support1-outlook.com Open in urlscan Pro
80.211.52.23  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response support1-outlook.com/skin/mail/4/inbox/	25 KB 6 KB	201ms 61ms	Document text/html	80.211.52.23 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.211.52.23 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS uati.itauaplicativo.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 3d9e88a50fdefea404249b22e3f901f20b7972696e7e277c6d7af4d3def23732 Request headers Host support1-outlook.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Thu, 19 Mar 2020 07:59:52 GMT Server Apache/2.4.18 (Ubuntu) Last-Modified Fri, 30 Aug 2019 17:50:12 GMT ETag "63bc-5915940fd1d00-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 6087 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	Converged_v21046.css logincdn.msauth.net/16.000.28170.6/	99 KB 18 KB	132ms 57ms	Stylesheet text/css	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000.28170.6/Converged_v21046.css Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B4F) / Resource Hash ef11d783b91f476e9364ccc330a09f95d83b5f6fe7d2eb8ebfd8cbc5de0bd3e6 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Origin https://support1-outlook.com Sec-Fetch-Dest style User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 XkOkFPN7jwoB6eaY+cJvfw== age 736817 x-cache HIT status 200 content-length 18676 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:01:45 GMT server ECAcc (ama/8B4F) etag 0x8D6C87A55161654 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 7fca7b3d-d01e-0027-0410-f7b818000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLoginPaginatedStrings.pt-br.js Show response logincdn.msauth.net/16.000.28170.6/	25 KB 7 KB	132ms 58ms	Script application/x-javascript	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000.28170.6/ConvergedLoginPaginatedStrings.pt-br.js Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B63) / Resource Hash 70fcba9eac0e37e56cf48afbc6c14792f39a26199ca8d07d1e1446b39f1ff5d5 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Origin https://support1-outlook.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 mOjrHPWuByGpLcjEu1Ppgg== age 736817 x-cache HIT status 200 content-length 7144 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:01:09 GMT server ECAcc (ama/8B63) etag 0x8D6C87A3F34B50D vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 23414af4-301e-0032-6e10-f71291000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLogin_PCore.js Show response logincdn.msauth.net/16.000.28170.6/	525 KB 139 KB	94ms 20ms	Script application/x-javascript	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000.28170.6/ConvergedLogin_PCore.js Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B1D) / Resource Hash 7a2596366e7b9ebd47ad753c66359b93eb51903d85ac7f997c144069261c63c1 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Origin https://support1-outlook.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 Pzd1PAIeCaOw7qUA1tFIeA== age 4303281 x-cache HIT status 200 content-length 141376 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:01:13 GMT server ECAcc (ama/8B1D) etag 0x8D6C87A4208F2E4 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id eddf6fd5-001e-002a-4ea1-d68a96000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLogin_PAlt.js Show response logincdn.msauth.net/16.000.28170.6/	12 KB 4 KB	132ms 58ms	Script application/x-javascript	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000.28170.6/ConvergedLogin_PAlt.js Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B41) / Resource Hash 72e195e1deced4f82aa45a424c0a43a02b137d8af335b4d124e8883007ee7b85 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Origin https://support1-outlook.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 S1zRObnjr0Llss6c2rhOPA== age 4303281 x-cache HIT status 200 content-length 4241 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:01:13 GMT server ECAcc (ama/8B41) etag 0x8D6C87A41DEF504 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id bf6f20b6-101e-0001-45a1-d62088000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	microsoft_logo.svg logincdn.msauth.net/16.000.28170.6/images/	4 KB 2 KB	97ms 24ms	Image image/svg+xml	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28170.6/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8AC9) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 nzaLxFgP7ZB3dfMcaybWzw== age 4317786 x-cache HIT status 200 content-length 1435 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:05:20 GMT server ECAcc (ama/8AC9) etag 0x8D6C87AD53BF23C vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id f9afa933-101e-0063-167f-d6af16000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ellipsis_white.svg logincdn.msauth.net/16.000.28170.6/images/	915 B 739 B	95ms 22ms	Image image/svg+xml	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28170.6/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73 Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B2E) / Resource Hash 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 HMwsHhNXdtrfirQDkzcqMA== age 4317786 x-cache HIT status 200 content-length 263 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:05:19 GMT server ECAcc (ama/8B2E) etag 0x8D6C87AD4374B10 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id fda3238c-001e-0048-767f-d60508000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ellipsis_grey.svg logincdn.msauth.net/16.000.28170.6/images/	915 B 414 B	22ms 21ms	Image image/svg+xml	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28170.6/images/ellipsis_grey.svg?x=2b5d393db04a5e6e1f739cb266e65b4c Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8AE0) / Resource Hash 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 /a3y/mpA+HRaVAiPACrsog== age 4317786 x-cache HIT status 200 content-length 263 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:05:18 GMT server ECAcc (ama/8AE0) etag 0x8D6C87AD411458E vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 7abc5ed4-301e-0015-527f-d6740c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLogin_PCore.js logincdn.msauth.net/16.000.28170.6/	0 138 KB	19ms 19ms	Other application/x-javascript	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000.28170.6/ConvergedLogin_PCore.js Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B1D) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 Pzd1PAIeCaOw7qUA1tFIeA== age 4303281 x-cache HIT status 200 content-length 141376 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:01:13 GMT server ECAcc (ama/8B1D) etag 0x8D6C87A4208F2E4 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id eddf6fd5-001e-002a-4ea1-d68a96000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLogin_PAlt.js logincdn.msauth.net/16.000.28170.6/	0 4 KB	52ms 52ms	Other application/x-javascript	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://logincdn.msauth.net/16.000.28170.6/ConvergedLogin_PAlt.js Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B41) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-encoding gzip content-md5 S1zRObnjr0Llss6c2rhOPA== age 4303281 x-cache HIT status 200 content-length 4241 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:01:13 GMT server ECAcc (ama/8B41) etag 0x8D6C87A41DEF504 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id bf6f20b6-101e-0001-45a1-d62088000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	Cookie set prefetch.aspx outlook.office365.com/owa/ Frame EF7C	0 0	91ms 49ms	Document text/html	2603:1026:207:109::2 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://outlook.office365.com/owa/prefetch.aspx?id=292841&mkt=PT-BR Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1026:207:109::2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Host outlook.office365.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Response headers Cache-Control private, no-store Content-Length 1239 Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 request-id ec8a8f3e-b1b4-45a9-b4d2-e239059c6e4d X-CalculatedFETarget DB6PR07CU001.internal.outlook.com X-BackEndHttpStatus 200 200 Set-Cookie ClientId=C7DA6EBEB4F749F0AAE168D0D71FDF50; expires=Fri, 19-Mar-2021 07:59:52 GMT; path=/;SameSite=None; secure ClientId=C7DA6EBEB4F749F0AAE168D0D71FDF50; expires=Fri, 19-Mar-2021 07:59:52 GMT; path=/;SameSite=None; secure OIDC=1; expires=Sat, 19-Sep-2020 07:59:52 GMT; path=/;SameSite=None; secure; HttpOnly OWAPF=v:16.3623.0.2720978&l:mouse; path=/ X-FEProxyInfo DB6PR07CA0006.EURPRD07.PROD.OUTLOOK.COM X-CalculatedBETarget DB7PR01MB4983.eurprd01.prod.exchangelabs.com X-RUM-Validated 1 X-Content-Type-Options nosniff X-BeSku WCS5 X-OWA-Version 15.20.2814.23 X-OWA-DiagnosticsInfo 1;0;0 X-BackEnd-Begin 2020-03-19T07:59:52.923 X-BackEnd-End 2020-03-19T07:59:52.925 X-DiagInfo DB7PR01MB4983 X-BEServer DB7PR01MB4983 X-UA-Compatible IE=EmulateIE7 Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains X-Proxy-RoutingCorrectness 1 X-Proxy-BackendServerStatus 200 X-FEServer DB6PR07CA0006 AM0PR01CA0084 Date Thu, 19 Mar 2020 07:59:52 GMT
GET H2	200	0-small.jpg logincdn.msauth.net/16.000.28170.6/images/Backgrounds/	3 KB 3 KB	56ms 55ms	Image image/jpeg	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28170.6/images/Backgrounds/0-small.jpg?x=138bcee624fa04ef9b75e86211a9fe0d Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8AAE) / Resource Hash f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-md5 E4vO5iT6BO+bdehiEan+DQ== age 4309582 x-cache HIT status 200 content-length 3006 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:05:06 GMT server ECAcc (ama/8AAE) etag 0x8D6C87ACC656FD7 content-type image/jpeg access-control-allow-origin * x-ms-request-id 1551f5c8-b01e-0031-6f92-d6e1f1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	0.jpg logincdn.msauth.net/16.000.28170.6/images/Backgrounds/	277 KB 277 KB	42ms 42ms	Image image/jpeg	192.229.221.185 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://logincdn.msauth.net/16.000.28170.6/images/Backgrounds/0.jpg?x=a5dbd4393ff6a725c7e62b61df7e72f0 Requested by Host: support1-outlook.com URL: https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.185 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B5A) / Resource Hash 211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb Request headers Referer https://support1-outlook.com/skin/mail/4/inbox/?o2wyHOZiibojfcOqY4RbDBvEE1mszRIKoCXEHuRZ5A3QgtDhJLQe7VK4v0L1XF98BACUChtIo7uvDiSuOlDwUzffdjhJkLemexbubgHlptCcyokY2Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-ms-blob-type BlockBlob date Thu, 19 Mar 2020 07:59:52 GMT content-md5 pdvUOT/2pyXH5ith335y8A== age 4309582 x-cache HIT status 200 content-length 283351 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2019 06:05:06 GMT server ECAcc (ama/8B5A) etag 0x8D6C87ACC721C55 content-type image/jpeg access-control-allow-origin * x-ms-request-id c64140e9-a01e-007e-1e92-d622b0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| UXResourceDependencies object| StringRepository boolean| __ConvergedLoginPaginatedStrings function| WhenAllLoaded function| webpackJsonp boolean| __ConvergedLogin_PAlt

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			outlook.office365.com/	1969-12-31 23:59:59	Name: OWAPF Value: v:16.3623.0.2720978&l:mouse
			outlook.office365.com/	1970-01-19 12:35:02	Name: OIDC Value: 1
			outlook.office365.com/	1970-01-19 16:55:40	Name: ClientId Value: C7DA6EBEB4F749F0AAE168D0D71FDF50

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

logincdn.msauth.net
outlook.office365.com
support1-outlook.com
192.229.221.185
2603:1026:207:109::2
80.211.52.23
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
3d9e88a50fdefea404249b22e3f901f20b7972696e7e277c6d7af4d3def23732
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
70fcba9eac0e37e56cf48afbc6c14792f39a26199ca8d07d1e1446b39f1ff5d5
72e195e1deced4f82aa45a424c0a43a02b137d8af335b4d124e8883007ee7b85
7a2596366e7b9ebd47ad753c66359b93eb51903d85ac7f997c144069261c63c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef11d783b91f476e9364ccc330a09f95d83b5f6fe7d2eb8ebfd8cbc5de0bd3e6
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea