d414a6eebb8e9a357b5930ebbc06858162174b1683d

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 2328
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 Mar 2023 16:55:02 GMT
Server: Microsoft-IIS/10.0
ETag: "03767b64c5bd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK rp_bubbles.css
www.itheipdesk.com/common/css/ 12 KB
3 KB 201ms
102ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/css/rp_bubbles.css

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4bc5a823bc0d699486b8da7c703f02935d4e050fdf7e139ca77c6e744f9899f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 2399
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 Mar 2023 16:55:02 GMT
Server: Microsoft-IIS/10.0
ETag: "03767b64c5bd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK rp_tooltips.css
www.itheipdesk.com/common/css/ 13 KB
4 KB 205ms
105ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/css/rp_tooltips.css

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9bddcf9a5fc7baf7e7bdfe849437591ee53dca4206b1b8af6a705ada50fbadba

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 3325
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 Mar 2023 16:55:02 GMT
Server: Microsoft-IIS/10.0
ETag: "b437d4b64c5bd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK tpg_teams2.png
www.itheipdesk.com/Media/d/cmedia_974c98a4e94c4cf0955cb8a880bd1e3e/ 82 KB
83 KB 128ms
124ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.itheipdesk.com/Media/d/cmedia_974c98a4e94c4cf0955cb8a880bd1e3e/tpg_teams2.png

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

adc4bbcc7eec4e4acc7d993166bc6aeaf0bfc20f93efcf2443a711696528b35e

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Tue, 20 Feb 2024 00:26:37 GMT
Date: Mon, 19 Feb 2024 23:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Mon, 19 Feb 2024 23:26:37 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=3600
Permissions-Policy: geolocation=()
Content-Length: 84378
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK warning.png
www.itheipdesk.com/Media/d/public/ 692 B
2 KB 103ms
100ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.itheipdesk.com/Media/d/public/warning.png

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ef10e8843daed4b49bebef6e8f8c577933ad3444551942d59cfc359e0fd5b11

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Tue, 20 Feb 2024 00:22:59 GMT
Date: Mon, 19 Feb 2024 23:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Mon, 19 Feb 2024 23:22:59 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=3381
Permissions-Policy: geolocation=()
Content-Length: 692
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK Learning_Page_icon_Beware_blue.png
www.itheipdesk.com/Media/d/public/ 7 KB
8 KB 104ms
103ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.itheipdesk.com/Media/d/public/Learning_Page_icon_Beware_blue.png

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b7b44a38be5159466174c09ed7c735689def630b2c4f641e540b451a63dda07

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Tue, 20 Feb 2024 00:22:59 GMT
Date: Mon, 19 Feb 2024 23:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Mon, 19 Feb 2024 23:22:59 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=3381
Permissions-Policy: geolocation=()
Content-Length: 7173
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK Learning_Page_icon_links_blue.png
www.itheipdesk.com/Media/d/public/ 7 KB
8 KB 170ms
121ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.itheipdesk.com/Media/d/public/Learning_Page_icon_links_blue.png

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

da4d27942342f7c3c24cb0b1fc577de8d209a873fe8ad23af061b995b062d547

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Tue, 20 Feb 2024 00:26:37 GMT
Date: Mon, 19 Feb 2024 23:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Mon, 19 Feb 2024 23:26:37 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=3600
Permissions-Policy: geolocation=()
Content-Length: 7655
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK Learning_Page_icon_attachment_blue.png
www.itheipdesk.com/Media/d/public/ 9 KB
10 KB 172ms
102ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.itheipdesk.com/Media/d/public/Learning_Page_icon_attachment_blue.png

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bf55eea201bb018ce7b1c110835619619b89c9a7af31199e5bbf5ace079d338d

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Tue, 20 Feb 2024 00:22:59 GMT
Date: Mon, 19 Feb 2024 23:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Mon, 19 Feb 2024 23:22:59 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=3381
Permissions-Policy: geolocation=()
Content-Length: 8835
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK jquery.min.js Show response
www.itheipdesk.com/common/jquery/ 87 KB
31 KB 267ms
101ms Script
application/x-javascript 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/jquery/jquery.min.js?tn=2421332214

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 30987
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 05 Feb 2024 15:43:19 GMT
Server: Microsoft-IIS/10.0
ETag: "805a1a4a58da1:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap.min.js Show response
www.itheipdesk.com/common/bootstrap/js/ 39 KB
15 KB 107ms
104ms Script
application/x-javascript 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/bootstrap/js/bootstrap.min.js?tn=2421332214

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 14370
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 Mar 2023 16:55:02 GMT
Server: Microsoft-IIS/10.0
ETag: "abb0d3b64c5bd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.itheipdesk.com/common/jqueryui/ 249 KB
67 KB 105ms
102ms Script
application/x-javascript 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/common/jqueryui/jquery-ui.min.js?tn=2421332214

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 67989
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 19 Jun 2023 18:25:29 GMT
Server: Microsoft-IIS/10.0
ETag: "80f2bc6cdba2d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET 95
secure2.terranovasite.com/portal/Image/Index/ 0
0

GET
H/1.1 200
OK TN_Learning_Activity_Page_BG.jpg
www.itheipdesk.com/Media/d/public/ 94 KB
94 KB 204ms
139ms Image
image/jpeg 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.itheipdesk.com/Media/d/public/TN_Learning_Activity_Page_BG.jpg

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

454633df39045e26ea25e5cb2b97a47a5f34b92b39162c757770d5e672df9b3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Tue, 20 Feb 2024 00:26:37 GMT
Date: Mon, 19 Feb 2024 23:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Mon, 19 Feb 2024 23:26:37 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=3600
Permissions-Policy: geolocation=()
Content-Length: 95744
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

POST
H/1.1 200
OK / Show response
www.itheipdesk.com/CountLearningTime/dc63592210770410c8c0d801dddff8e11/ 4 B
2 KB 138ms
137ms XHR
application/json 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.itheipdesk.com/CountLearningTime/dc63592210770410c8c0d801dddff8e11/?f=1&s=0

Requested by

Host: www.itheipdesk.com
URL: http://www.itheipdesk.com/common/jquery/jquery.min.js?tn=2421332214

Protocol

HTTP/1.1

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 23:26:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=()
Content-Length: 125
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure2.terranovasite.com
URL: https://secure2.terranovasite.com/portal/Image/Index/95?fileName=adaab54701f1a33c022f3207d5e7a2f09e27afe1.png&imageTag=Thumbnails

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| CountSecond function| CountLearningTime

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.itheipdesk.com/	1970-01-20 19:16:17	Name: tnlna.enc Value: CurrentCampaignRecipientID=AaDZP2lEUPZdW1pqcBCqtS6zMXhcBNW7AoiCTCM-gEJK0T54owLLz1P-WibGETgBnpCiCdyla2s0pDPF9mlisw2&ExpirationDate=e8zh28rKnaXjQfB3WwTSeMiBebX8Rrb2wMa-U7dhS0grQpWYjnsIn1IFQ2TOG5VolLNCjFPBIPypBiY32OrLZk5eSLPRA1Hy4pZkHWZ2CBs1&CurrentCampaignRecipientEventLogID=cs7mHEhT5IjvqqlcT4jTndxrSdPyz87vB4fSkUI-ltTYuyY5-MgDpEb-PgVGL2Fb_Ldf770hhb-pcuVQ5O-t9A2&TotalLearningTime=TKjMy5B4pd2Lmgw1mTENx_NdhTn-DAJF7t5dYiYtMdNKHaUmjRlb33SsqfNU27V7WgPoHbn7vMMwRno3HEy7uA2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://www.itheipdesk.com/f/ac7cdaed520d4d84adc40026669caf24/dc63592210770410c8c0d801dddff8e11?f=1(Line 231) Message: Refused to load the image 'https://secure2.terranovasite.com/portal/Image/Index/95?fileName=adaab54701f1a33c022f3207d5e7a2f09e27afe1.png&imageTag=Thumbnails' because it violates the following Content Security Policy directive: "img-src 'unsafe-inline' 'self' data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secure2.terranovasite.com
www.itheipdesk.com
secure2.terranovasite.com
20.50.64.14
11e1cf2b2ee76191e1556d414a6eebb8e9a357b5930ebbc06858162174b1683d
1ef10e8843daed4b49bebef6e8f8c577933ad3444551942d59cfc359e0fd5b11
2797160125a75dddc44d8cbee398bad6770dbfe2f57479ca65c3f4142e1a9df0
2b7b44a38be5159466174c09ed7c735689def630b2c4f641e540b451a63dda07
454633df39045e26ea25e5cb2b97a47a5f34b92b39162c757770d5e672df9b3d
4bc5a823bc0d699486b8da7c703f02935d4e050fdf7e139ca77c6e744f9899f6
4e2ec0490ffa766a812249114b99f7b2b578c750619f3175d948be265f07af11
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9bddcf9a5fc7baf7e7bdfe849437591ee53dca4206b1b8af6a705ada50fbadba
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
aaee92ef50756dde7cf19878043e6db74ab100023fe2cce2ae3df4709831b76e
adc4bbcc7eec4e4acc7d993166bc6aeaf0bfc20f93efcf2443a711696528b35e
b0b53ea606e7397f37666242cd8d63d17186b3cc8513d49a9852bf4828a1fc46
bf55eea201bb018ce7b1c110835619619b89c9a7af31199e5bbf5ace079d338d
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
da4d27942342f7c3c24cb0b1fc577de8d209a873fe8ad23af061b995b062d547

www.itheipdesk.com Open in urlscan Pro 20.50.64.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

380 kBTransfer

841 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

www.itheipdesk.com Open in urlscan Pro
20.50.64.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

380 kB
Transfer

841 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!