accountprotection.microsofts.com
Open in
urlscan Pro
151.106.5.168
Public Scan
Submission Tags: @phishunt_io
Submission: On May 04 via api from DE
Summary
TLS certificate: Issued by R3 on May 3rd 2021. Valid for: 3 months.
This is the only time accountprotection.microsofts.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 151.106.5.168 151.106.5.168 | 29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2004 | 15169 (GOOGLE) (GOOGLE) | |
8 | 2a00:1450:400... 2a00:1450:4001:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2001 | 15169 (GOOGLE) (GOOGLE) | |
18 | 4 |
ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
accountprotection.microsofts.com |
ASN15169 (GOOGLE, US)
www.google.com | |
t0.gstatic.com |
ASN15169 (GOOGLE, US)
afs.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
google.com
www.google.com |
134 KB |
7 |
microsofts.com
accountprotection.microsofts.com |
23 KB |
1 |
googleusercontent.com
afs.googleusercontent.com |
259 B |
1 |
gstatic.com
t0.gstatic.com |
3 KB |
18 | 4 |
Domain | Requested by | |
---|---|---|
9 | www.google.com |
accountprotection.microsofts.com
www.google.com |
7 | accountprotection.microsofts.com |
accountprotection.microsofts.com
|
1 | afs.googleusercontent.com |
www.google.com
|
1 | t0.gstatic.com |
www.google.com
|
18 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
accountprotection.microsofts.com R3 |
2021-05-03 - 2021-08-01 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://accountprotection.microsofts.com/
Frame ID: 9C4920DEA5B82BAA033D4D441EB0D4AB
Requests: 10 HTTP requests in this frame
Frame:
https://www.google.com/afs/ads/i/iframe.html
Frame ID: C2ACD9666E9812DC4E244F2DBC9A398F
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/afs/ads/i/iframe.html
Frame ID: 92310DB92B45237723307D952982C7AA
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/afs/ads/i/iframe.html
Frame ID: 5232C2676469637CE9670C24A1F79AD0
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/dp/ads?max_radlink_len=60&r=m&cpp=0&client=dp-bodis30_3ph&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol48&adtest=off&type=3&pcsa=false&psid=3407845713&swp=as-drid-2898040491288658&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300494%2C17300496%2C17300599&format=r7%7Cn3&ad=n3&num=0&output=afd_ads&domain_name=accountprotection.microsofts.com&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1620092928773&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=sl1sr1--&cont=rs%7Cads&csize=w1584h0%7Cw1584h0%7Cw1584h0%7Cw1584h0&inames=master-1%7Cslave-1-1%7Cslave-1-a-1%7Cslave-1-b-1&jsv=11835&rurl=https%3A%2F%2Faccountprotection.microsofts.com%2F
Frame ID: 92AE0539CB2CA26C8A86E797672A5191
Requests: 4 HTTP requests in this frame
Frame:
https://www.google.com/js/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: D9565A8A62FF6E1A69615E310980CD49
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
accountprotection.microsofts.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parking.js
accountprotection.microsofts.com/js/ |
54 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
_fd
accountprotection.microsofts.com/ |
2 KB 2 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caf.js
www.google.com/adsense/domains/ |
168 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
accountprotection.microsofts.com/ |
42 B 190 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
accountprotection.microsofts.com/ |
42 B 190 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
iframe.html
www.google.com/afs/ads/i/ Frame C2AC |
1 KB 663 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
iframe.html
www.google.com/afs/ads/i/ Frame 9231 |
1 KB 666 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
iframe.html
www.google.com/afs/ads/i/ Frame 5232 |
1 KB 665 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ads
www.google.com/dp/ Frame 92AE |
15 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
caf.js
www.google.com/adsense/domains/ Frame 92AE |
169 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
licensed-image
t0.gstatic.com/ Frame 92AE |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 92AE |
200 B 259 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d2circle2.svg
accountprotection.microsofts.com/assets/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
_tr
accountprotection.microsofts.com/ |
2 B 181 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
www.google.com/js/bg/ Frame D956 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gen_204
www.google.com/afs/ |
0 15 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gen_204
www.google.com/afs/ |
0 15 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| park object| regeneratorRuntime function| setImmediate function| clearImmediate number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpa number| _googEnableCcpaForCanoeV2 number| _enableLazyLoading number| _googEnableQup number| _googErrorTurnOffPersonalization number| _googTimeoutTurnOffPersonalization string| _googLazyLoadingDenyList string| _googLazyLoadingEnableList number| _googLazyLoadingRootMargin number| _googUspApiTimeout number| googleAltLoader object| google0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accountprotection.microsofts.com
afs.googleusercontent.com
t0.gstatic.com
www.google.com
151.106.5.168
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:831::2004
0622483b0956d9a773c649df3838e9474b38acf7b61967d9ae8dd052acd42842
0718b0196837baa8a332b4aea1d667c28052b90fb270baa1061bfc97b536531f
14f30737457e5e46b04450e5715598a35a6777050e53a93566976900565f1b78
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
278e28e409ee1445e0065b82da52e028396ea08deec426b133ba8a76fcc48b77
50f5f40a363283c0ffd61ff1897a72f56e0959e8416ea83bf240da4bc5c09930
76af5e214fc325c8208178fca58810d6b214eebd28e9f5f16dd59cf557662767
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
a39c3ee2d2a413d0154bdf8ac9194d52943bd63473f1f599a3381b152fd947dc
be428741570c8c8182e13e5e56027ad730f50f56526f018cdceff02b0b08ba92
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
d777f0489f80c805e8c12154d9a85397c08f2366c9521dc5db5ad5b584b10403
e5cb95bc0bb876fde090ee6f2dfee7ee92e1fe665ec3b439dd18caa7a71fc0fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a5140d813a5ae1e77cf199585e8e4a26929474c3db1d2c015693b8a2f004cb