urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.de Open in urlscan Pro
51.5.145.147  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.intranet.buber.info/
Effective URL: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%...
Submission: On March 13 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 51.5.145.147, located in Germany and belongs to MS-DEUTSCHLAND, DE. The main domain is login.microsoftonline.de.
TLS certificate: Issued by D-TRUST SSL Class 3 CA 1 2009 on October 12th 2018. Valid for: 2 years.
This is the only time login.microsoftonline.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 85.13.153.247 34788 (NMM-AS D)
3 3 51.5.66.26 200517 (MS-DEUTSC...)
1 51.5.145.147 200517 (MS-DEUTSC...)
11 2620:1ec:bdf::10 8068 (MICROSOFT...)
12 2
Apex Domain
Subdomains		 Transfer
11 msauth.net
aadcdn.msauth.net
494 KB
3 sharepoint.de
buber.sharepoint.de
4 KB
1 microsoftonline.de
login.microsoftonline.de
46 KB
1 buber.info
www.intranet.buber.info
297 B
12 4
Domain Requested by
11 aadcdn.msauth.net login.microsoftonline.de
aadcdn.msauth.net
3 buber.sharepoint.de 3 redirects
1 login.microsoftonline.de
1 www.intranet.buber.info 1 redirects
12 4

This site contains links to these domains. Also see Links.

Domain
privacy.microsoft.com
www.microsoft.com
Subject Issuer Validity Valid
login.microsoftonline.de
D-TRUST SSL Class 3 CA 1 2009		 2018-10-12 -
2020-10-12		 2 years crt.sh
aadcdn.msauth.net
Microsoft IT TLS CA 4		 2018-11-07 -
2020-11-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Frame ID: 99A5F3C960000ABC8DEEDE38E9741CCE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.intranet.buber.info/ HTTP 301
    https://buber.sharepoint.de/ HTTP 302
    https://buber.sharepoint.de/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
    https://buber.sharepoint.de/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%... HTTP 302
    https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2... Page URL

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

540 kB
Transfer

1186 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.intranet.buber.info/ HTTP 301
    https://buber.sharepoint.de/ HTTP 302
    https://buber.sharepoint.de/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
    https://buber.sharepoint.de/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie HTTP 302
    https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set authorize
login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/
Redirect Chain
  • https://www.intranet.buber.info/
  • https://buber.sharepoint.de/
  • https://buber.sharepoint.de/_layouts/15/Authenticate.aspx?Source=%2F
  • https://buber.sharepoint.de/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie
  • https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&respo...
172 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.5.145.147 , Germany, ASN200517 (MS-DEUTSCHLAND, DE),
Reverse DNS
Software
/
Resource Hash
dea1e52868c8041fca21d540c0b0fcbe1e3ba79857e544d8f09e1dfb829ff217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
login.microsoftonline.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control
on
x-ms-request-id
3b6a1573-e4ca-4ded-9350-73edfdd60200
x-ms-ests-server
2.1.10155.17 - LEJ2 ProdSlices
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
buid=AQABAAEAAQDILUgt1Ft6S4nrjXChXfgVChBYi1AEQPP9xJyeSmOjStP9CMgEye6rDabX-QhTbPKXWXbMAjw28LtXh1z8XVb1zXW8kIcPaLNqyeg0uE4DXWaOM3_Ftu7BS9vTfthhjxcgAA; expires=Sun, 12-Apr-2020 19:42:53 GMT; path=/; secure; HttpOnly fpc=Ajf0h49_2BVCtxvyWNZZSjKSLPilAQAAAD3Z_dUOAAAA; expires=Sun, 12-Apr-2020 19:42:53 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAQDILUgt1Ft6S4nrjXChXfgVoSnKGC6gTsQ_B7Qv_596T4H_w9_bTXoDjFVcyER2sV1VcLYEzw57pnUJFf93xUBJWVVyxG8EK_keX3r7NIgqGJCs7rhEK9L9BIo2JPaET4llTPKvCLvaq8SX5Kta15SESktXlogUSQO-GURrWuP3pTr24WjWXRgt2m44jNlhicogAA; domain=.login.microsoftonline.de; path=/; secure; HttpOnly
Referrer-Policy
strict-origin-when-cross-origin
Date
Fri, 13 Mar 2020 19:42:53 GMT
Content-Length
45359

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
https://login.microsoftonline.de:443/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Server
Microsoft-IIS/10.0
X-SharePointHealthScore
1
X-AspNet-Version
4.0.30319
Set-Cookie
nSGt-DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1=gYEwNUJERTVGMTU0QUMyOEE5MjI3NzgyRUNEMEJFRDRCRTdERTM0Q0M0NDVGQTQ2RjQ5MERFNDhBN0MxQUMzNjlDMkNBRkFFMjQ4QzhGRERDNTAzMzc5ODJGRDJDRjNCMDBCMRIxMzIyODYwMjc5MzA0NzM5OTITYnViZXIuc2hhcmVwb2ludC5kZTUfGa+kToCjbchgA7Q3j6Jxb5dCPoZwHZxhzzxkWZe6UltVlfiUuDFNWr4gcvFTzeO36IbnS6vUMwmG5leWjWCzILKrlhaLYKHFbagkxkUcLrjWrosfCeJmCrJNb9oFC0FjV/+JB53VuiIm9ClT/4PWGSSHFSz4v+MXpPixZnB5gCMhf1WDU+Cn4g62emCvT0Kb0PPNfWHXsLOpCrpVFILDcFWd1APWdUoJOQVCMFRzuN++o6epwd2ValJh3SDVzWVjonzgDGSp9Eyh/bS03kDMUyE8Adpjk0BSkrOBUiFJfZq/QrT9O/j2+Gq1CPRgIlofQSREchv1IFoMWhaqul6LAAAA; expires=Fri, 13-Mar-2020 19:53:13 GMT; path=/; SameSite=None; secure; HttpOnly RpsContextCookie=U291cmNlPSUyRiZQcmV2aW91c1JlcXVlc3RDb3JyZWxhdGlvbklkPThlNzkzZTlmJTJEODA0NyUyRDAwMDAlMkQwYzVhJTJEY2FmZjQ5NDZjYmJiJlJldHVyblVybD0lMkYlNUZsYXlvdXRzJTJGMTUlMkZBdXRoZW50aWNhdGUlMkVhc3B4JTNGU291cmNlJTNEJTI1MkY=; expires=Fri, 13-Mar-2020 19:53:13 GMT; path=/; SameSite=None; secure; HttpOnly
SPRequestGuid
8e793e9f-8047-0000-0c5a-caff4946cbbb
request-id
8e793e9f-8047-0000-0c5a-caff4946cbbb
MS-CV
nz55jkeAAAAMWsr/SUbLuw.0
Strict-Transport-Security
max-age=31536000
SPRequestDuration
65
SPIisLatency
1
X-Powered-By
ASP.NET
MicrosoftSharePointTeamServices
16.0.0.19819
X-Content-Type-Options
nosniff
X-MS-InvokeApp
1; RequireReadOnly
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date
Fri, 13 Mar 2020 19:43:12 GMT
Content-Length
787
ux.old.converged.login.pcore.min_fwwu50nnn4qjs3llv7nrcq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		593 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_fwwu50nnn4qjs3llv7nrcq2.js
Requested by
Host: login.microsoftonline.de
URL: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
402d7bb3d275fbb33fb33035677170e21e9df83dd805c511294b8c1781ac51bc

Request headers

Referer
https://login.microsoftonline.de/
Origin
https://login.microsoftonline.de
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:52 GMT
content-encoding
gzip
x-azure-ref-originshield
05BhrXgAAAADEmhdaUwXWT7IDo1MavgidQU1TRURHRTA1MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
/RCzI5KOhA1zCtWvGp+gPQ==
x-cache
TCP_HIT
status
200
content-length
154017
x-ms-lease-status
unlocked
last-modified
Tue, 25 Feb 2020 19:59:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7BA2D3C24308A
x-azure-ref
0PeJrXgAAAABvtQqcRdIESLlr5Z7LzJQfRlJBRURHRTEwMTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
51adda16-701e-0064-01f6-f7d959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
info_4883eb1a3cbdddf5a79e28d320cfe5a9.svg
aadcdn.msauth.net/ests/2.1/content/images/ 		342 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/info_4883eb1a3cbdddf5a79e28d320cfe5a9.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f3368544a6266f0fee3c4437a8144887bbad1de97be20a578c07946a8ed41b4f

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0YlZrXgAAAABVhrr4O4tBRabPFXj5ZyKIQU1TRURHRTA1MDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
chjoZgHXPBuEohZPGnBrBQ==
x-cache
TCP_HIT
status
200
content-length
207
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D64101538A0E42
x-azure-ref
0PuJrXgAAAACUT9n9P1sGSbsZ4ahPRva3RlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
230e77a1-a01e-0009-60c9-f64460000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net/ests/2.1/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0BBlrXgAAAAAYbtCm/1zzQKcjYXEfSOVhQU1TRURHRTA2MTIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
status
200
content-length
1435
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D64101560D5E58
x-azure-ref
0PuJrXgAAAAAxLWPT/8k/R5YPtMjtiG1ERlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5d32858c-e01e-0021-5da9-f78d42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
aadcdn.msauth.net/ests/2.1/content/images/ 		915 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0WFZrXgAAAAC4BS1nIYwUS57r1HkNulu1QU1TRURHRTA2MjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
HMwsHhNXdtrfirQDkzcqMA==
x-cache
TCP_HIT
status
200
content-length
263
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D64101521A1ED5
x-azure-ref
0PuJrXgAAAADEOjphvat+TJIShzvl24O3RlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f8f165e0-201e-0069-1a51-f70642000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
aadcdn.msauth.net/ests/2.1/content/images/ 		915 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0lw5pXgAAAADudzjJLqFlT5IZp3SPqGfRQU1TRURHRTA2MTIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
/a3y/mpA+HRaVAiPACrsog==
x-cache
TCP_HIT
status
200
content-length
263
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D641015168A4FB
x-azure-ref
0PuJrXgAAAABJwi8cdy4xS6c4LsdeLYX6RlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0ac387fa-601e-0029-219e-f7d553000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg
aadcdn.msauth.net/ests/2.1/content/images/backgrounds/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_fwwu50nnn4qjs3llv7nrcq2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
x-azure-ref-originshield
0UNJrXgAAAABAhPmJowRrTJIfH2+Bqwa4QU1TRURHRTA1MTEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
E4vO5iT6BO+bdehiEan+DQ==
x-cache
TCP_HIT
status
200
content-length
3006
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:26:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6410178AD3FAD
x-azure-ref
0PuJrXgAAAABfO+v6QxfXT7YKf8CJhBEnRlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
222c2f06-a01e-004d-149d-f73b79000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
aadcdn.msauth.net/ests/2.1/content/images/backgrounds/ 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_fwwu50nnn4qjs3llv7nrcq2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
x-azure-ref-originshield
0WSdrXgAAAACR5sE2sNmoRrzg+oadvrHFQU1TRURHRTA2MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
pdvUOT/2pyXH5ith335y8A==
x-cache
TCP_HIT
status
200
content-length
283351
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:26:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6410178E329F6
x-azure-ref
0PuJrXgAAAACQCJ/bSQcTRKmqZ0+dc1p6RlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b0212485-701e-0058-1efe-f80c51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
converged.v2.login.min_q6m5ldmi2_mptzyqlrehgg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_q6m5ldmi2_mptzyqlrehgg2.css
Requested by
Host: login.microsoftonline.de
URL: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0G/BoXgAAAAAZ4d7oSHPGQIX8kWRAy/erQU1TRURHRTA1MTcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
yilkerdqlztbvj3XDx8VMA==
x-cache
TCP_HIT
status
200
content-length
18806
x-ms-lease-status
unlocked
last-modified
Thu, 20 Feb 2020 06:34:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B5CEEF8AF429
x-azure-ref
0PuJrXgAAAABLfhefqQduSrUYA5P9kkQ1RlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f123da7d-b01e-002c-33a8-f75259000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_gur8kswtia8_1qujlll20a2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_gur8kswtia8_1qujlll20a2.js
Requested by
Host: login.microsoftonline.de
URL: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0/w1pXgAAAAD83nxahxRGRZbuHGR347fLQU1TRURHRTA2MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
RwWjVmQO7yzSsnW8taZsLg==
x-cache
TCP_HIT
status
200
content-length
11114
x-ms-lease-status
unlocked
last-modified
Thu, 20 Feb 2020 06:35:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B5CF063FCCD2
x-azure-ref
0PuJrXgAAAAAPoQKbWZ84RZj9ZjY3o3FnRlJBRURHRTEwMDkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a3054774-001e-0003-0aa4-f74a75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_q6m5ldmi2_mptzyqlrehgg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		100 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_q6m5ldmi2_mptzyqlrehgg2.css
Requested by
Host: login.microsoftonline.de
URL: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f93ac86399c243ac9e9956362b0940b5b1657ee9a54c226a3517cde39c950548

Request headers

Referer
https://login.microsoftonline.de/
Origin
https://login.microsoftonline.de
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0G/BoXgAAAAAZ4d7oSHPGQIX8kWRAy/erQU1TRURHRTA1MTcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
yilkerdqlztbvj3XDx8VMA==
x-cache
TCP_HIT
status
200
content-length
18806
x-ms-lease-status
unlocked
last-modified
Thu, 20 Feb 2020 06:34:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B5CEEF8AF429
x-azure-ref
0QuJrXgAAAABFvgWsBC4VTZ7ZbMuoVfw1RlJBRURHRTEwMTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f123da7d-b01e-002c-33a8-f75259000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_gur8kswtia8_1qujlll20a2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		36 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_gur8kswtia8_1qujlll20a2.js
Requested by
Host: login.microsoftonline.de
URL: https://login.microsoftonline.de/a0e00386-0483-4529-a427-007fd461b68e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=DE48A7C1AC369C2CAFAE248C8FDDC50337982FD2CF3B00B1%2D7C9C8CEC60A08593533AB82CF5F2F4720EF6EE07E7F718D6E94D7124C5E02742&redirect%5Furi=https%3A%2F%2Fbuber%2Esharepoint%2Ede%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8e793e9f%2D8047%2D0000%2D0c5a%2Dcaff4946cbbb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b88ec80ab26ba6b6e239a2aac837e6565c776b9a68c58f0fa74e344447d22cb

Request headers

Referer
https://login.microsoftonline.de/
Origin
https://login.microsoftonline.de
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Mar 2020 19:42:58 GMT
content-encoding
gzip
x-azure-ref-originshield
0/w1pXgAAAAD83nxahxRGRZbuHGR347fLQU1TRURHRTA2MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-md5
RwWjVmQO7yzSsnW8taZsLg==
x-cache
TCP_HIT
status
200
content-length
11114
x-ms-lease-status
unlocked
last-modified
Thu, 20 Feb 2020 06:35:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B5CF063FCCD2
x-azure-ref
0QuJrXgAAAAD9uuxQBGspSIfExzAlCivgRlJBRURHRTEwMTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a3054774-001e-0003-0aa4-f74a75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData function| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __OldConvergedLogin_PCore boolean| __

4 Cookies

Domain/Path Name / Value
.login.microsoftonline.de/ Name: esctx
Value: AQABAAAAAQDILUgt1Ft6S4nrjXChXfgVoSnKGC6gTsQ_B7Qv_596T4H_w9_bTXoDjFVcyER2sV1VcLYEzw57pnUJFf93xUBJWVVyxG8EK_keX3r7NIgqGJCs7rhEK9L9BIo2JPaET4llTPKvCLvaq8SX5Kta15SESktXlogUSQO-GURrWuP3pTr24WjWXRgt2m44jNlhicogAA
login.microsoftonline.de/ Name: fpc
Value: Ajf0h49_2BVCtxvyWNZZSjKSLPilAQAAAD3Z_dUOAAAA
.login.microsoftonline.de/ Name: brcap
Value: 0
login.microsoftonline.de/ Name: buid
Value: AQABAAEAAQDILUgt1Ft6S4nrjXChXfgVChBYi1AEQPP9xJyeSmOjStP9CMgEye6rDabX-QhTbPKXWXbMAjw28LtXh1z8XVb1zXW8kIcPaLNqyeg0uE4DXWaOM3_Ftu7BS9vTfthhjxcgAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY