89.249.65.135
Open in
urlscan Pro
89.249.65.135
Malicious Activity!
Public Scan
URL:
http://89.249.65.135/Login/
Submission: On December 15 via automatic, source openphish
Submission: On December 15 via automatic, source openphish
Summary
This website contacted 5 IPs
in 3 countries
across 4 domains to perform 44 HTTP transactions.
The main IP is 89.249.65.135, located in
Frankfurt, Germany and
belongs to M247, GB.
The main domain is 89.249.65.135.
This is the only time 89.249.65.135 was scanned on urlscan.io!
This is the only time 89.249.65.135 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 24 | 89.249.65.135 89.249.65.135 | 9009 (M247) (M247) | |
| 1 | 2a02:26f0:122... 2a02:26f0:122:38f::35c1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 7 | 2a02:26f0:122... 2a02:26f0:122:38d::1d8e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 4 | 92.123.3.250 92.123.3.250 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 8 | 92.123.92.114 92.123.92.114 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 44 | 5 |
1
2a02:26f0:122:38f::35c1
(European Union)
ASN20940 (AKAMAI-ASN1, US)
ASN20940 (AKAMAI-ASN1, US)
| secure.aadcdn.microsoftonline-p.com |
4
92.123.3.250
(France)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-3-250.deploy.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-3-250.deploy.akamaitechnologies.com
| appsforoffice.microsoft.com |
8
92.123.92.114
(European Union)
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-114.deploy.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-114.deploy.akamaitechnologies.com
| r4.res.office365.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
office365.com
r4.res.office365.com |
771 KB |
| 7 |
msocdn.com
weuofficehome.msocdn.com |
79 KB |
| 4 |
microsoft.com
appsforoffice.microsoft.com |
112 KB |
| 1 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com |
82 B |
| 44 | 4 |
| Domain | Requested by | |
|---|---|---|
| 8 | r4.res.office365.com |
89.249.65.135
|
| 7 | weuofficehome.msocdn.com |
89.249.65.135
|
| 4 | appsforoffice.microsoft.com |
89.249.65.135
|
| 1 | secure.aadcdn.microsoftonline-p.com |
89.249.65.135
|
| 44 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| login.microsoftonline.com |
| account.live.com |
| passwordreset.microsoftonline.com |
| login.live.com |
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secure.aadcdn.microsoftonline-p.com Microsoft IT TLS CA 1 |
2017-08-15 - 2019-08-15 |
2 years | crt.sh |
| *.msocdn.com Symantec Class 3 Secure Server CA - G4 |
2017-06-26 - 2018-09-25 |
a year | crt.sh |
| appsforoffice.microsoft.com Microsoft IT SSL SHA2 |
2016-12-23 - 2018-04-23 |
a year | crt.sh |
| *.res.outlook.com Microsoft IT TLS CA 5 |
2017-11-27 - 2019-11-27 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
http://89.249.65.135/Login/
Frame ID: (A7B961633E72D577121B3BDE5CF67557)
Requests: 13 HTTP requests in this frame
Frame:
http://89.249.65.135/Login/Index_files/prefetch.html
Frame ID: (C292939C518FAD2AD443F831BD035B4)
Requests: 13 HTTP requests in this frame
Frame:
http://89.249.65.135/Login/Index_files/prefetch(1).html
Frame ID: (89C0BD641023E98AAE461D4223E1B294)
Requests: 18 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://login.microsoftonline.com/common/reprocess?ctx=rQIIAXWRO2_TUACF47zUlAqqLiCxdICFysm1fW3HQR2SNE2dxkmc2DjOEjmJnTixfR375uWVP9CJoWwsSFUnxID4AQydOrMiEEIMwNSRlp3lTOdIn873LEFlqcITyEDW4AcCKRgcQ0KBAqQBaY5kWIZjaECNWMAEe9u7j_tP5Z9ff9deCp9eZ7L3Li-IhxOM_bCQy61WqyyyLHtoZofIzX0giGuC-E4Q5_GU6ZFq5yIecgwHOVoAUOAhzAuAA1k9KjmNqQr1SMcNTWWbZQCaRzW3royBHhWxTou0rrUdaTqmGtGM6imTWU-RmJ5SxI2qvNI7AOiKY9eV2Uaq6lhye27j30ammprEfo4_aBYXeELfBQrsyPwTz1gocPs-CvF54i3R9E1PHJWR55lDnL2rmR62hwa2kdcKkG8G2DbDQ34NWK3acsQeiSuu0a4GzbpbW7U1A6jKpM5WllF4tPH1vjbUiqM8WvCkOtdmokRqJzPJmcqVvPoCuPjYysPBAjGVQF1S0yplg5aCeWPjshtYWna5krbqzDuR3K1PvJO16Na7_bGk8Py7RPr2Vhd5V4n7t1CePdr3A2TZjnmdJH4kd0CisLW1vRt7FNuP3SSJN6lbW-BbInxfvTm9TL768pzeiV2lcpJ3GlgiXpd0sXggD5zBAnPleUdSYGdyHMIDKxe5NT-QkTM-zBeoszRxlk7_Ssc-Zv4n-i81
Title: Try it now
Title: Try it now
Search URL Search Domain Scan URL
URL: https://account.live.com/password/reset?wreply=https:%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAXWRO2_TUACF47zUlAqqLiCxdICFysm1fW3HQR2SNE2dxkmc2DjOEjmJnTixfR375uWVP9CJoWwsSFUnxID4AQydOrMiEEIMwNSRlp3lTOdIn873LEFlqcITyEDW4AcCKRgcQ0KBAqQBaY5kWIZjaECNWMAEe9u7j_tP5Z9ff9deCp9eZ7L3Li-IhxOM_bCQy61WqyyyLHtoZofIzX0giGuC-E4Q5_GU6ZFq5yIecgwHOVoAUOAhzAuAA1k9KjmNqQr1SMcNTWWbZQCaRzW3royBHhWxTou0rrUdaTqmGtGM6imTWU-RmJ5SxI2qvNI7AOiKY9eV2Uaq6lhye27j30ammprEfo4_aBYXeELfBQrsyPwTz1gocPs-CvF54i3R9E1PHJWR55lDnL2rmR62hwa2kdcKkG8G2DbDQ34NWK3acsQeiSuu0a4GzbpbW7U1A6jKpM5WllF4tPH1vjbUiqM8WvCkOtdmokRqJzPJmcqVvPoCuPjYysPBAjGVQF1S0yplg5aCeWPjshtYWna5krbqzDuR3K1PvJO16Na7_bGk8Py7RPr2Vhd5V4n7t1CePdr3A2TZjnmdJH4kd0CisLW1vRt7FNuP3SSJN6lbW-BbInxfvTm9TL768pzeiV2lcpJ3GlgiXpd0sXggD5zBAnPleUdSYGdyHMIDKxe5NT-QkTM-zBeoszRxlk7_Ssc-Zv4n-i81
Title: Personal account
Title: Personal account
Search URL Search Domain Scan URL
URL: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAXWRO2_TUACF47zUlAqqLiCxdICFysm1fW3HQR2SNE2dxkmc2DjOEjmJnTixfR375uWVP9CJoWwsSFUnxID4AQydOrMiEEIMwNSRlp3lTOdIn873LEFlqcITyEDW4AcCKRgcQ0KBAqQBaY5kWIZjaECNWMAEe9u7j_tP5Z9ff9deCp9eZ7L3Li-IhxOM_bCQy61WqyyyLHtoZofIzX0giGuC-E4Q5_GU6ZFq5yIecgwHOVoAUOAhzAuAA1k9KjmNqQr1SMcNTWWbZQCaRzW3royBHhWxTou0rrUdaTqmGtGM6imTWU-RmJ5SxI2qvNI7AOiKY9eV2Uaq6lhye27j30ammprEfo4_aBYXeELfBQrsyPwTz1gocPs-CvF54i3R9E1PHJWR55lDnL2rmR62hwa2kdcKkG8G2DbDQ34NWK3acsQeiSuu0a4GzbpbW7U1A6jKpM5WllF4tPH1vjbUiqM8WvCkOtdmokRqJzPJmcqVvPoCuPjYysPBAjGVQF1S0yplg5aCeWPjshtYWna5krbqzDuR3K1PvJO16Na7_bGk8Py7RPr2Vhd5V4n7t1CePdr3A2TZjnmdJH4kd0CisLW1vRt7FNuP3SSJN6lbW-BbInxfvTm9TL768pzeiV2lcpJ3GlgiXpd0sXggD5zBAnPleUdSYGdyHMIDKxe5NT-QkTM-zBeoszRxlk7_Ssc-Zv4n-i81&mkt=en-US&hosted=0&device_platform=Windows+10
Title: Work or school account
Title: Work or school account
Search URL Search Domain Scan URL
URL: https://login.live.com/oauth20_authorize.srf?response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&scope=openid+profile+email+offline_access&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2&state=rQIIAXWRvW_TUADE43ypKRVULCCxdICFysmz_WzHQR2SNE2dxknc2DjOEjmJnTix_Rz75csr_0AnhrCxIFWdEAPiD2Do1JkVgRBiAKaOtN1Zbrk76XS_5wkqSxWeQgayBt8XSMHgGBIKFCANSHMkwzIcQwNqyAImeLi9-6T3TP717U_tlfD5TSZ772JDZHqOvTCzA-SeE4_GGPthIZdbLpdZZFn24M7IfSSIK4L4QRCbeMr0SLV9Hg85hoMcLQAo8BDmBcCBrB6VnMZEhXqk44amss0yAM3DmltXRkCPilinRVrXTh1pMqIa0ZTqKuNpV5GYrlLEjaq81NsA6Ipj15XpWqrqWHK7buOuI1NNTWK_xB80i3M8pm8FBXZk_o1nLBS4PR-FeJN4RzR90xOHZeR55gBnb2Omh-2BgW3ktQLkmwG2zfCAXwFWq7YcsUviimucVoNm3a0tTzUDqMq4zlYWUXi49vWeNtCKwzya86Q606aiRGrHU8mZyJW8-hK4-MjKw_4cMZVAXVCTKmWDloJ5Y-2ya1hadLiStmzP2pHcqY-945Xo1ju9kaTw_PtE-uZWF3mXifs3ozx7uOcHyLId8ypJ_EzugERha2t7N_Y4the7ThJvUzfkwPdE-KF6fXKRfP31Bb0Tu0zlJO8ksES8KulicV_uO_055sqztqTA9vgohPtWLnJrfiAjZ3SQL1BnaeIsnf6djn3K_A_0Pw2&estsfed=1&uaid=51255f1be5ec4af18339c69b092e0bac&mkt=en-US&pcexp=false&popupui=
Title: Sign in with a Microsoft account
Title: Sign in with a Microsoft account
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use
Title: Terms of use
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies
Title: Privacy & cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
89.249.65.135/Login/ |
63 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.min.css
89.249.65.135/Login/Index_files/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_hover.min.css
89.249.65.135/Login/Index_files/ |
89 B 89 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.1.11.min.js.download
89.249.65.135/Login/Index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aad.login.min.js.download
89.249.65.135/Login/Index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
heroillustration.jpg
89.249.65.135/Login/Index_files/ |
120 KB 120 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bannerlogo.jpg
89.249.65.135/Login/Index_files/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
close.png
89.249.65.135/Login/Index_files/ |
190 B 190 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
microsoft_logo.png
89.249.65.135/Login/Index_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.10.2.min.js
89.249.65.135/Login/Scripts/ |
92 KB 92 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.6856.18/content/cdnbundles/ |
89 B 82 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.1.11.min.js.download
89.249.65.135/Login/Index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aad.login.min.js.download
89.249.65.135/Login/Index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prefetch.html
89.249.65.135/Login/Index_files/ Frame (C29 |
2 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
staticstyles.css
89.249.65.135/Login/Index_files/ Frame (C29 |
100 KB 100 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
document-sprite.png
weuofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/ Frame (C29 |
18 KB 18 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zero-docs-sprite.png
weuofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/ Frame (C29 |
18 KB 18 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfills-bundle.js
weuofficehome.msocdn.com/s/01954e96/Areas/Home/Content/js/build/bundles/ Frame (C29 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-bundle.js
weuofficehome.msocdn.com/s/6101dd65/Areas/Home/Content/js/build/bundles/ Frame (C29 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
staticscripts.js
weuofficehome.msocdn.com/s/3314c857/Areas/Home/Content/js/build/bundles/ Frame (C29 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-bundle.js
weuofficehome.msocdn.com/s/01507b67/Areas/Home/Content/js/build/bundles/ Frame (C29 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
react-bundle.js
weuofficehome.msocdn.com/s/0a4dd2e5/Areas/Home/Content/js/build/bundles/ Frame (C29 |
141 KB 43 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prefetch(1).html
89.249.65.135/Login/Index_files/ Frame (89C |
3 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
boot.worldwide.0.mouse.js.download
89.249.65.135/Login/Index_files/ Frame (89C |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
boot.worldwide.1.mouse.js.download
89.249.65.135/Login/Index_files/ Frame (89C |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
boot.worldwide.2.mouse.js.download
89.249.65.135/Login/Index_files/ Frame (89C |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
boot.worldwide.3.mouse.js.download
89.249.65.135/Login/Index_files/ Frame (89C |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite1.mouse.png
89.249.65.135/Login/Index_files/ Frame (89C |
16 KB 16 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite1.mouse.css
89.249.65.135/Login/Index_files/ Frame (89C |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
boot.worldwide.mouse.css
89.249.65.135/Login/Index_files/ Frame (89C |
225 KB 225 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Regular.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (C29 |
33 KB 33 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Semibold.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (C29 |
30 KB 30 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Semilight.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (C29 |
25 KB 25 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Light.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (C29 |
24 KB 24 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.2010.4.2439751/scripts/ Frame (89C |
641 KB 174 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
office365icons.woff
89.249.65.135/Login/fonts/ Frame (89C |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
office365icons.ttf
89.249.65.135/Login/fonts/ Frame (89C |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
office365icons.woff
r4.res.office365.com/owa/prem/16.2010.4.2439751/resources/styles/fonts/ Frame (89C |
75 KB 75 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.2010.4.2439751/scripts/ Frame (89C |
635 KB 157 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.2010.4.2439751/scripts/ Frame (89C |
638 KB 165 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.2010.4.2439751/scripts/ Frame (89C |
633 KB 140 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite1.mouse.png
r4.res.office365.com/owa/prem/16.2010.4.2439751/resources/images/0/ Frame (89C |
16 KB 16 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite1.mouse.css
r4.res.office365.com/owa/prem/16.2010.4.2439751/resources/images/0/ Frame (89C |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/16.2010.4.2439751/resources/styles/0/ Frame (89C |
225 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint object| $Config boolean| isTouch string| cssId object| head object| link object| Constants undefined| Tiles function| $ function| jQuery string| hostname0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appsforoffice.microsoft.com
r4.res.office365.com
secure.aadcdn.microsoftonline-p.com
weuofficehome.msocdn.com
2a02:26f0:122:38d::1d8e
2a02:26f0:122:38f::35c1
89.249.65.135
92.123.3.250
92.123.92.114
1dc40451478a6952b7ffd091210d1efe6a8347a2219ebec2677dca4024e72980
1f092adb46b328f218eb173c5ed1ec596778ae8fd540b25e92fba51c11ebe5d2
3859434608f281a7cac3bad36f788a8d900c26491d1e10b68210188336da9b5e
4512d012fcb3595b6ddfbf7f858d3f6f9f394cad67a15d2663acf8b4948060d2
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
557ad6c16b56a9a079486a0637f7296cb28939c5065db18a9a6afc843b1305e4
58432bfe0a6c1fc8cd6224dfb361b0d44b8a6d13d0d926e69006b804b37c34ae
58c8851cbf14153c9559ec9159d74091d633fc08d3e792299f208866c07da331
794a3e7ac5b0b61344702fd93fef4eb4cd794df080d909a90a05d62efdd21957
82e36b23a6e6e352b5d40dde750df07f3cbd03cc2c4e1817a6f411c846a10d0d
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
969aeeac43273cf108f02e6a54aaf99d351acd586e762e3d8be373e5786bede7
987f9e588458e94c96a5c11685861685a7e0b88bf3887c46f3b26383e02ffc86
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
9e444d6e8e9247aa4f8fb0025995c7867fc1d63c182774f4524a3cf8588c10c5
b8f3cfa09a5c61a8fa0a7ebb6e87fb50625aa6f6c387334d618abfed7871f47a
c8ae1941c0005e49dc92e79ce05b8f7daa36c6960bc94fa80e15a83cd524ea63
d0b8d672c8c7c59598f7211dae442b1711033b95dda28a1c7713a9fc6a505991
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
d20cdfee6c432a8611109046d197aa253ee082c240cc16037a3b0e7b0538fdc9
d7d0001a27e8c089f5fb00d5860cae907159b4226b4ef5c02e2b3262bf183f74
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
f49b3c5c279644d82e013e12d43a01e132cf455c1a841e3fb9c330855be70c40
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
f67f3b64a99ed29f5cefb44d3b6f7deeb281f92a568f37618e4af2be3bdc6e4b
fb27159dcd171ff7f4897350b69d9acfea592969783922a1882b82862073c16e