urlscan.io logo urlscan.io
SecurityTrails logo

login.azure-micros.abraven.cl Open in urlscan Pro
212.192.246.62  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bu5dvb.hunterdouglasgroup.co/
Effective URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On September 16 via automatic, source openphish — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 212.192.246.62, located in Germany and belongs to AS-SERVERION, US. The main domain is login.azure-micros.abraven.cl.
TLS certificate: Issued by R3 on September 15th 2022. Valid for: 3 months.
This is the only time login.azure-micros.abraven.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 142.44.234.188 16276 (OVH)
3 6 212.192.246.62 399471 (AS-SERVERION)
2 40.126.24.82 8075 (MICROSOFT...)
12 2620:1ec:bdf::40 8068 (MICROSOFT...)
18 4
Apex Domain
Subdomains		 Transfer
12 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1078
224 KB
6 abraven.cl
login.azure-micros.abraven.cl
www.azure-micros.abraven.cl
358 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 81
2 KB
1 hunterdouglasgroup.co
bu5dvb.hunterdouglasgroup.co
488 B
18 4
Domain Requested by
12 aadcdn.msauth.net login.azure-micros.abraven.cl
aadcdn.msauth.net
5 login.azure-micros.abraven.cl 2 redirects bu5dvb.hunterdouglasgroup.co
login.azure-micros.abraven.cl
2 login.live.com login.azure-micros.abraven.cl
aadcdn.msauth.net
1 www.azure-micros.abraven.cl 1 redirects
1 bu5dvb.hunterdouglasgroup.co
18 5

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
bandwidththeater.com
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
login.azure-micros.abraven.cl
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-08-23 -
2023-08-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Frame ID: 9E96DAA96F110EF65BFE68C3035421B0
Requests: 17 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 3005B2796ABCED00B0B2F2EAF9E3D4A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://bu5dvb.hunterdouglasgroup.co/ Page URL
  2. https://login.azure-micros.abraven.cl/JoOSTcNH HTTP 302
    https://login.azure-micros.abraven.cl/ HTTP 302
    https://www.azure-micros.abraven.cl/login HTTP 302
    https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
  3. https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

18
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

581 kB
Transfer

958 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bu5dvb.hunterdouglasgroup.co/ Page URL
  2. https://login.azure-micros.abraven.cl/JoOSTcNH HTTP 302
    https://login.azure-micros.abraven.cl/ HTTP 302
    https://www.azure-micros.abraven.cl/login HTTP 302
    https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 Page URL
  3. https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://login.azure-micros.abraven.cl/JoOSTcNH HTTP 302
  • https://login.azure-micros.abraven.cl/ HTTP 302
  • https://www.azure-micros.abraven.cl/login HTTP 302
  • https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bu5dvb.hunterdouglasgroup.co/ 		344 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bu5dvb.hunterdouglasgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.44.234.188 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-142-44-234.net
Software
Apache /
Resource Hash
3893b5b3e58f85c9b7081bc49a2109ba35d69323098bed79b50d6f43c2e48a52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
br
Content-Length
190
Content-Type
text/html
Date
Fri, 16 Sep 2022 01:28:54 GMT
Keep-Alive
timeout=3, max=100
Last-Modified
Thu, 15 Sep 2022 19:53:20 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
authorize
login.azure-micros.abraven.cl/common/oauth2/v2.0/
Redirect Chain
  • https://login.azure-micros.abraven.cl/JoOSTcNH
  • https://login.azure-micros.abraven.cl/
  • https://www.azure-micros.abraven.cl/login
  • https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token...
152 KB
153 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Requested by
Host: bu5dvb.hunterdouglasgroup.co
URL: https://bu5dvb.hunterdouglasgroup.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.192.246.62 , Germany, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software
/
Resource Hash
797191f9b3c764c483afca443d6d771a489fcca24904dd36661bcf5bfc522a33

Request headers

Referer
https://bu5dvb.hunterdouglasgroup.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Sep 2022 01:28:56 GMT
Expires
-1
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Ms-Clitelem
1,50168,0,,
X-Ms-Ests-Server
2.1.13622.7 - NEULR1 ProdSlices
X-Ms-Request-Id
96d639be-5a84-4236-97f4-bfae65e06a00

Redirect headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Sep 2022 01:28:56 GMT
Location
https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
CONFIG_NOCACHE
X-Msedge-Ref
Ref A: C8FB5AF7BF2D4EACB9C5A3D80CAF4383 Ref B: AM3EDGE0407 Ref C: 2022-09-16T01:28:56Z
X-Ua-Compatible
IE=edge,chrome=1
reportbssotelemetry
login.azure-micros.abraven.cl/common/instrumentation/ 		264 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://login.azure-micros.abraven.cl/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1800&client-request-id=f86ad35a-4455-4b63-a565-3afcc723592a&hpgrequestid=96d639be-5a84-4236-97f4-bfae65e06a00
Requested by
Host: login.azure-micros.abraven.cl
URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.192.246.62 , Germany, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 01:28:56 GMT
Referrer-Policy
strict-origin-when-cross-origin
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Transfer-Encoding
chunked
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
X-Ms-Request-Id
d8f81d95-31e1-43a2-9f26-e189e0bc6e00
Cache-Control
no-store, no-cache
Connection
close
Content-Type
application/json; charset=utf-8
X-Ms-Ests-Server
2.1.13672.7 - WEULR2 ProdSlices
Expires
-1
Primary Request authorize
login.azure-micros.abraven.cl/common/oauth2/v2.0/ 		199 KB
201 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Requested by
Host: login.azure-micros.abraven.cl
URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.192.246.62 , Germany, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software
/
Resource Hash
3988c00d3df500bf3e6af415e3a0570cb1673448e83ff54db7631a2422ea923a

Request headers

Referer
https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Sep 2022 01:28:57 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Dns-Prefetch-Control
on
X-Ms-Clitelem
1,0,0,,
X-Ms-Ests-Server
2.1.13622.7 - WEULR1 ProdSlices
X-Ms-Request-Id
36ee1365-bea7-4fbf-800e-ddeaf4220500
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.azure-micros.abraven.cl
URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.82 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		383 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Requested by
Host: login.azure-micros.abraven.cl
URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1d0041fb372ba08308468cd97f9074014e898e43a7c0840a58e90836c13fa4e4

Request headers

Referer
https://login.azure-micros.abraven.cl/
Origin
https://login.azure-micros.abraven.cl
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
09YMjYwAAAABs3bniBxmoQYNVg1TdtsfPRE0yQUExMDkxMjA4MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
ondTkuWfOEtd5dw5Y49Bhw==
x-cache
TCP_HIT
content-length
111304
x-ms-lease-status
unlocked
last-modified
Mon, 15 Aug 2022 19:42:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7EF63A0DCE3C
x-azure-ref
0WtEjYwAAAADeY4BtZsqTSL1xROYOv+hcQ0hHRURHRTE1MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c15b063c-e01e-0049-3c46-c89771000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
oneDs_8363475333f6d315e7ae.js
aadcdn.msauth.net/shared/1.0/content/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_8363475333f6d315e7ae.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4cc1914204beca4a34eac1ed055f49f42ad77f143d97271fafa00e4810383fef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
004wjYwAAAAAC4Tj+b++ZQ5Ebv3FTprlnRE0yQUExMDkxMjA4MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
UwrgfpGF/r6JSUQzMXfC0A==
x-cache
TCP_HIT
content-length
27455
x-ms-lease-status
unlocked
last-modified
Sat, 04 Jun 2022 01:22:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA45C8A25CE0E2
x-azure-ref
0WtEjYwAAAAAC8ENqj3JERJ95zwwBtxH8Q0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d4e3535d-d01e-0042-58af-c7b266000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.azure-micros.abraven.cl
URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0n3ojYwAAAADlVzDzCWfxTIplebGoXc/FRE0yQUExMDkxMjA3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0WtEjYwAAAABM3X15eHqSSZFnBx0+M0PlQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7e6d1cdf-901e-0012-5c20-c9d155000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_gb7busmfhpqbcvjpyga3yw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_gb7busmfhpqbcvjpyga3yw2.js
Requested by
Host: login.azure-micros.abraven.cl
URL: https://login.azure-micros.abraven.cl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637988885364056386.MDVlNWRkNzgtM2FkMC00NTliLWFhNWQtNDRmZWI3ZWQ4ZjVkMzRmYWY5MjUtY2U2OS00NzZiLThmNzItOTI3YmUzNzRlZWQw&ui_locales=en-CA&mkt=en-CA&state=dT_sUfqViFnxubFuOQgCPIt775jhkhFXjwNQOLBXxbEcn0wXD59tjSHXqtYKFWpC8BHGQ-BrZJHI1Nar1SG9r--yvUzrWmgR7hT9dHHw7G7utXZ2rm2xVLGYWUouXDiKfn0dJvl1DicLrtDWPIxFM3youDiQHi52RLzoEjtZmNaOvo2XSsrUxN4QgAldkEYDomTH_CALunpA-0v_Nro0-Mrl6rnYDlqcL8uPJGYVYar5Zf0oaodzamvG7ii6INf3hmug3UH5Coc_adPmuri40A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0E88jYwAAAACMENr0vMmgQob1IgPpKGk+RE0yQUExMDkxMjA3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
RtlsirJsEfqR9E4v9VVtLg==
x-cache
TCP_HIT
content-length
13533
x-ms-lease-status
unlocked
last-modified
Tue, 16 Aug 2022 01:17:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7F2518B81C9C
x-azure-ref
0WtEjYwAAAAD+MiuBlV02RbHHu/xn+zrrQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
75113745-b01e-0044-6964-c6486a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f78a659d1f272f9c0aceb7be9ee1c095a2c52e136ba712602520e7a268583b66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0BakjYwAAAAAS83rEFYpNTaNOH86L+VliRE0yQUExMDkxMjA3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
GBMq8b7F7EUzg0oe2bIzrg==
x-cache
TCP_HIT
content-length
5529
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jul 2022 23:52:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6F61D6ECB178
x-azure-ref
0WtEjYwAAAAD8qoFEN6nJTJuZOqWiffsyQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b98c4846-401e-007f-6ae6-c64c6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
x-azure-ref-originshield
0rHojYwAAAAAGjKqM3f+8Q5fQoaJ9Wm0nRE0yQUExMDkxMjA3MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0WtEjYwAAAACz4xDfmbTcT5XoE8LYs3CQQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
0e08e7af-f01e-0038-756c-c64e73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
x-azure-ref-originshield
0nGwjYwAAAACcKESBeWoKTpfBjQpGkRljRE0yQUExMDkxMjA4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0WtEjYwAAAAADtfgyViEtTJ5P0aRq8Wd5Q0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
75112804-b01e-0044-5964-c6486a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c3884c02996923d5be8f0150d8e407562f87fb48d034080740d899682967bb3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0fZgjYwAAAACN1QdnmnSOQbQ8xg/VmbhGRE0yQUExMDkxMjA4MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
myuguQkFQCsNqFzvevLkNg==
x-cache
TCP_HIT
content-length
32176
x-ms-lease-status
unlocked
last-modified
Mon, 15 Aug 2022 19:41:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7EF6352C5B49
x-azure-ref
0WtEjYwAAAAB8HdhWgukBQ5Hb4NbhQc7aQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4841c005-501e-005a-5559-c65a55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0xIwjYwAAAAABq1n2HRv+TKaHBzg5BjIwRE0yQUExMDkxMjA3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D86E386
x-azure-ref
0WtEjYwAAAAB+79+qTrDmT7K5XyVNCWEAQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f0276b80-f01e-0004-5138-c99b7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0v4gjYwAAAAAtc3qmqeD3S4bfMvAAnrPjRE0yQUExMDkxMjA3MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373CB2849
x-azure-ref
0WtEjYwAAAABC/6XFxuqUS4MrNJj4G4scQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a2652385-d01e-0016-7eac-c87d5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
x-azure-ref-originshield
0rHojYwAAAAAGjKqM3f+8Q5fQoaJ9Wm0nRE0yQUExMDkxMjA3MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0WtEjYwAAAACRcQWBjtFaQLTWjf1TXdbPQ0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
0e08e7af-f01e-0038-756c-c64e73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.azure-micros.abraven.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 01:28:58 GMT
x-azure-ref-originshield
0nGwjYwAAAACcKESBeWoKTpfBjQpGkRljRE0yQUExMDkxMjA4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0WtEjYwAAAAAjvEiHOFLoTIw5R7k+zls/Q0hHRURHRTE2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
75112804-b01e-0044-5964-c6486a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ Frame 3005 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_0_7IcabufCglBKoeuaW_Lw2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.82 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.azure-micros.abraven.cl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=315360000
Content-Encoding
gzip
Content-Length
1132
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Sep 2022 01:28:58 GMT
Expires
Mon, 13 Sep 2032 01:28:58 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF000016B0 V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
91197518-a378-4006-9581-c3ae7963e0df
x-ms-route-info
R3_BL2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ function| lp object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503 boolean| __convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970

15 Cookies

Domain/Path Name / Value
.login.azure-micros.abraven.cl/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrKn-cvr3tV8oF-VgKMVmxZHNdfAZ75DLnXta9jyNqM97IeHMPuQuZloLJetQ2nSTOEE8YJBYW1JuR--JFR3GPIosGTjWcT2MZQNdhfNqD5v9yWJU4KCBNCQwVosL6N7Xi4O3GWMunCFjjLN6os2UHOJ_zwzGimiPJYrBn8rRfW68gAA
login.azure-micros.abraven.cl/ Name: x-ms-gateway-slice
Value: estsfd
login.azure-micros.abraven.cl/ Name: stsservicecookie
Value: estsfd
www.azure-micros.abraven.cl/ Name: OH.DCAffinity
Value: OH-weu
www.azure-micros.abraven.cl/ Name: OH.FLID
Value: 2549461a-4a6f-48ba-882b-b8f1c6047a0a
www.azure-micros.abraven.cl/ Name: .AspNetCore.OpenIdConnect.Nonce.omDdV08Coa33Ngvhvfs_IQkVVuVvo-ac7sUJTfDJlElfGPDlegNIlUTouytUz6gpeIdPz_z0i2Xaxw3VRauJDnq5X-YJ7gaOrTzthhUAN3PHnbx26jrvZzNBU3NG8jeZ9N9II-MaRKeiaD7J0j2amlGwc7SQMkApgtKYjhu1hkMrTA9zFSDiawXJ0mtVvYpced2D-KhTykCcmnqySB-Jjla_5Fr-iaFWxZQAhsUUH0tsFl1jOnrOVZIxMHut3OvM
Value: N
www.azure-micros.abraven.cl/ Name: .AspNetCore.Correlation.OpenIdConnectV2.6B8e40GRZHrHr9GdM2GQ2k4QcW1UHcbEJNmu7FipxdA
Value: N
.azure-micros.abraven.cl/ Name: MUID
Value: 096AB4AB73936E801C1BA68A72E86F7C
.login.azure-micros.abraven.cl/ Name: AADSSO
Value: NA|NoExtension
login.azure-micros.abraven.cl/ Name: SSOCOOKIEPULLED
Value: 1
login.azure-micros.abraven.cl/ Name: buid
Value: 0.AQIAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr7OLpHtw1vj6fDY6WCH3oGd0fXFQdUqikUxt8mQP_7qHH4_K64TPbsKmbjIHhnrfGVeCqI_eoZOpIlIo-151uPVQnqgN9V3D114JSgrlr138gAA
login.azure-micros.abraven.cl/ Name: fpc
Value: AlD3XHUFdfJGmhFrzENH35S8Ae7AAQAAAFnItdoOAAAA
.login.azure-micros.abraven.cl/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 60fd77db8a734fcba28295458900fe5d
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1663291738&co=2