bglprime.mamaholding.net Open in urlscan Pro
179.43.171.132 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://culturadireitoesociedade.com.br/240523%20Transactions.html
Effective URL:
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b4...
Submission: On May 31 via manual (May 31st 2023, 5:20:39 am UTC) from ZA — Scanned from DE

Summary HTTP 71 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 71 HTTP transactions. The main IP is 179.43.171.132, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is bglprime.mamaholding.net.
TLS certificate: Issued by R3 on May 29th 2023. Valid for: 3 months.

This is the only time bglprime.mamaholding.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	108.179.193.188 108.179.193.188	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
34	179.43.171.132 179.43.171.132	51852 (PLI-AS) (PLI-AS)
71	3

1 108.179.193.188 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 108-179-193-188.unifiedlayer.com

culturadireitoesociedade.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 179.43.171.132 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
PTR: hostedby.swire.cx

bglprime.mamaholding.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.mamaholding.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
93eca61e-c41f5364.mamaholding.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7bc202bc-c41f5364.mamaholding.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f8e6608b-c41f5364.mamaholding.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mamaholding.net bglprime.mamaholding.net live.mamaholding.net 93eca61e-c41f5364.mamaholding.net 7bc202bc-c41f5364.mamaholding.net f8e6608b-c41f5364.mamaholding.net	1 MB
1	culturadireitoesociedade.com.br culturadireitoesociedade.com.br	990 B
71	2

	Domain	Requested by
19	f8e6608b-c41f5364.mamaholding.net	7bc202bc-c41f5364.mamaholding.net
8	93eca61e-c41f5364.mamaholding.net	bglprime.mamaholding.net 93eca61e-c41f5364.mamaholding.net
4	bglprime.mamaholding.net	culturadireitoesociedade.com.br bglprime.mamaholding.net
2	7bc202bc-c41f5364.mamaholding.net	93eca61e-c41f5364.mamaholding.net 7bc202bc-c41f5364.mamaholding.net
1	live.mamaholding.net	bglprime.mamaholding.net
1	culturadireitoesociedade.com.br
71	6

This site contains links to these domains. Also see Links.

Domain
live.mamaholding.net
wwwms.mamaholding.net
062dab71-c41f5364.mamaholding.net

Subject Issuer	Validity	Valid
www.culturadireitoesociedade.com.br.dialogoscriticos.com R3	`2023-05-15` - `2023-08-13`	3 months	crt.sh
mamaholding.net R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true
Frame ID: 290466944ECB81A742ADC5A46B6FDDD1
Requests: 14 HTTP requests in this frame

Frame: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx
Frame ID: CAA57E499C3757E434709040153266F2
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://culturadireitoesociedade.com.br/240523%20Transactions.html Page URL
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87... Page URL
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87... Page URL
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87... Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

49 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

3
IPs

2
Countries

1085 kB
Transfer

4085 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://live.mamaholding.net/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2fbglprime.mamaholding.net%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQKLlS_b5wa57yqbMvjEjfm4FmMnPE5mWVglasYlQkbp3-BkfEFI-MtJkH_onTPlPBit9SU1KLEksz8vAssAq9YeAyYrTg4uAQYJBgUGH6wMC5iBdpqNWNhXtOlaK_W2y8n8u-PZDjFqp8W6mMZHplnaZTrk51smVrqXpIU6B1V4lVRUmgSZOmXkWmRXGBQ7BMUlpJsa2FlOIFNaAIb0yk2hg9sjB3sDLPYGQ5wMm7gYTzAy_CD70fPo9lvNt146_GKXyfUO8DR2zvUOC09zDTA09gkx9jNMT_K1dnHJSLJw9FUO9DAyCnCNNfc1CDUFgA1&estsfed=1&uaid=ef7bd0709581435eaa76b4e374460353&signup=1&lw=1&fl=easi2&fci=https%3a%2f%2f7bc202bc-c41f5364.mamaholding.net.orgid.com
Title: Erstellen Sie jetzt eins!

Search URL Search Domain Scan URL

URL: https://wwwms.mamaholding.net/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://062dab71-c41f5364.mamaholding.net/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://wwwms.mamaholding.net/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://culturadireitoesociedade.com.br/240523%20Transactions.html Page URL
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc Page URL
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc Page URL
https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 240523%20Transactions.html Show response
culturadireitoesociedade.com.br/ 2 KB
990 B 651ms
114ms Document
text/html 108.179.193.188
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://culturadireitoesociedade.com.br/240523%20Transactions.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.193.188 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 108-179-193-188.unifiedlayer.com
Software: Apache /
Resource Hash: 53aedd69dae9d165bb1dfb387dcc3e9706e28b9bafe38955ea7c3191c29e8e27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 874
content-type: text/html
date: Wed, 31 May 2023 05:20:33 GMT
last-modified: Tue, 30 May 2023 12:31:06 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
bglprime.mamaholding.net/ 359 KB
121 KB 236ms
174ms Document
text/html 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc

Requested by

Host: culturadireitoesociedade.com.br
URL: https://culturadireitoesociedade.com.br/240523%20Transactions.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

45f74fa3c532beeba35c2f76227820c8b162996b5b42ed42d4a3ef5892102d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://culturadireitoesociedade.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 05:20:34 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 / Show response
bglprime.mamaholding.net/ 202 B
346 B 90ms
90ms Fetch
application/json 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc

Requested by

Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

a5aa0607ac82ca20252d09ceda3394a99414f11c78e6b5c7b7c2a65232645f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 May 2023 05:20:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
bglprime.mamaholding.net/ 462 KB
157 KB 749ms
748ms Document
text/html 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc

Requested by

Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

5d47823d8ffc6cc1ddd08a5de239e9fcdc459bb0e9aa40ae960db687f8cd4c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 05:20:35 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://85780675-c41f5364.mamaholding.net/api/report?catId=GW+estsfd+ams2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - NEULR1 ProdSlices
x-ms-request-id: 102b30a8-2e91-47f5-9487-c12efb709200

GET
H2 200 Primary Request / Show response
bglprime.mamaholding.net/ 510 KB
154 KB 863ms
863ms Document
text/html 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true

Requested by

Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

bd3dce74947c05e7d05c849342a94bb86f892b821c91c57604a17fe481f1d23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 05:20:36 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://85780675-c41f5364.mamaholding.net/api/report?catId=GW+estsfd+ams2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - NEULR1 ProdSlices
x-ms-request-id: 6ea1983a-d282-4a5b-85db-e9910fbf5900

GET
H2 200 Me.htm
live.mamaholding.net/ 0
0 726ms
701ms Other
text/html 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://live.mamaholding.net/Me.htm?v=3
Requested by: Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.swire.cx
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js Show response
93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/ 410 KB
114 KB 730ms
669ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Requested by

Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

033bb2b14f87c5669047214f2fe20641a7d942e57f4402819afff0c84da558ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bglprime.mamaholding.net/
Origin: https://bglprime.mamaholding.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2375022
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Mon, 01 May 2023 23:53:01 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 21bae719-b01e-0055-63e5-7d88ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js Show response
93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/asyncchunk/ 108 KB
32 KB 348ms
347ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b58ad253a0d39d0e283.js

Requested by

Host: 93eca61e-c41f5364.mamaholding.net
URL: https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

e08f5101c8a921974dff281c3eda33ba4049cf13f044b32c75cc2bab211117d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2808657
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 26 Apr 2023 03:42:34 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e1350549-d01e-0043-2cf4-79d147000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 Prefetch.aspx Show response
7bc202bc-c41f5364.mamaholding.net/Prefetch/ Frame CAA5 11 KB
3 KB 353ms
301ms Document
text/html 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Requested by

Host: 93eca61e-c41f5364.mamaholding.net
URL: https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

23c553f6b1e35db5f8e210d839ad812fcb0e410dd274fb2a2eb58b0a636c79f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bglprime.mamaholding.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache,no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 05:20:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ua-compatible: IE=Edge

GET
H2 200 converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css
93eca61e-c41f5364.mamaholding.net/ests/2.1/content/cdnbundles/ 0
20 KB 300ms
299ms Other
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://93eca61e-c41f5364.mamaholding.net/ests/2.1/content/cdnbundles/converged.v2.login.min_jhbu09ckrizehfz_kojdnq2.css

Requested by

Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 603816
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 10 May 2023 02:53:17 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7862e447-b01e-0010-7101-8e61ad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-de.min_j4scmmnyfwcxptcac6gudg2.js
93eca61e-c41f5364.mamaholding.net/ests/2.1/content/cdnbundles/ 0
16 KB 331ms
331ms Other
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://93eca61e-c41f5364.mamaholding.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_j4scmmnyfwcxptcac6gudg2.js

Requested by

Host: bglprime.mamaholding.net
URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 1576960
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Mon, 01 May 2023 22:11:03 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1df311c7-101e-0042-6027-852f4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 embeddedfonts.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 3 KB
1 KB 298ms
245ms Stylesheet
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/embeddedfonts.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

ec3b3a03b2fdae16d482ed620a60059ea82e193d1e56215bfeba2bb45535c721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 373593
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:22 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=9680312128647662396267183605308730965"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: f3a45b2b-901e-003c-6019-90e306000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 admin.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/admin/css/ Frame CAA5 1 MB
193 KB 1381ms
1328ms Stylesheet
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/admin/css/admin.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

9cd57883d8741a9fbfb1cf91bc0705ac6b49a0abe734354b0adffb596689f986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 373581
x-cache: HIT
last-modified: Fri, 26 May 2023 16:47:20 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=266938029464273413560928744958698768"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 9f11f670-201e-0016-4119-903c16000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 o365themedefault.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 7 KB
2 KB 249ms
197ms Stylesheet
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/o365themedefault.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 330803
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:53 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=170322531814330120397186902945007357362"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 6719fd2f-c01e-0031-677d-902bd2000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 masterstyles15.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 92 KB
26 KB 351ms
298ms Stylesheet
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/masterstyles15.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

3db4990eef9d579fa98f837039e5ac394e9cf35e3a94ee5508e8695146c8242c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 373591
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:27 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=824083492822839580110876583106205471525"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 0c5017a7-a01e-0018-4219-9015a6000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 masterstyles15mvc.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 15 KB
4 KB 487ms
434ms Stylesheet
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/masterstyles15mvc.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

cd7c131949f596e22540e6907575945b017ebc98c9097b4c15bddf3fdfa7843c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 373591
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:28 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=16163216831838669162997881289893657584"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 6663feb1-201e-0006-1c19-90f97e000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 website.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 874ms
822ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/website.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=199406556226381962214486004854973301550"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 2ca95ded-901e-0061-497f-93e982000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 home.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 976ms
924ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/home.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=1838346075468577157715354154012133578601"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 2206a417-201e-0074-4a7f-93fe31000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 home15.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 889ms
836ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/home15.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=1655142620177509093612914680272382779751"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: de395a64-901e-003c-6f7f-93e306000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 assistancepanel.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 887ms
834ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/assistancepanel.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=142752923872495525394612074029362915419"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 883b0635-901e-0071-447f-932cea000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 conciergehelper.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 907ms
855ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/conciergehelper.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=160631878394756456621302250339247414739"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 2003178e-401e-0062-447f-9308e6000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 signup16.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/content/css/ Frame CAA5 21 KB
5 KB 278ms
226ms Stylesheet
text/css 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/content/css/signup16.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

3f6aa7980ff0c272db9104ec6be1d2499eb0d0629fe8341855df0ae0c12dcf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 312255
x-cache: HIT
last-modified: Fri, 26 May 2023 16:50:43 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=137484491044765621905302721894251440321"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 27592f00-101e-000d-35a8-900215000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 adoption.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 889ms
837ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/adoption.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=1516321017648350560413210212899185368616"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: c7605350-701e-000b-667f-9331aa000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 commonhealthdashboard.css
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/ Frame CAA5 0
0 898ms
846ms Stylesheet
application/xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/commonhealthdashboard.css

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=165801873411768659532792839543759836719"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: bcf7ce6d-201e-0006-6f7f-93f97e000000
timing-allow-origin: *
access-control-allow-headers: *

GET webcontrols.png
f8e6608b-c41f5364.mamaholding.net/images/ Frame CAA5 0
0

GET transparent.gif
f8e6608b-c41f5364.mamaholding.net/Images/ Frame CAA5 0
0

GET header_bg_signup_office.jpg
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET O365SharedClusteredImage.png
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET servicestatus.png
f8e6608b-c41f5364.mamaholding.net/images/ Frame CAA5 0
0

GET pagelayout_white_panel.jpg
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET pagelayout_mos_background_right.jpg
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET pagelayout_mos_background_left.jpg
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET pagelayout_nav_highlight.jpg
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET header_wizard_hl_mos.jpg
f8e6608b-c41f5364.mamaholding.net/Shell/Images/ Frame CAA5 0
0

GET list_bullet_5x5.gif
f8e6608b-c41f5364.mamaholding.net/Images/ Frame CAA5 0
0

GET spinner_16x16_metro.gif
f8e6608b-c41f5364.mamaholding.net/images/ Frame CAA5 0
0

GET spinner_24x24_metro.gif
f8e6608b-c41f5364.mamaholding.net/images/ Frame CAA5 0
0

GET signup_ms_logo.png
f8e6608b-c41f5364.mamaholding.net/shell/images/ Frame CAA5 0
0

GET o365_gallatin_logo.png
f8e6608b-c41f5364.mamaholding.net/shell/images/ Frame CAA5 0
0

GET image1.jpg
f8e6608b-c41f5364.mamaholding.net/images/backgrounds/ Frame CAA5 0
0

GET arrow_staticup_16.png
f8e6608b-c41f5364.mamaholding.net/images/scrollbar/ Frame CAA5 0
0

GET arrow_staticdown_16.png
f8e6608b-c41f5364.mamaholding.net/images/scrollbar/ Frame CAA5 0
0

GET
H2 200 WebResource.axd Show response
7bc202bc-c41f5364.mamaholding.net/ Frame CAA5 23 KB
5 KB 286ms
281ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://7bc202bc-c41f5364.mamaholding.net/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=638137640945220281

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-as-routekey: weu
date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 07 Mar 2023 05:34:54 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
x-as-routekeyapplicationendpointlist: weuportal.office.com
access-control-allow-headers: *
x-ua-compatible: IE=Edge

GET
H2 200 microsoftajaxcombined.js Show response
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 223 KB
56 KB 501ms
501ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/microsoftajaxcombined.js

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

0898c8848a3109ac80389c22b8b6e9ba67972c49500be8b5e2ca50e721fe469b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 372495
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:19 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=548776768690997690812222368293140429286"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 696eb166-301e-0068-771c-90ac51000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 jquery-1_10_2_min.js Show response
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/jquery/ Frame CAA5 91 KB
33 KB 396ms
396ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/jquery/jquery-1_10_2_min.js

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 372496
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:17 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=17608438203496910743298520327761309330"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 78c335ea-001e-0063-611c-90573a000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 headbundle.js Show response
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 79 KB
17 KB 342ms
342ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/headbundle.js

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

e8bc7862f555406cdf43985621f6e0c4f5910aa6aa388516a6206d1de1a3208b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 372495
x-cache: HIT
last-modified: Fri, 26 May 2023 16:46:46 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=14137173338211236121966825653351735594"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: e3387c89-701e-0079-071c-9036e5000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 controlbundle.js Show response
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 87 KB
21 KB 252ms
251ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/controlbundle.js

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 372495
x-cache: HIT
last-modified: Fri, 26 May 2023 16:46:47 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=917691995165898049012780992131507531614"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 53b811ba-301e-0025-4f1c-9063bd000000
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 angularlib.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 156 KB
57 KB 772ms
772ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/angularlib.js

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 372315
x-cache: HIT
last-modified: Fri, 26 May 2023 16:47:01 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=809970650310341254917326991493044913740"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: 6bf7d745-f01e-0005-561c-90181a000000
timing-allow-origin: *
access-control-allow-headers: *

GET angularextensions.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 0
0

GET adminbootstrap.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 0
0

GET adminapp.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 0
0

GET
H2 200 mscorlib.js Show response
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 24 KB
8 KB 214ms
214ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/mscorlib.js

Requested by

Host: 7bc202bc-c41f5364.mamaholding.net
URL: https://7bc202bc-c41f5364.mamaholding.net/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7bc202bc-c41f5364.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:20:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age: 312252
x-cache: HIT
last-modified: Fri, 26 May 2023 16:49:57 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Zurich&ASN=51852&Country=CH&Region=ZH&RequestIdentifier=47584987454400357713003050932171592660"}],"include_subdomains ":true}
access-control-expose-headers: date
x-ms-request-id: a044c039-601e-0028-38a8-90ab69000000
timing-allow-origin: *
access-control-allow-headers: *

GET listgrid.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/ Frame CAA5 0
0

GET peoplepicker.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/ Frame CAA5 0
0

GET productkeycontrol.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/ Frame CAA5 0
0

GET gridview.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/ Frame CAA5 0
0

GET netperf.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET searchbox.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET passwordstrengthmeter.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET hipcontrol.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/ Frame CAA5 0
0

GET geminiwizard.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/ Frame CAA5 0
0

GET webuivalidation.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET webtrends.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET webtrendsstream.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET home.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET reporting.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET assistancepanel.js
f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/ Frame CAA5 0
0

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
93eca61e-c41f5364.mamaholding.net/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 254ms
254ms Image
image/svg+xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 25332929
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 779ac30c-e01e-0092-4a18-ad9485000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
93eca61e-c41f5364.mamaholding.net/shared/1.0/content/images/ 4 KB
2 KB 208ms
207ms Image
image/svg+xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 27058418
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 383e03f5-801e-004b-2867-9df668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js Show response
93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/asyncchunk/ 111 KB
36 KB 709ms
708ms Script
application/x-javascript 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_9877123961886facadfe.js

Requested by

Host: 93eca61e-c41f5364.mamaholding.net
URL: https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

4d9f398ac10ca16a9b949fe5d1ed87d0bfc57b4e5f9308014c8b6b01f703c82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2803610
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Wed, 26 Apr 2023 03:42:37 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b086948-801e-004d-47ff-7910a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
93eca61e-c41f5364.mamaholding.net/shared/1.0/content/images/ 2 KB
1 KB 249ms
249ms Image
image/svg+xml 179.43.171.132
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://93eca61e-c41f5364.mamaholding.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.43.171.132 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

hostedby.swire.cx

Software

nginx /

Resource Hash

8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bglprime.mamaholding.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 05:20:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 4876750
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f5e9ac56-801e-002f-2c25-679f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/webcontrols.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Images/transparent.gif

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/header_bg_signup_office.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/O365SharedClusteredImage.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/servicestatus.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/pagelayout_white_panel.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/pagelayout_mos_background_right.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/pagelayout_mos_background_left.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/pagelayout_nav_highlight.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Shell/Images/header_wizard_hl_mos.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/Images/list_bullet_5x5.gif

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/spinner_16x16_metro.gif

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/spinner_24x24_metro.gif

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/shell/images/signup_ms_logo.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/shell/images/o365_gallatin_logo.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/backgrounds/image1.jpg

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/scrollbar/arrow_staticup_16.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/images/scrollbar/arrow_staticdown_16.png

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/angularextensions.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/adminbootstrap.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/adminapp.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/listgrid.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/peoplepicker.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/productkeycontrol.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/gridview.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/netperf.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/searchbox.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/passwordstrengthmeter.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/jsc/hipcontrol.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/webcontrols/js/geminiwizard.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/webuivalidation.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/webtrends.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/webtrendsstream.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/home.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/reporting.js

Domain: f8e6608b-c41f5364.mamaholding.net
URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/js/assistancepanel.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mamaholding.net/	1970-01-20 12:33:26	Name: 9r21fx Value: YzQxZjUzNjQtMjkxMy00ZWZlLTlmOTMtYzViNmU1OTM4YjYxOjg2M2U1ODkxLTk4MDUtNDAyZS04YjQyLWQxOTQ5MGEzOGFhMw==
.bglprime.mamaholding.net/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
bglprime.mamaholding.net/	1970-01-20 12:11:50	Name: SSOCOOKIEPULLED Value: 1
.bglprime.mamaholding.net/	1969-12-31 23:59:59	Name: CkTst Value: G1685510437013
.bglprime.mamaholding.net/	1970-01-20 21:33:26	Name: brcap Value: 0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true(Line 140) Message: WebSocket connection to 'wss://bglprime.mamaholding.net/websocket/hook/?9r21fx=YzQxZjUzNjQyOTEzNGVmZTlmOTNjNWI2ZTU5MzhiNjE=' failed: Error during WebSocket handshake: Unexpected response code: 503
network	error	URL: https://bglprime.mamaholding.net/?x8=9351f3f02c0411bcec48ba87662ba11a6475ec70b8b48LOG9351f3f02c0411bcec48ba87662ba11a6475ec70b8b49DVuOvc&sso_reload=true(Line 140) Message: WebSocket connection to 'wss://bglprime.mamaholding.net/websocket/hook/?9r21fx=YzQxZjUzNjQyOTEzNGVmZTlmOTNjNWI2ZTU5MzhiNjE=' failed: Error during WebSocket handshake: Unexpected response code: 503
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/website.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/assistancepanel.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/home15.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/adoption.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/commonhealthdashboard.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/conciergehelper.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://f8e6608b-c41f5364.mamaholding.net/admincenter/admin-pkg/2023.5.22.2/de/css/home.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7bc202bc-c41f5364.mamaholding.net
93eca61e-c41f5364.mamaholding.net
bglprime.mamaholding.net
culturadireitoesociedade.com.br
f8e6608b-c41f5364.mamaholding.net
live.mamaholding.net
f8e6608b-c41f5364.mamaholding.net
108.179.193.188
179.43.171.132
033bb2b14f87c5669047214f2fe20641a7d942e57f4402819afff0c84da558ea
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0898c8848a3109ac80389c22b8b6e9ba67972c49500be8b5e2ca50e721fe469b
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
23c553f6b1e35db5f8e210d839ad812fcb0e410dd274fb2a2eb58b0a636c79f8
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
3db4990eef9d579fa98f837039e5ac394e9cf35e3a94ee5508e8695146c8242c
3f6aa7980ff0c272db9104ec6be1d2499eb0d0629fe8341855df0ae0c12dcf52
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45f74fa3c532beeba35c2f76227820c8b162996b5b42ed42d4a3ef5892102d72
4d9f398ac10ca16a9b949fe5d1ed87d0bfc57b4e5f9308014c8b6b01f703c82f
53aedd69dae9d165bb1dfb387dcc3e9706e28b9bafe38955ea7c3191c29e8e27
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
5d47823d8ffc6cc1ddd08a5de239e9fcdc459bb0e9aa40ae960db687f8cd4c68
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1
9cd57883d8741a9fbfb1cf91bc0705ac6b49a0abe734354b0adffb596689f986
a5aa0607ac82ca20252d09ceda3394a99414f11c78e6b5c7b7c2a65232645f12
bd3dce74947c05e7d05c849342a94bb86f892b821c91c57604a17fe481f1d23b
cd7c131949f596e22540e6907575945b017ebc98c9097b4c15bddf3fdfa7843c
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
e08f5101c8a921974dff281c3eda33ba4049cf13f044b32c75cc2bab211117d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bc7862f555406cdf43985621f6e0c4f5910aa6aa388516a6206d1de1a3208b
ec3b3a03b2fdae16d482ed620a60059ea82e193d1e56215bfeba2bb45535c721

bglprime.mamaholding.net Open in urlscan Pro 179.43.171.132 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

49 %HTTPS

0 %IPv6

2 Domains

6 Subdomains

3 IPs

2 Countries

1085 kBTransfer

4085 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bglprime.mamaholding.net Open in urlscan Pro
179.43.171.132 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

49 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

3
IPs

2
Countries

1085 kB
Transfer

4085 kB
Size

5
Cookies

71 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!