urlscan.io logo urlscan.io
SecurityTrails logo

remote.displaywindows.com Open in urlscan Pro
195.166.152.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://remote.displaywindows.com/
Effective URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Submission Tags: @phishunt_io
Submission: On May 25 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 195.166.152.213, located in Worcester, United Kingdom and belongs to PLUSNET UK Internet Service Provider, GB. The main domain is remote.displaywindows.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 25th 2021. Valid for: a year.
This is the only time remote.displaywindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23 195.166.152.213 6871 (PLUSNET U...)
21 1
Apex Domain
Subdomains		 Transfer
23 displaywindows.com
remote.displaywindows.com
142 KB
21 1
Domain Requested by
23 remote.displaywindows.com 2 redirects remote.displaywindows.com
21 1

This site contains links to these domains. Also see Links.

Domain
www.dell.com
go.microsoft.com
Subject Issuer Validity Valid
remote.displaywindows.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Frame ID: E9694FA27C84711497D0964B6D0FC28A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://remote.displaywindows.com/ Page URL
  2. https://remote.displaywindows.com/Remote/ HTTP 302
    https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

142 kB
Transfer

331 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://remote.displaywindows.com/ Page URL
  2. https://remote.displaywindows.com/Remote/ HTTP 302
    https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://remote.displaywindows.com/Remote/ClearSessionHandler.ashx HTTP 302
  • https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2FClearSessionHandler.ashx

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
remote.displaywindows.com/ 		289 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1446b6ca913549a072d2aa8f3dcc0c76755da058db6327061d365a680e2371b8

Request headers

:method
GET
:authority
remote.displaywindows.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
content-encoding
gzip
last-modified
Mon, 24 May 2021 17:47:44 GMT
accept-ranges
bytes
etag
"1710efe6c450d71:0"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Tue, 25 May 2021 15:17:36 GMT
content-length
330
Primary Request logon
remote.displaywindows.com/Remote/
Redirect Chain
  • https://remote.displaywindows.com/Remote/
  • https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
584a9374d85751ec34c93aaf6a89e9578a3e6a0e10d19dcaa4a2428ebc24e7de
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
remote.displaywindows.com
:scheme
https
:path
/Remote/logon?ReturnUrl=%2FRemote%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://remote.displaywindows.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://remote.displaywindows.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; path=/; HttpOnly; SameSite=Lax LogonBrowserType=DefaultWithoutDetection; expires=Tue, 08-Jun-2021 15:17:44 GMT; path=/; secure; HttpOnly
x-aspnet-version
4.0.30319
x-xss-protection
1; mode=block
x-powered-by
ASP.NET
date
Tue, 25 May 2021 15:17:43 GMT
content-length
6982

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
location
/Remote/logon?ReturnUrl=%2FRemote%2F
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-xss-protection
1; mode=block
x-powered-by
ASP.NET
date
Tue, 25 May 2021 15:17:43 GMT
content-length
153
logon.css
remote.displaywindows.com/Remote/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/css/logon.css
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00321839a972660a33b51d41ecad852b390c35cd2160d8f7798d404c80376d7b

Request headers

:path
/Remote/css/logon.css
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:33:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"d1d05176e9cd21:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2658
logon.css
remote.displaywindows.com/Remote/css/en/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/css/en/logon.css
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00321839a972660a33b51d41ecad852b390c35cd2160d8f7798d404c80376d7b

Request headers

:path
/Remote/css/en/logon.css
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:22:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ca4cd2ece7cd21:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2658
logon-s.css
remote.displaywindows.com/Remote/css/ 		2 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/css/logon-s.css
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7da10a06e20d6a14c38796cadd7cf8fc2f7633b61620f145ddc11afcae0b7e93

Request headers

:path
/Remote/css/logon-s.css
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7ceb4b764dfd11:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
828
ramjsfx.menu.css
remote.displaywindows.com/Remote/Javascript/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.menu.css
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f4f4b9be1479369a149a07677bed56293f53ce3e985c61e7f9c29d491f2b49fa

Request headers

:path
/Remote/Javascript/ramjsfx.menu.css
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"739b0b764dfd11:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1088
ramjsfx.fluidlayout.js
remote.displaywindows.com/Remote/javascript/ 		2 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/javascript/ramjsfx.fluidlayout.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a81419a74a8859961dbc898ab6604e30fa5e2d3587d4d2d5a12b6bbdf8581df8

Request headers

:path
/Remote/javascript/ramjsfx.fluidlayout.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"739b0b764dfd11:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
896
WebResource.axd
remote.displaywindows.com/Remote/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/WebResource.axd?d=5mZb2zgonbXAph4x3jzb9pzusDmG6McgS-9zasZPSY-krb5OXtFOlLJc1ys9a6YbNMDh5DH0nViKB4tCVOCweWe5mgFueJoZECgXWV_6wMw1&t=637460981481343508
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/Remote/WebResource.axd?d=5mZb2zgonbXAph4x3jzb9pzusDmG6McgS-9zasZPSY-krb5OXtFOlLJc1ys9a6YbNMDh5DH0nViKB4tCVOCweWe5mgFueJoZECgXWV_6wMw1&t=637460981481343508
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Wed, 13 Jan 2021 01:29:08 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
content-length
6007
x-xss-protection
1; mode=block
expires
Wed, 25 May 2022 13:44:51 GMT
ScriptResource.axd
remote.displaywindows.com/Remote/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/ScriptResource.axd?d=Nmm4u-WjgyUdfqFd1p8lh4Iu8BhaYfpp5z644vCGkD_1Jv8I-TuiGUiZt1FsaSIgv6ATv4ijpZklH3JVlrlT8xBMMlF4S5ASpiVyxMcYFi8RlMCeRcgbjZ43zbhnTdW0KwuUVO7pzXmulVGZyJ9dfIHb8aHG4YqE87PLGNjViWw1&t=2fe674eb
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/Remote/ScriptResource.axd?d=Nmm4u-WjgyUdfqFd1p8lh4Iu8BhaYfpp5z644vCGkD_1Jv8I-TuiGUiZt1FsaSIgv6ATv4ijpZklH3JVlrlT8xBMMlF4S5ASpiVyxMcYFi8RlMCeRcgbjZ43zbhnTdW0KwuUVO7pzXmulVGZyJ9dfIHb8aHG4YqE87PLGNjViWw1&t=2fe674eb
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 13:44:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
25609
x-xss-protection
1; mode=block
expires
Wed, 25 May 2022 13:44:51 GMT
ScriptResource.axd
remote.displaywindows.com/Remote/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/ScriptResource.axd?d=d7QQbCqrwdFcOniHu4oAIniwvqhVep4HOzmhehv3FIHEjVbxM9rvQE_se_8E8E3s9rRmx-K8Q5CG2VpT_qQjUxiTh7HOiT54qcFdVai_-xQNDhd1AHBhEXcoa2NPrhUrJ0IzErFygejigrZAuP5TsKEifuQ9S96yDGWDL-ADtAnlbonQr9Zh027PLlH4ehQc0&t=2fe674eb
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/Remote/ScriptResource.axd?d=d7QQbCqrwdFcOniHu4oAIniwvqhVep4HOzmhehv3FIHEjVbxM9rvQE_se_8E8E3s9rRmx-K8Q5CG2VpT_qQjUxiTh7HOiT54qcFdVai_-xQNDhd1AHBhEXcoa2NPrhUrJ0IzErFygejigrZAuP5TsKEifuQ9S96yDGWDL-ADtAnlbonQr9Zh027PLlH4ehQc0&t=2fe674eb
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Tue, 25 May 2021 13:44:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
9984
x-xss-protection
1; mode=block
expires
Wed, 25 May 2022 13:44:51 GMT
ramjsfx.core.js
remote.displaywindows.com/Remote/Javascript/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.core.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f3601f9756431cd20fc214110093faa4c06c402bf5b0a050feccf3b345beb981

Request headers

:path
/Remote/Javascript/ramjsfx.core.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:33:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a343f77e9cd21:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
9234
ramjsfx.js
remote.displaywindows.com/Remote/Javascript/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7d37b3962528e956c5e818008da20241626f1928ee8a9c9956650375fadbfe70

Request headers

:path
/Remote/Javascript/ramjsfx.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5ca7adb764dfd11:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1420
ramjsfx.watermark.js
remote.displaywindows.com/Remote/Javascript/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.watermark.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e31bc896090155c93b1b515658bd68b2f1a35a4be127c502142dc9063326c73

Request headers

:path
/Remote/Javascript/ramjsfx.watermark.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ad6bb2b764dfd11:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1474
ramjsfx.menu.js
remote.displaywindows.com/Remote/Javascript/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.menu.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8f72313983a2fe41ad2033313f8722e33c20b39b971c4e207d497acee5eb8583

Request headers

:path
/Remote/Javascript/ramjsfx.menu.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:33:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a343f77e9cd21:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2924
ramjsfx.popupwindow.js
remote.displaywindows.com/Remote/Javascript/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.popupwindow.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
354be4c35a07554f9bce53c375e6c33ecc56e5b21f699eef268a489623306054

Request headers

:path
/Remote/Javascript/ramjsfx.popupwindow.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ad6bb2b764dfd11:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1475
ramjsfx.utils.js
remote.displaywindows.com/Remote/Javascript/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/Javascript/ramjsfx.utils.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ccfd39ea2527d9599f0508ef64b53319a8953a7851e5f698c8d8f55dce130d96

Request headers

:path
/Remote/Javascript/ramjsfx.utils.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:33:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a343f77e9cd21:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2159
ramjsfx.windowspool.js
remote.displaywindows.com/Remote/javascript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/javascript/ramjsfx.windowspool.js
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
466e525ea245d8dc1e289a3d8206b5e99090a9c28d55d3cb5fccd34f1c3c9109

Request headers

:path
/Remote/javascript/ramjsfx.windowspool.js
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5ca7adb764dfd11:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
991
logo.png
remote.displaywindows.com/Remote/Customization/Product/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://remote.displaywindows.com/Remote/Customization/Product/logo.png
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
15d880351b46323fee9902668ccf9edac8a1d74726866845c52f8c4918b05bc2

Request headers

:path
/Remote/Customization/Product/logo.png
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:44 GMT
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a53e27b864dfd11:0"
content-type
image/png
accept-ranges
bytes
content-length
58681
WebsiteLogo.png
remote.displaywindows.com/Remote/Customization/Partner/ 		609 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://remote.displaywindows.com/Remote/Customization/Partner/WebsiteLogo.png
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c824e82e0f54239df36f048165870a3f1758c2e7e9e447127212146b300a526

Request headers

:path
/Remote/Customization/Partner/WebsiteLogo.png
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:44 GMT
last-modified
Fri, 19 Oct 2012 09:20:10 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"081b9efdaadcd1:0"
content-type
image/png
accept-ranges
bytes
content-length
609
link16.png
remote.displaywindows.com/Remote/Images/ 		798 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://remote.displaywindows.com/Remote/Images/link16.png
Requested by
Host: remote.displaywindows.com
URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f752190dfaf5e95abd2ca8d462b02f6d496438c43fba8d33cf87cb7aa4a5251e

Request headers

:path
/Remote/Images/link16.png
pragma
no-cache
cookie
ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:17:44 GMT
last-modified
Sat, 16 Jul 2016 13:19:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f57922b864dfd11:0"
content-type
image/png
accept-ranges
bytes
content-length
798
logon
remote.displaywindows.com/Remote/
Redirect Chain
  • https://remote.displaywindows.com/Remote/ClearSessionHandler.ashx
  • https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2FClearSessionHandler.ashx
19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2FClearSessionHandler.ashx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.166.152.213 Worcester, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
norecrugeley.plus.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59fcd8e0bf0750bee611bdc0f8ba05878701a26bce5aaf0bc0183a8e6ab6436a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
canary
bcfae41a-2e40-6c30-c540-38ae3a34566e
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
testcookie; screenWidth=1600; screenHeight=1200; ASP.NET_SessionId=h1v2abzaurkjx414jez1ur4i; LogonBrowserType=DefaultWithoutDetection; suppressSharedFolderReadonlyNotification=0
:path
/Remote/logon?ReturnUrl=%2FRemote%2FClearSessionHandler.ashx
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
remote.displaywindows.com
referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 May 2021 15:17:44 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-cache
set-cookie
LogonBrowserType=DefaultWithoutDetection; expires=Tue, 08-Jun-2021 15:17:45 GMT; path=/; secure; HttpOnly
content-length
7049
x-xss-protection
1; mode=block
expires
-1

Redirect headers

date
Tue, 25 May 2021 15:17:44 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
/Remote/logon?ReturnUrl=%2FRemote%2FClearSessionHandler.ashx
cache-control
private
content-length
177
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| LogonResources number| fluidLayoutInitializerId object| fluidlayout object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| RAMJsFx function| $R number| RANDOM3E7C2B50D64611DDB4810 object| RemoteAccessWindowsPool function| addCanaryToken function| showCover function| updateLayout boolean| smallViewport

6 Cookies

Domain/Path Name / Value
remote.displaywindows.com/ Name: suppressSharedFolderReadonlyNotification
Value: 0
remote.displaywindows.com/ Name: LogonBrowserType
Value: DefaultWithoutDetection
remote.displaywindows.com/ Name: ASP.NET_SessionId
Value: h1v2abzaurkjx414jez1ur4i
remote.displaywindows.com/Remote Name: screenHeight
Value: 1200
remote.displaywindows.com/Remote Name: screenWidth
Value: 1600
remote.displaywindows.com/Remote Name:
Value: testcookie

1 Console Messages

Source Level URL
Text
console-api log URL: https://remote.displaywindows.com/Remote/ScriptResource.axd?d=Nmm4u-WjgyUdfqFd1p8lh4Iu8BhaYfpp5z644vCGkD_1Jv8I-TuiGUiZt1FsaSIgv6ATv4ijpZklH3JVlrlT8xBMMlF4S5ASpiVyxMcYFi8RlMCeRcgbjZ43zbhnTdW0KwuUVO7pzXmulVGZyJ9dfIHb8aHG4YqE87PLGNjViWw1&t=2fe674eb(Line 5)
Message:
Clear session failed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

remote.displaywindows.com
195.166.152.213
00321839a972660a33b51d41ecad852b390c35cd2160d8f7798d404c80376d7b
1446b6ca913549a072d2aa8f3dcc0c76755da058db6327061d365a680e2371b8
15d880351b46323fee9902668ccf9edac8a1d74726866845c52f8c4918b05bc2
2e31bc896090155c93b1b515658bd68b2f1a35a4be127c502142dc9063326c73
354be4c35a07554f9bce53c375e6c33ecc56e5b21f699eef268a489623306054
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
466e525ea245d8dc1e289a3d8206b5e99090a9c28d55d3cb5fccd34f1c3c9109
584a9374d85751ec34c93aaf6a89e9578a3e6a0e10d19dcaa4a2428ebc24e7de
59fcd8e0bf0750bee611bdc0f8ba05878701a26bce5aaf0bc0183a8e6ab6436a
5c824e82e0f54239df36f048165870a3f1758c2e7e9e447127212146b300a526
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
7d37b3962528e956c5e818008da20241626f1928ee8a9c9956650375fadbfe70
7da10a06e20d6a14c38796cadd7cf8fc2f7633b61620f145ddc11afcae0b7e93
8f72313983a2fe41ad2033313f8722e33c20b39b971c4e207d497acee5eb8583
a81419a74a8859961dbc898ab6604e30fa5e2d3587d4d2d5a12b6bbdf8581df8
ccfd39ea2527d9599f0508ef64b53319a8953a7851e5f698c8d8f55dce130d96
f3601f9756431cd20fc214110093faa4c06c402bf5b0a050feccf3b345beb981
f4f4b9be1479369a149a07677bed56293f53ce3e985c61e7f9c29d491f2b49fa
f752190dfaf5e95abd2ca8d462b02f6d496438c43fba8d33cf87cb7aa4a5251e