urlscan.io logo urlscan.io
SecurityTrails logo

msoftnetworkaus014.blob.core.windows.net Open in urlscan Pro
52.239.138.164  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Submission: On July 30 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 52.239.138.164, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is msoftnetworkaus014.blob.core.windows.net.
TLS certificate: Issued by Microsoft IT TLS CA 5 on May 19th 2019. Valid for: 2 years.
This is the only time msoftnetworkaus014.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
11 52.239.138.164 8075 (MICROSOFT...)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 40.126.1.130 8075 (MICROSOFT...)
21 3
Domain Requested by
11 msoftnetworkaus014.blob.core.windows.net msoftnetworkaus014.blob.core.windows.net
secure.aadcdn.microsoftonline-p.com
9 secure.aadcdn.microsoftonline-p.com msoftnetworkaus014.blob.core.windows.net
1 login.microsoftonline.com secure.aadcdn.microsoftonline-p.com
21 3
Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft IT TLS CA 5		 2019-05-19 -
2021-05-19		 2 years crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft IT TLS CA 4		 2019-07-17 -
2021-07-17		 2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 1		 2018-09-24 -
2020-09-24		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Frame ID: EAA87D12825F42F014294BC6D2BDC49C
Requests: 20 HTTP requests in this frame

Frame: https://msoftnetworkaus014.blob.core.windows.net/aus/xxmicrosoftonline_files/prefetch.html
Frame ID: 04679846F5E7D0D6E1487B147491B04F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

343 kB
Transfer

571 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.html
msoftnetworkaus014.blob.core.windows.net/aus/ 		39 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a893d9f01ec10a282aa73acf3dfcd092a1c7e0ec1ffcb972e1942ff2d859a844

Request headers

Host
msoftnetworkaus014.blob.core.windows.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Length
39637
Content-Type
text/html
Last-Modified
Thu, 18 Jul 2019 14:06:51 GMT
ETag
0x8D70B892E5CFE0E
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
bc12c6e9-701e-0055-13cc-46ecf7000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 30 Jul 2019 11:50:02 GMT
login.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/login.min.css
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
1cb99b8f6ef91cab65770c9233f5a9db4e461d1c39c2e561c8606e3994eb1a30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 10:00:31 GMT
Content-MD5
kWZAWCshmJ7GwpEv5MDUtg==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556170
Connection
keep-alive
Content-Length
4943
jquery.1.11.min.js.download
msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/jquery.1.11.min.js.download
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Origin
https://msoftnetworkaus014.blob.core.windows.net

Response headers

x-ms-request-id
bc12c715-701e-0055-3ccc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
aad.login.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 		176 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/aad.login.min.js
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
6ae8b5dd36bc17d5372ea5e78901009118e6f7c9d10538a7c30b7a04d488fe98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Origin
https://msoftnetworkaus014.blob.core.windows.net

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 10:00:39 GMT
Content-MD5
LsFmMggU7MHe3JFAZKSnWg==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556170
Connection
keep-alive
Content-Length
43789
heroillustration
msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/heroillustration
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
31b0ef59f35e4eaa1c8fd2a0cde8bd394de5a7093bfbe0d28112f7f32fde76b6

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id
bc12c720-701e-0055-45cc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 		89 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/login_hover.min.css
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 10:00:15 GMT
Content-MD5
k+LdzPr5J17LuCAOBMVTBQ==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556170
Connection
keep-alive
Content-Length
82
bannerlogo
msoftnetworkaus014.blob.core.windows.net/aus/xxmicrosoftonline_files/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/xxmicrosoftonline_files/bannerlogo
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4f0b18a08d94ac46e34313b33cce2cbea49e275def088dc3f9f82a8870f4603a

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id
48df3479-501e-0186-32cc-46cec8000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
close.png
msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/close.png
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0758e2f4c7165fded8f35953203a7dacca3fab0d1dccc8970857d007afa4d7a

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id
bc12c72c-701e-0055-51cc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
bannerlogo
msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/bannerlogo
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
deca2e096169d1071e5d71d66330a1043f50d729b71d65065345c71a5724b175

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id
48df347f-501e-0186-36cc-46cec8000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
microsoft_logo.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/images/microsoft_logo.png
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Last-Modified
Sat, 18 May 2019 10:00:33 GMT
Content-MD5
7ZyesNzhfXUr7eprWs2m2Q==
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556170
Connection
keep-alive
Content-Length
1057
jquery.1.11.min.js.download
msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/jquery.1.11.min.js.download
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id
bc12c731-701e-0055-55cc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
prefetch.html
msoftnetworkaus014.blob.core.windows.net/aus/xxmicrosoftonline_files/ Frame 0467 		215 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/xxmicrosoftonline_files/prefetch.html
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c4033dc31350f5cf70edb9dd807bd152e174449a855b7ec32ce7d20852b2f4cd

Request headers

Host
msoftnetworkaus014.blob.core.windows.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html

Response headers

Content-Length
215
Content-Type
application/xml
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
bc12c723-701e-0055-48cc-46ecf7000000
x-ms-version
2009-09-19
Date
Tue, 30 Jul 2019 11:50:02 GMT
jquery.1.11.min.js.download
msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/aus/microsoftonline_files/jquery.1.11.min.js.download
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id
bc12c735-701e-0055-59cc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
watsonsupport.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 09:59:56 GMT
Content-MD5
uh+HH+n7/grQTOu2+tsxCg==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556170
Connection
keep-alive
Content-Length
38473
frameworksupport.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/frameworksupport.min.js
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
28fc6d7aad53bdadbf261065679f33162d224ccc3a3058eaa903ca1957386f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 09:59:55 GMT
Content-MD5
ozTmQtEh5tzHeeYuGZhr5g==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556171
Connection
keep-alive
Content-Length
5035
watson.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watson.min.js
Requested by
Host: msoftnetworkaus014.blob.core.windows.net
URL: https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
fe9b30b90e759478adc4edc39bc41bed8f106a4df34dec65558d495cbb44dd27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 09:59:54 GMT
Content-MD5
5pDiCuXDnJmIS75OdPn+/A==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=556171
Connection
keep-alive
Content-Length
4160
watson
msoftnetworkaus014.blob.core.windows.net/common/handlers/ 		237 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/common/handlers/watson
Requested by
Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ed46fa45902c992934ba22f28371f772508a6199187fe30c72d68641190f6ead

Request headers

Origin
https://msoftnetworkaus014.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
client-request-id
3965f448-e5de-4e00-b4c2-c5401632f918
canary
AQABAAAAAABnfiG-mA6NTae7CdWW7QfdkP9IzD6Ek9AmyFuTpRnxhY6jFtdYy7OzLDboMpHirUE9tbkiQPtmwW8wNWCrxi8RCmzF2vFvdZTtMWj3h6ZezLntPwknjaQZGZfhDvREs0BBTjv7fMRBlK9fi-UgfLC2medgBwaxSdY5DrkIEa9LF3bLry4H7GQXl_hrjSkNglhgfEckuCKC0WlF6_qYFOYMkHkoSXBiDjFS0Rz-7QBOKCAA
Content-Type
application/json; charset=UTF-8
hpgid
1002
Accept
application/json
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
X-Requested-With
XMLHttpRequest
hpgact
2101

Response headers

x-ms-request-id
bc12c73f-701e-0055-61cc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:02 GMT
Server
Microsoft-HTTPAPI/2.0
Content-Length
237
Allow
GET,HEAD,PUT,DELETE
Content-Type
application/xml
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/bannerlogo?ts=635538653042733860
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Last-Modified
Thu, 11 Dec 2014 03:28:24 GMT
Content-MD5
nwmifU9ps1V8dDNXSinXJg==
Strict-Transport-Security
max-age=31536000
Content-Type
image\jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=37309
Connection
keep-alive
Content-Length
4585
heroillustration
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/heroillustration?ts=635538653045233940
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:50:03 GMT
Last-Modified
Thu, 11 Dec 2014 03:28:24 GMT
Content-MD5
ZSg7Ej6yNeYXaumMAqxbHA==
Strict-Transport-Security
max-age=31536000
Content-Type
image\jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=37312
Connection
keep-alive
Content-Length
203294
telemetry
login.microsoftonline.com/common/login/ 		0
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/login/telemetry?client-request-id=3965f448-e5de-4e00-b4c2-c5401632f918
Requested by
Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.1.130 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
Origin
https://msoftnetworkaus014.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Tue, 30 Jul 2019 11:50:03 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
41e0ad2d-a0e3-4ff3-b5ba-1526c1d21600
Cache-Control
no-cache, no-store
Expires
-1
watson
msoftnetworkaus014.blob.core.windows.net/common/handlers/ 		237 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msoftnetworkaus014.blob.core.windows.net/common/handlers/watson
Requested by
Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.138.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c1de492139ba1e8bd338e47ea6b6e0744dae88cbde1b99ff4befedebe166957b

Request headers

Origin
https://msoftnetworkaus014.blob.core.windows.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
client-request-id
3965f448-e5de-4e00-b4c2-c5401632f918
canary
AQABAAAAAABnfiG-mA6NTae7CdWW7QfdkP9IzD6Ek9AmyFuTpRnxhY6jFtdYy7OzLDboMpHirUE9tbkiQPtmwW8wNWCrxi8RCmzF2vFvdZTtMWj3h6ZezLntPwknjaQZGZfhDvREs0BBTjv7fMRBlK9fi-UgfLC2medgBwaxSdY5DrkIEa9LF3bLry4H7GQXl_hrjSkNglhgfEckuCKC0WlF6_qYFOYMkHkoSXBiDjFS0Rz-7QBOKCAA
Content-Type
application/json; charset=UTF-8
hpgid
1002
Accept
application/json
Referer
https://msoftnetworkaus014.blob.core.windows.net/aus/home.html
X-Requested-With
XMLHttpRequest
hpgact
2101

Response headers

x-ms-request-id
bc12c75a-701e-0055-77cc-46ecf7000000
Date
Tue, 30 Jul 2019 11:50:03 GMT
Server
Microsoft-HTTPAPI/2.0
Content-Length
237
Allow
GET,HEAD,PUT,DELETE
Content-Type
application/xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B boolean| isTouch string| cssId object| head object| link undefined| msViewportStyle object| MSLogin object| proxy object| ErrorCodes object| Constants object| Context object| Background object| Logo object| Instrument object| User object| tenant_info object| MSLogout object| ThirdPartyCookieStates object| PostType object| LoginOption object| TenantBranding object| users object| Tiles object| EmailDiscovery object| Support object| Post object| StrongAuthCheck object| Util object| WindowsBrowserSso function| $ function| jQuery object| $Api object| jQuery1112028721125466193786

1 Cookies

Domain/Path Name / Value
msoftnetworkaus014.blob.core.windows.net/aus Name: testcookie
Value: testcookie

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.microsoftonline.com
msoftnetworkaus014.blob.core.windows.net
secure.aadcdn.microsoftonline-p.com
2a02:26f0:6c00:283::35c1
40.126.1.130
52.239.138.164
080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491
1cb99b8f6ef91cab65770c9233f5a9db4e461d1c39c2e561c8606e3994eb1a30
28fc6d7aad53bdadbf261065679f33162d224ccc3a3058eaa903ca1957386f22
31b0ef59f35e4eaa1c8fd2a0cde8bd394de5a7093bfbe0d28112f7f32fde76b6
4f0b18a08d94ac46e34313b33cce2cbea49e275def088dc3f9f82a8870f4603a
6ae8b5dd36bc17d5372ea5e78901009118e6f7c9d10538a7c30b7a04d488fe98
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
a893d9f01ec10a282aa73acf3dfcd092a1c7e0ec1ffcb972e1942ff2d859a844
c1de492139ba1e8bd338e47ea6b6e0744dae88cbde1b99ff4befedebe166957b
c4033dc31350f5cf70edb9dd807bd152e174449a855b7ec32ce7d20852b2f4cd
d0758e2f4c7165fded8f35953203a7dacca3fab0d1dccc8970857d007afa4d7a
deca2e096169d1071e5d71d66330a1043f50d729b71d65065345c71a5724b175
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed46fa45902c992934ba22f28371f772508a6199187fe30c72d68641190f6ead
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603
fe9b30b90e759478adc4edc39bc41bed8f106a4df34dec65558d495cbb44dd27