office365complimente.blob.core.windows.net Open in urlscan Pro
52.239.214.164  Malicious Activity! Public Scan

Submitted URL: https://bit.ly/2ET91c3
Effective URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Submission: On October 31 via manual from US

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 52.239.214.164, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is office365complimente.blob.core.windows.net.
TLS certificate: Issued by Microsoft IT TLS CA 5 on November 9th 2017. Valid for: 2 years.
This is the only time office365complimente.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DocuSign (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 395224 (BITLY-AS)
1 1 206.189.125.60 14061 (DIGITALOC...)
1 142.93.191.70 14061 (DIGITALOC...)
12 52.239.214.164 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
14 3
Apex Domain
Subdomains
Transfer
12 windows.net
office365complimente.blob.core.windows.net
460 KB
1 googleapis.com
ajax.googleapis.com
33 KB
1 checksecure.xyz
a.checksecure.xyz
1 KB
1 aweurl.us
aweurl.us
1 KB
1 bit.ly
bit.ly
415 B
14 5
Domain Requested by
12 office365complimente.blob.core.windows.net a.checksecure.xyz
office365complimente.blob.core.windows.net
1 ajax.googleapis.com office365complimente.blob.core.windows.net
1 a.checksecure.xyz
1 aweurl.us 1 redirects
1 bit.ly 1 redirects
14 5

This site contains no links.

Subject Issuer Validity Valid
a.checksecure.xyz
Let's Encrypt Authority X3
2018-10-28 -
2019-01-26
3 months crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 5
2017-11-09 -
2019-11-09
2 years crt.sh
*.googleapis.com
Google Internet Authority G3
2018-10-09 -
2019-01-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Frame ID: FF845100CCD5DF0B80B181B65B640788
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/2ET91c3 HTTP 301
    http://aweurl.us/YDiP3 HTTP 301
    https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4 Page URL
  2. https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

14
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

495 kB
Transfer

552 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2ET91c3 HTTP 301
    http://aweurl.us/YDiP3 HTTP 301
    https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4 Page URL
  2. https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2ET91c3 HTTP 301
  • http://aweurl.us/YDiP3 HTTP 301
  • https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
muarrb.html
a.checksecure.xyz/
Redirect Chain
  • https://bit.ly/2ET91c3
  • http://aweurl.us/YDiP3
  • https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4
1 KB
1 KB
Document
General
Full URL
https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.191.70 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
vps.checksecure.xyz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f6ce72e5764f461be8fe13e9634d518f092669297034c551781ed13d86d7aaef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
a.checksecure.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 16:02:36 GMT
Server
Apache/2.4.18 (Ubuntu)
Strict-Transport-Security
max-age=63072000; includeSubdomains
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
Last-Modified
Wed, 31 Oct 2018 07:29:29 GMT
ETag
"563-57981433a3f72-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
720
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Wed, 31 Oct 2018 16:02:35 GMT
Server
Apache/2.4.18 (Ubuntu)
Cache-Control
no-cache
Location
https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4
Set-Cookie
XSRF-TOKEN=eyJpdiI6Ik5pVGl0amxrV04yMmFxYjY1a2VlSHc9PSIsInZhbHVlIjoiTmtlR0VwOFZcL0YwcWNJTldYU0R6ckk5TThYRTlaR0ZCN09MUnN3enZFY0RydW5BK0ZyTzFwZ2R6ZE9LTFwveityaGVRWW11M0U0MzFISHhCeEp1TVBkZz09IiwibWFjIjoiMmVmMTQ5MTU3ZjkyMGUzZDQwNWM0YTg0NzNmMGQ2MGNiNDM0MWQxZTRmOGZjMmRjZDZmMGQ4ZDQyYjA4MDYxOSJ9; expires=Wed, 31-Oct-2018 18:02:35 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlpcL0VnUVJRbnJ3cGVUU2lBNXhnZHNRPT0iLCJ2YWx1ZSI6Ik42K0NDWWRTbnlhVFVzY2Q2RjliTWhxS29CMGw3aU8yWlwvTXVWZGNPTk93NG5GRDN3Y0FkSllDUm44dHd2d1FzOVpYakZXUmR0YTZ2b3FEUXA4ck9QUT09IiwibWFjIjoiMzQzNTg3OTNhNjUxNDZhMjFlY2JhNjQzNDI5NDUxNzgxYTkzZjQ3MDBiZjJlZTViOGRlZjVlMDk0YTQ1YjZjZCJ9; expires=Wed, 31-Oct-2018 18:02:35 GMT; Max-Age=7200; path=/; HttpOnly
Content-Length
548
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request index.html
office365complimente.blob.core.windows.net/onedrivedetinue82328/
3 KB
4 KB
Document
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Requested by
Host: a.checksecure.xyz
URL: https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9e76aca475b670b4e19afb531cf838384770fee3290448af8c586837d87b1097

Request headers

Host
office365complimente.blob.core.windows.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://a.checksecure.xyz/muarrb.html?a=d9712265-a789-422d-97f8-aaf547e84cb4

Response headers

Content-Length
3312
Content-Type
text/html
Content-MD5
CrdCmnw4NrLQu0flp+8t5g==
Last-Modified
Wed, 31 Oct 2018 07:29:28 GMT
ETag
0x8D63F0297D9757F
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
7342dec7-e01e-0153-1233-71367b000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:36 GMT
bootstrap.min.css
office365complimente.blob.core.windows.net/onedrivedetinue82328/css/
139 KB
139 KB
Stylesheet
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/css/bootstrap.min.css
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a821ec96b40392e08509cba6752cb8f030b3365bef25abd6ae8a7ed962e3064

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
24ajuQrjAIU3wX7ilL+H1Q==
ETag
0x8D63F0296796972
Content-Type
text/css
x-ms-request-id
7342df19-e01e-0153-5f33-71367b000000
x-ms-version
2009-09-19
Content-Length
142158
style.css
office365complimente.blob.core.windows.net/onedrivedetinue82328/css/
3 KB
4 KB
Stylesheet
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/css/style.css
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
149b07b3fd6e5b17c9949a3dcee35dfc68cefed55e4dfcaf044d3a8be627cd7b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OG+64QRuRV1MORj7Pp983A==
ETag
0x8D63F0296855310
Content-Type
text/css
x-ms-request-id
bf51dfdc-401e-003c-1733-71d8fa000000
x-ms-version
2009-09-19
Content-Length
3182
logo.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
12 KB
12 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/logo.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4097d53131a0516a822847d086323ae5684dd8a5d0f0bc62ddad1ab9acc217b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:38 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
MZ8wQu74VXemZVr4FS/zow==
ETag
0x8D63F0297581871
Content-Type
image/png
x-ms-request-id
64e204b3-301e-00bb-7233-718dd5000000
x-ms-version
2009-09-19
Content-Length
11811
1%20Logo%2033x33%201.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
3 KB
4 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/1%20Logo%2033x33%201.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a6a8df29a73e04fb717abc01af86ebf91a36de8153af5182a9bbd29e31b9413

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
jmZtafbBaVK6BlvXPdxr9w==
ETag
0x8D63F0296907957
Content-Type
image/png
x-ms-request-id
5878e482-601e-0020-0333-7100ed000000
x-ms-version
2009-09-19
Content-Length
3458
B%2033x33.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
4 KB
4 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/B%2033x33.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc78480645b47df93a53d609d84c0740bc671465cd50169f8a1a266e9b77753c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VqYP8MQGfbLNffiSEPmDCw==
ETag
0x8D63F0296D6BB1B
Content-Type
image/png
x-ms-request-id
11d7c1bc-a01e-00d8-4633-71cbf0000000
x-ms-version
2009-09-19
Content-Length
4171
C%20%2033x33.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
3 KB
4 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/C%20%2033x33.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f50990dea219dbe1322b36ad2cfb28264eb9546480c1997eb81b589ad4ad2eec

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IRreCgqmpOu28pJSFgao8Q==
ETag
0x8D63F02972BA675
Content-Type
image/png
x-ms-request-id
7342e051-e01e-0153-8033-71367b000000
x-ms-version
2009-09-19
Content-Length
3273
D%20%2033x33.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
4 KB
4 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/D%20%2033x33.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5596af5d0b179054ce4975eda5d5b11694a7f7fb58fd9cdf42e69bd6d417bede

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:38 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
e0fBKRSK3J2cJl5EoYo9IA==
ETag
0x8D63F0297371AED
Content-Type
image/png
x-ms-request-id
bf51e005-401e-003c-3733-71d8fa000000
x-ms-version
2009-09-19
Content-Length
3960
E%2031x37.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
4 KB
4 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/E%2031x37.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1bb37dfeefd1cdf006d4b794aa7b10787e705c87a45a51e092deda0850dab438

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5q2HtmOxxt/PaQ3DOqpbJQ==
ETag
0x8D63F0297424135
Content-Type
image/png
x-ms-request-id
b1557403-901e-0017-5633-71ac42000000
x-ms-version
2009-09-19
Content-Length
4024
F%20%2033x33.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
3 KB
4 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/F%20%2033x33.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b84d6d3dcaa772e962faf2a0b1cd77a110da805d2131356cfaa11722b7f2b180

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:38 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
HQi7Vk4GiMKXVkZjkQQ3+Q==
ETag
0x8D63F02974D1947
Content-Type
image/png
x-ms-request-id
64e204f5-301e-00bb-2a33-718dd5000000
x-ms-version
2009-09-19
Content-Length
3436
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Oct 2018 06:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2540406
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
33951
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2019 06:22:31 GMT
bootstrap.min.js
office365complimente.blob.core.windows.net/onedrivedetinue82328/js/
36 KB
37 KB
Script
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/js/bootstrap.min.js
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:37 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WGnJbMjxkIau5iXWcNdB+Q==
ETag
0x8D63F0297CE9D77
Content-Type
application/octet-stream
x-ms-request-id
b15573d0-901e-0017-2a33-71ac42000000
x-ms-version
2009-09-19
Content-Length
37045
task.png
office365complimente.blob.core.windows.net/onedrivedetinue82328/img/
241 KB
241 KB
Image
General
Full URL
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/img/task.png
Requested by
Host: office365complimente.blob.core.windows.net
URL: https://office365complimente.blob.core.windows.net/onedrivedetinue82328/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.214.164 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a166a16d575db967f6aa3c80e6b368aaafcd2792d40ed850a09d95cb65d86e2b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office365complimente.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office365complimente.blob.core.windows.net/onedrivedetinue82328/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 31 Oct 2018 16:02:38 GMT
Last-Modified
Wed, 31 Oct 2018 07:29:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IE2JUTerDlQ8sVN63jbvdw==
ETag
0x8D63F0297C3773D
Content-Type
image/png
x-ms-request-id
5878e4a6-601e-0020-1a33-7100ed000000
x-ms-version
2009-09-19
Content-Length
246805

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DocuSign (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery11240014573522629299118

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY