www-malwarebytes-com.cdn.ampproject.org Open in urlscan Pro
2a00:1450:4001:80f::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-m...
Submission: On August 07 via manual (August 7th 2023, 4:14:05 pm UTC) from ES — Scanned from ES

Summary HTTP 11 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2a00:1450:4001:80f::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www-malwarebytes-com.cdn.ampproject.org.
TLS certificate: Issued by GTS CA 1C3 on July 10th 2023. Valid for: 3 months.

This is the only time www-malwarebytes-com.cdn.ampproject.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2011	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	4

8 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www-malwarebytes-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ampproject.org www-malwarebytes-com.cdn.ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 418	158 KB
1	google.es www.google.es — Cisco Umbrella Rank: 21476	408 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	532 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 115	427 B
1	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 55	454 B
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 1098
0	malwarebytes.com Failed www.malwarebytes.com Failed
11	7

	Domain	Requested by
5	cdn.ampproject.org	www-malwarebytes-com.cdn.ampproject.org cdn.ampproject.org
3	www-malwarebytes-com.cdn.ampproject.org	www-malwarebytes-com.cdn.ampproject.org
1	www.google.es
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.google-analytics.com	1 redirects
1	csp.withgoogle.com	www-malwarebytes-com.cdn.ampproject.org
0	www.malwarebytes.com Failed	cdn.ampproject.org
11	8

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
www.microsoft.com
support.malwarebytes.com

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
Frame ID: BEAC8BD2F084575108F74EB323FAEB2D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft Teams used in phishing campaign to bypass multi-factor authentication

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

<amp-analytics [^>]*type=["']googleanalytics["']

Page Statistics

11
Requests

82 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

158 kB
Transfer

448 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/legal/privacy-policy
Title: here

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/
Title: posted details about the perceived attacks

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/threat-analysis/2020/12/advanced-cyber-attack-hits-private-and-public-sector-via-supply-chain-software-update/
Title: SolarWinds

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/detections/backdoor-sunburst/
Title: Sunburst

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/malwarebytes-news/2021/01/malwarebytes-targeted-by-nation-state-actor-implicated-in-solarwinds-breach-evidence-suggests-abuse-of-privileged-access-to-microsoft-office-365-and-azure-environments/
Title: related components

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/business/2023/05/apt-attacks-exploring-advanced-persistent-threats-and-their-evasive-techniques
Title: APT29/Cozy Bear

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us
Title: Support team

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/contact-us/
Title: TRY NOW

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication#disqus_thread
Title: COMMENTS

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/news/2023/03/how-to-avoid-potentially-unwanted-programs
Title: How to avoid potentially unwanted programs

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/news/2023/03/how-to-avoid-potentially-unwanted-programs#disqus_thread
Title: Comments

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/news/2021/08/how-to-stay-secure-from-ransomware-attacks-this-labor-day-weekend
Title: How to stay secure from ransomware attacks during holidays and special events

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/news/2021/08/how-to-stay-secure-from-ransomware-attacks-this-labor-day-weekend#disqus_thread
Title: Comments

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Microsoft%20Teams%20used%20in%20phishing%20campaign%20to%20bypass%20multi-factor%20authentication&sr=1600x1200&_utmht=1691424841126&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&tid=UA-3347303-10&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fnews%2F2023%2F08%2Fmicrosoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication%2Famp&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.10302428472200731&_r=1&a=8978&z=0.5159461232782909 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909 HTTP 302
https://www.google.es/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909&slf_rd=1&random=2292777603

11 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request amp Show response
www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/ 36 KB
12 KB 298ms
104ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8edb65ff2c1245c3137cd810616405be4973183c6731ff27be916ec6e5ee0365

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://www.malwarebytes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=60
content-encoding: br
content-length: 10540
content-security-policy: default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
date: Mon, 07 Aug 2023 16:14:00 GMT
expires: Mon, 07 Aug 2023 16:14:00 GMT
last-modified: Mon, 07 Aug 2023 16:13:11 GMT
link: <https://cdn.ampproject.org/rtv/012307212240000/v0.mjs>; rel=preload; as=script; crossorigin=anonymous
nel: {"report_to":"nel","max_age":604800,"success_fraction":0.05}
report-to: {"group":"nel","max_age":604800,"endpoints":[{"url":"https://beacons.gcp.gvt2.com/nel/upload-nel"},{"url":"https://beacons.gvt2.com/nel/upload-nel"}]} {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-page-speed: 0.9.10.99-9999
x-xss-protection: 0

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/rtv/012307212240000/ 222 KB
63 KB 213ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7528009c86e4317bb71c61a003c47550633755f3564953e9d7140c624845dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www-malwarebytes-com.cdn.ampproject.org/
Origin: https://www-malwarebytes-com.cdn.ampproject.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:31 GMT
age: 503849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63417
x-xss-protection: 0
server: sffe
etag: "da53d2441d9e2026"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 94 KB
28 KB 286ms
134ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.mjs

Requested by

Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43c5484afad75c6b5edc3643f19a1dc661fcac4080acc6bd8ae8638dde52c570

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
Origin: https://www-malwarebytes-com.cdn.ampproject.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:34 GMT
age: 503846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28998
x-xss-protection: 0
server: sffe
etag: "d66d779acc3c437f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:34 GMT

GET
H2 200 amp-consent-0.1.mjs Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 51 KB
15 KB 357ms
205ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-consent-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5c83952a56d8e8088fdef97c9b0a7d78f276190b1109699b678e0d1dddcead0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
Origin: https://www-malwarebytes-com.cdn.ampproject.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:37 GMT
age: 503843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15684
x-xss-protection: 0
server: sffe
etag: "577d1873949eb887"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:37 GMT

POST
H2 204 amp
csp.withgoogle.com/csp/ 0
0 199ms
74ms Other
text/html 2a00:1450:4001:810::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/amp
Requested by: Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 easset_upload_file11998_275819_e.png
www-malwarebytes-com.cdn.ampproject.org/ii/w820/s/www.malwarebytes.com/blog/news/2023/08/ 21 KB
21 KB 80ms
79ms Image
image/avif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-malwarebytes-com.cdn.ampproject.org/ii/w820/s/www.malwarebytes.com/blog/news/2023/08/easset_upload_file11998_275819_e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dbb6510f82bf5f6cc095c94a2cd36684fb3c9c6657adebeca4461f0315b8ff3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
date: Mon, 07 Aug 2023 16:14:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21030
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 16:11:43 GMT
server: sffe
vary: Accept, Origin
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: image/avif
cache-control: private, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Mon, 07 Aug 2023 16:14:00 GMT

GET
DATA 200
OK truncated
/ 629 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3add3c085b1006f9be182f0a73934535aca0654891e2b60e18ad2438de31a7f2

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654cefd1d4ac15b6db5d27278d20bd069819733a31ade71c2f7d6ed279be42c3

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 easset_upload_file10639_275819_e.png
www-malwarebytes-com.cdn.ampproject.org/i/s/www.malwarebytes.com/blog/news/2023/08/ 14 KB
15 KB 85ms
84ms Image
image/avif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-malwarebytes-com.cdn.ampproject.org/i/s/www.malwarebytes.com/blog/news/2023/08/easset_upload_file10639_275819_e.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82ab13fd8de794651cdf3ab9d1133577599665a044974736b0831ffbe6506c99

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
date: Mon, 07 Aug 2023 16:14:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14838
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 14:26:05 GMT
server: sffe
vary: Accept, Origin
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: image/avif
cache-control: private, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Mon, 07 Aug 2023 16:14:00 GMT

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 7 KB
3 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38327273f3a3ebb890d6d3f6b6b22ce98fcf1725ccd598060f20c1902c08cc1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
Origin: https://www-malwarebytes-com.cdn.ampproject.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Aug 2023 12:40:13 GMT
age: 12827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2889
x-xss-protection: 0
server: sffe
etag: "1e3ff7c6e90f280a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Aug 2024 12:40:13 GMT

POST get-consent.json
www.malwarebytes.com/js/amp/ 0
0

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 2 KB
886 B 63ms
62ms Fetch
application/json 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 503838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "04ae58ebce20b996"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2

200

ga-audiences
www.google.es/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Microsoft%20Teams%20used%20in%20phishing%20campaign%20to%20bypass%20multi-factor%20authentication&sr=1600x1200&_utmht=1691424...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909
https://www.google.es/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909&...

42 B
408 B

270ms
99ms

Ping
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.es/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909&slf_rd=1&random=2292777603

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 16:14:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 16:14:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.es/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=UmyCBg3u1nBZUlpTp5_-XKhHpJRT9-QEQ1B1xpL-e7Yvunks1zI5XoTfWOehoxly&jid=0.10302428472200731&_v=a1&z=0.5159461232782909&slf_rd=1&random=2292777603
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/amp/get-consent.json?__amp_source_origin=https%3A%2F%2Fwww.malwarebytes.com

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/08/microsoft-teams-used-in-phishing-campaign-to-bypass-multi-factor-authentication/amp Message: Access to fetch at 'https://www.malwarebytes.com/js/amp/get-consent.json?__amp_source_origin=https%3A%2F%2Fwww.malwarebytes.com' from origin 'https://www-malwarebytes-com.cdn.ampproject.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.malwarebytes.com/js/amp/get-consent.json?__amp_source_origin=https%3A%2F%2Fwww.malwarebytes.com Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
csp.withgoogle.com
stats.g.doubleclick.net
www-malwarebytes-com.cdn.ampproject.org
www.google-analytics.com
www.google.com
www.google.es
www.malwarebytes.com
www.malwarebytes.com
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2011
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
3add3c085b1006f9be182f0a73934535aca0654891e2b60e18ad2438de31a7f2
3dbb6510f82bf5f6cc095c94a2cd36684fb3c9c6657adebeca4461f0315b8ff3
43c5484afad75c6b5edc3643f19a1dc661fcac4080acc6bd8ae8638dde52c570
654cefd1d4ac15b6db5d27278d20bd069819733a31ade71c2f7d6ed279be42c3
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
82ab13fd8de794651cdf3ab9d1133577599665a044974736b0831ffbe6506c99
8edb65ff2c1245c3137cd810616405be4973183c6731ff27be916ec6e5ee0365
c5c83952a56d8e8088fdef97c9b0a7d78f276190b1109699b678e0d1dddcead0
cb7528009c86e4317bb71c61a003c47550633755f3564953e9d7140c624845dc
d38327273f3a3ebb890d6d3f6b6b22ce98fcf1725ccd598060f20c1902c08cc1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www-malwarebytes-com.cdn.ampproject.org Open in urlscan Pro 2a00:1450:4001:80f::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

4 IPs

2 Countries

158 kBTransfer

448 kBSize

0 Cookies

14 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

www-malwarebytes-com.cdn.ampproject.org Open in urlscan Pro
2a00:1450:4001:80f::2001 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

158 kB
Transfer

448 kB
Size

0
Cookies

11 HTTP transactions
2 data transactions