urlscan.io logo urlscan.io
SecurityTrails logo

837840.standard.us-east-1.oortech.com Open in urlscan Pro
170.106.47.94  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Effective URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Submission: On October 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 170.106.47.94, located in Ashburn, United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is 837840.standard.us-east-1.oortech.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on March 28th 2024. Valid for: a year.
This is the only time 837840.standard.us-east-1.oortech.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 170.106.47.94 132203 (TENCENT-N...)
2 104.17.24.14 13335 (CLOUDFLAR...)
6 2a05:840:1:1::1 43350 (NFORCE)
1 162.249.168.129 26548 (PUREVOLTA...)
11 4
Apex Domain
Subdomains		 Transfer
6 im.ge
i.im.ge — Cisco Umbrella Rank: 264808
305 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
169 KB
2 oortech.com
837840.standard.us-east-1.oortech.com
7 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 17317
14 KB
11 4
Domain Requested by
6 i.im.ge 837840.standard.us-east-1.oortech.com
2 cdnjs.cloudflare.com 837840.standard.us-east-1.oortech.com
cdnjs.cloudflare.com
2 837840.standard.us-east-1.oortech.com
1 i.postimg.cc 837840.standard.us-east-1.oortech.com
11 4

This site contains no links.

Subject Issuer Validity Valid
*.standard.us-east-1.oortech.com
TrustAsia RSA DV TLS CA G2		 2024-03-28 -
2025-03-28		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
image.01.cdn.im.ge
Sectigo RSA Domain Validation Secure Server CA		 2024-06-22 -
2025-06-22		 a year crt.sh
postimg.cc
E5		 2024-10-20 -
2025-01-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Frame ID: 2A28075479EE4B24B8104FA8A1BFD943
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Files - OneDrive

Page URL History Show full URLs

  1. http://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com HTTP 307
    https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

494 kB
Transfer

590 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com HTTP 307
    https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request onedrive.-html
837840.standard.us-east-1.oortech.com/
Redirect Chain
  • http://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
  • https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.47.94 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4c0b142e58172949555c0c11f0a5c138ff21a36bd9b75c4e48aa1e6b96199a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
access-control-max-age
3628800
content-disposition
inline; filename="onedrive.-html"
content-encoding
gzip
content-type
text/html
date
Tue, 29 Oct 2024 21:39:23 GMT
last-modified
Thu, 08 Aug 2024 02:59:38 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Non-Authoritative-Reason
HttpsUpgrades
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"623a082a-4291"
age
441394
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRqdxCStYelEvQUNENQTAZCUn86LJyPtadBfZQraJebso2JK%2FaTLo6xx5Kkfsu%2FWE1XBLhn2nXNRtjf01VDm2rmZ5%2Fwt3GzunrSEdJ%2FGHR4r5LjXaDioGs0rpIWtfR%2BGUTan%2FbEE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 19 Oct 2025 21:39:23 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 21:39:23 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 22 Mar 2022 17:32:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8da65166480d5c7d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17041
server
cloudflare
jDeMip.download.png
i.im.ge/2023/08/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2023/08/06/jDeMip.download.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:840:1:1::1 , Belize, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
72824f3fe09c1e718f8ef2726b7ac44591443f2e6d6c68cc2faf2a2a042dd933

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
age
1175
expires
Tue, 29 Oct 2024 22:19:49 GMT
accept-ranges
bytes
content-length
11381
date
Tue, 29 Oct 2024 21:19:49 GMT
content-type
image/png
content-disposition
inline; filename="jDeMip.download.png"
server
nginx/1.22.0
last-modified
Sun, 06 Aug 2023 14:21:26 GMT
jP5OKS.file2.png
i.im.ge/2023/08/09/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2023/08/09/jP5OKS.file2.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:840:1:1::1 , Belize, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
02e199b5a599bef155d91422cf59e98988f0ca56a8cb6a22c4a90cf1a8be4461

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
age
1175
expires
Tue, 29 Oct 2024 22:19:49 GMT
accept-ranges
bytes
content-length
39203
date
Tue, 29 Oct 2024 21:19:49 GMT
content-type
image/png
content-disposition
inline; filename="jP5OKS.file2.png"
server
nginx/1.22.0
last-modified
Wed, 09 Aug 2023 10:07:35 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/ 		151 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://837840.standard.us-east-1.oortech.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"623a082a-25a74"
age
605360
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU%2BoOPSiuXhBFG%2Fw6E10QoR0kTRm8QOWBnXEdnYouzKWVgXB5m9WoON6bj%2Fo7vzPpQE22PHh4s9bNebehbatwgQqpFZfEwNgJhs5%2F%2B5idM5BZduJIYTP%2BoJGS4rPBoK0f7xc6Wu0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 19 Oct 2025 21:39:23 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 21:39:23 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Tue, 22 Mar 2022 17:32:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8da65166eebba56f-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
154228
server
cloudflare
jP52Xz.file3.png
i.im.ge/2023/08/09/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2023/08/09/jP52Xz.file3.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:840:1:1::1 , Belize, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
63aeb6e131a99291f8ffc16d7de38fa3e0264f51d3c763a98b7041c1f05c764f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
age
1175
expires
Tue, 29 Oct 2024 22:19:49 GMT
accept-ranges
bytes
content-length
180030
date
Tue, 29 Oct 2024 21:19:49 GMT
content-type
image/png
content-disposition
inline; filename="jP52Xz.file3.png"
server
nginx/1.22.0
last-modified
Wed, 09 Aug 2023 10:07:37 GMT
jP91d1.file5.png
i.im.ge/2023/08/09/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2023/08/09/jP91d1.file5.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:840:1:1::1 , Belize, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
39279cd46114af1c2004025b06ce261fd981e89c3a637211de6b731e2e1dccfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
age
1175
expires
Tue, 29 Oct 2024 22:19:49 GMT
accept-ranges
bytes
content-length
62682
date
Tue, 29 Oct 2024 21:19:49 GMT
content-type
image/png
content-disposition
inline; filename="jP91d1.file5.png"
server
nginx/1.22.0
last-modified
Wed, 09 Aug 2023 10:19:52 GMT
jj3nn6.1d.png
i.im.ge/2023/08/08/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2023/08/08/jj3nn6.1d.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:840:1:1::1 , Belize, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
910799ca3f14106d049f818aaa24d5cf84ae915ddb43d5a34dd2920894546d8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
age
1175
expires
Tue, 29 Oct 2024 22:19:49 GMT
accept-ranges
bytes
content-length
17887
date
Tue, 29 Oct 2024 21:19:49 GMT
content-type
image/png
content-disposition
inline; filename="jj3nn6.1d.png"
server
nginx/1.22.0
last-modified
Tue, 08 Aug 2023 05:36:59 GMT
screenshot-44.png
i.postimg.cc/kXMJpbQS/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/kXMJpbQS/screenshot-44.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
6c1db58dd7242be9ad2e8c6af230fb32f9c7e1b717b6d6fa00e2bc1706bc8e2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
13721
date
Tue, 29 Oct 2024 21:39:24 GMT
content-type
image/png
last-modified
Mon, 07 Aug 2023 20:47:49 GMT
server
nginx
jwGWHT.arrow-left-a9cc2824ef3517b6c4160dcf8ff7d410.png
i.im.ge/2023/08/09/ 		217 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2023/08/09/jwGWHT.arrow-left-a9cc2824ef3517b6c4160dcf8ff7d410.png
Requested by
Host: 837840.standard.us-east-1.oortech.com
URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?e=e%2a%2a%2a%40r%2a%2a%2a%2a%2a%2a%2a%2a%2a.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:840:1:1::1 , Belize, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
9e35e16ed2d132b80b321b118f62deb3c448d76f31c834b5eea969ff3885369a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/

Response headers

access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
age
1175
expires
Tue, 29 Oct 2024 22:19:49 GMT
accept-ranges
bytes
content-length
217
date
Tue, 29 Oct 2024 21:19:49 GMT
content-type
image/png
content-disposition
inline; filename="jwGWHT.arrow-left-a9cc2824ef3517b6c4160dcf8ff7d410.png"
server
nginx/1.22.0
last-modified
Tue, 08 Aug 2023 19:11:57 GMT
favicon.ico
837840.standard.us-east-1.oortech.com/ 		161 B
531 B 		Other
General
Check archive.org
Download Go to
Full URL
https://837840.standard.us-east-1.oortech.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.47.94 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
73c49f3934a3afaca86fe2f90c3ff14fb0d980a037996491a322190af83b3eab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://837840.standard.us-east-1.oortech.com/onedrive.-html?ZT1lKioqJTQwcioqKioqKioqKi5jb20=

Response headers

access-control-max-age
3628800
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
access-control-allow-origin
*
content-length
161
date
Tue, 29 Oct 2024 21:39:24 GMT
content-type
application/xml; charset=utf-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loader function| isValidEmail string| encodedParams object| hashParams string| decry object| p string| myemail function| validateEmail4submit function| validatePassword4submit

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://837840.standard.us-east-1.oortech.com/onedrive.-html?ZT1lKioqJTQwcioqKioqKioqKi5jb20=
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://837840.standard.us-east-1.oortech.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block