mso.corned.co Open in urlscan Pro
179.43.163.122 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://c0poft.codesandbox.io/?dg=
Effective URL:
https://mso.corned.co/?username=0&sso_reload=true
Submission: On July 27 via manual (July 27th 2022, 1:37:25 am UTC) from IN — Scanned from DE

Summary HTTP 88 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 88 HTTP transactions. The main IP is 179.43.163.122, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is mso.corned.co.
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.

This is the only time mso.corned.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:440... 2606:4700:4400::ac40:90ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::6812:2b11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	179.43.163.122 179.43.163.122	51852 (PLI-AS) (PLI-AS)
88	5

7 2606:4700:4400::ac40:90ef (United States)

ASN13335 (CLOUDFLARENET, US)

c0poft.codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2b11 (United States)

ASN13335 (CLOUDFLARENET, US)

codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 179.43.163.122 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com

mso.corned.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aadcdn-msftauth-dea4c03b.corned.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.corned.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal-microsoftonline-dea4c03b.corned.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	corned.co mso.corned.co aadcdn-msftauth-dea4c03b.corned.co login.corned.co portal-microsoftonline-dea4c03b.corned.co prod-msocdn-dea4c03b.corned.co Failed	415 KB
11	codesandbox.io c0poft.codesandbox.io codesandbox.io — Cisco Umbrella Rank: 79883	2 MB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1311	5 KB
88	3

	Domain	Requested by
14	aadcdn-msftauth-dea4c03b.corned.co	mso.corned.co aadcdn-msftauth-dea4c03b.corned.co
6	codesandbox.io	c0poft.codesandbox.io codesandbox.io
5	c0poft.codesandbox.io	c0poft.codesandbox.io
4	mso.corned.co	c0poft.codesandbox.io mso.corned.co
1	portal-microsoftonline-dea4c03b.corned.co	aadcdn-msftauth-dea4c03b.corned.co portal-microsoftonline-dea4c03b.corned.co
1	login.corned.co	mso.corned.co
1	static.cloudflareinsights.com	c0poft.codesandbox.io
0	prod-msocdn-dea4c03b.corned.co Failed	portal-microsoftonline-dea4c03b.corned.co
88	8

This site contains links to these domains. Also see Links.

Domain
go-microsoft-dea4c03b.corned.co
www-microsoft.corned.co
privacy-microsoft-dea4c03b.corned.co

Subject Issuer	Validity	Valid
codesandbox.io Cloudflare Inc ECC CA-3	`2022-04-18` - `2023-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
corned.co R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mso.corned.co/?username=0&sso_reload=true
Frame ID: 5C15969962B2E0D85C39EA73307FA609
Requests: 31 HTTP requests in this frame

Frame: https://portal-microsoftonline-dea4c03b.corned.co/Prefetch/Prefetch.aspx
Frame ID: 5C4BFA7680971264804187F1002680A5
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://c0poft.codesandbox.io/?dg= Page URL
https://mso.corned.co/?username=0 Page URL
https://mso.corned.co/?username=0 Page URL
https://mso.corned.co/?username=0&sso_reload=true Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

88
Requests

36 %
HTTPS

75 %
IPv6

3
Domains

8
Subdomains

5
IPs

2
Countries

1963 kB
Transfer

7713 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://go-microsoft-dea4c03b.corned.co/fwlink/p/?LinkID=733247
Title: Benennen Sie Ihr persönliches Microsoft-Konto um.

Search URL Search Domain Scan URL

URL: https://www-microsoft.corned.co/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy-microsoft-dea4c03b.corned.co/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www-microsoft.corned.co/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://c0poft.codesandbox.io/?dg= Page URL
https://mso.corned.co/?username=0 Page URL
https://mso.corned.co/?username=0 Page URL
https://mso.corned.co/?username=0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
c0poft.codesandbox.io/ 2 KB
1 KB 125ms
69ms Document
text/html 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d758e70b76e09c6e1d11426b7e8fb454cab6ae5b79b061c733465d826900e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7311a63629062355-ZRH
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 01:37:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-request-id: FwWL4fZC8YRJ5_oiULBh

GET
H2 200 vendors~app~embed~sandbox~sandbox-startup.bcc15d438.chunk.js
codesandbox.io/static/js/ 9 KB
3 KB 86ms
30ms Script
application/javascript 2606:4700:4400::6812:2b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/vendors~app~embed~sandbox~sandbox-startup.bcc15d438.chunk.js
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://c0poft.codesandbox.io/
Origin: https://c0poft.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 70419
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 15:34:30 GMT
server: cloudflare
etag: W/"62d82086-2312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7311a636fb7f0221-ZRH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~app~embed~sandbox-startup.6e3433fd3.chunk.js
codesandbox.io/static/js/ 17 KB
5 KB 85ms
29ms Script
application/javascript 2606:4700:4400::6812:2b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/vendors~app~embed~sandbox-startup.6e3433fd3.chunk.js
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://c0poft.codesandbox.io/
Origin: https://c0poft.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 70419
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 15:34:30 GMT
server: cloudflare
etag: W/"62d82086-423b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7311a636fb810221-ZRH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 default~app~embed~sandbox~sandbox-startup.55b6cfc89.chunk.js
codesandbox.io/static/js/ 13 KB
5 KB 83ms
28ms Script
application/javascript 2606:4700:4400::6812:2b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/default~app~embed~sandbox~sandbox-startup.55b6cfc89.chunk.js
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://c0poft.codesandbox.io/
Origin: https://c0poft.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 70419
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 15:34:30 GMT
server: cloudflare
etag: W/"62d82086-3572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7311a636fb800221-ZRH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sandbox-startup.5298fe502.js
codesandbox.io/static/js/ 10 KB
4 KB 84ms
28ms Script
application/javascript 2606:4700:4400::6812:2b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/sandbox-startup.5298fe502.js
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://c0poft.codesandbox.io/
Origin: https://c0poft.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 70419
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 15:34:30 GMT
server: cloudflare
etag: W/"62d82086-28fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7311a636fb820221-ZRH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 browserfs.min.js Show response
codesandbox.io/static/browserfs12/ 232 KB
59 KB 42ms
34ms Script
application/javascript 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/browserfs12/browserfs.min.js
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62483db86f3ba9581159a53ce478b67f4b1814e3ec0948dc60fabeeca10faff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0poft.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 39744446
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 22 Apr 2021 14:00:04 GMT
server: cloudflare
etag: W/"60818164-39fc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7311a636a9442355-ZRH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js
c0poft.codesandbox.io/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 24ms
24ms Script
text/javascript 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c0poft.codesandbox.io/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0poft.codesandbox.io/?dg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 7311a63729932355-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 95ms
50ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://c0poft.codesandbox.io/
Origin: https://c0poft.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7311a63769c62355-ZRH

GET
H3 200 babel.7.12.12.min.js
codesandbox.io/static/js/ 0
0 43ms
43ms Other
application/javascript 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/babel.7.12.12.min.js
Requested by: Host: codesandbox.io
URL: https://codesandbox.io/static/js/sandbox-startup.5298fe502.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0poft.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 39389114
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 19:22:25 GMT
server: cloudflare
etag: W/"608712f1-190d43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7311a638684901df-ZRH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
mso.corned.co/ 61 KB
23 KB 261ms
142ms Document
text/html 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mso.corned.co/?username=0
Requested by: Host: c0poft.codesandbox.io
URL: https://c0poft.codesandbox.io/?dg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 67fe4034ce08a373d62a16a9ddff3c923f0c3fff1bb43539379302fe92efe4b7

Request headers

Referer: https://c0poft.codesandbox.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 01:37:20 GMT
server: nginx/1.21.6
vary: Accept-Encoding

GET
H2 200 babel-transpiler.cdf672e2.worker.js
c0poft.codesandbox.io/ 2 MB
485 KB 67ms
65ms Other
application/javascript 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c0poft.codesandbox.io/babel-transpiler.cdf672e2.worker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0poft.codesandbox.io/?dg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7311a63739a82355-ZRH
date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 18:08:26 GMT
server: cloudflare
age: 553
etag: W/"62e02d9a-1fb3f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 babel-transpiler.cdf672e2.worker.js
c0poft.codesandbox.io/ 2 MB
485 KB 66ms
65ms Other
application/javascript 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c0poft.codesandbox.io/babel-transpiler.cdf672e2.worker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0poft.codesandbox.io/?dg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7311a63739a92355-ZRH
date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 18:08:26 GMT
server: cloudflare
age: 553
etag: W/"62e02d9a-1fb3f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 babel-transpiler.cdf672e2.worker.js
c0poft.codesandbox.io/ 2 MB
486 KB 42ms
41ms Other
application/javascript 2606:4700:4400::ac40:90ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c0poft.codesandbox.io/babel-transpiler.cdf672e2.worker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0poft.codesandbox.io/?dg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7311a63739ab2355-ZRH
date: Wed, 27 Jul 2022 01:37:20 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 18:08:26 GMT
server: cloudflare
age: 553
etag: W/"62e02d9a-1fb3f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 / Show response
mso.corned.co/ 182 B
348 B 139ms
139ms Fetch
application/json 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mso.corned.co/?username=0
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 93f3ddc22ba8874d8fdcbcec620301fb240687969e3b63737251b8f0b2317e69

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 27 Jul 2022 01:37:21 GMT
content-encoding: gzip
server: nginx/1.21.6
access-control-allow-headers: *
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
mso.corned.co/ 290 KB
84 KB 720ms
720ms Document
text/html 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mso.corned.co/?username=0
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 80aa08ddc9aa219f5f7a3c187daf8fc6ba8c1b5fae6e14667b55a65b49ef703f

Request headers

Referer: https://mso.corned.co/?username=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 01:37:21 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-dea4c03b.corned.co/api/report?catId=GW+estsfd+dub2"}]}
server: nginx/1.21.6
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.13315.8 - NEULR1 ProdSlices
x-ms-request-id: d3a344a3-41cc-4ee2-8490-cc797f3e0400

GET
H2 200 Primary Request / Show response
mso.corned.co/ 336 KB
80 KB 1608ms
1608ms Document
text/html 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mso.corned.co/?username=0&sso_reload=true
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: fa6ed869cbbd7a493b716f73f96eee5fa7bf5655a7256ee7bbdc92a8ab52d63e

Request headers

Referer: https://mso.corned.co/?username=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 01:37:23 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-dea4c03b.corned.co/api/report?catId=GW+estsfd+dub2"}]}
server: nginx/1.21.6
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.13315.8 - NEULR1 ProdSlices
x-ms-request-id: 4dd674ad-9a20-4f04-87b5-0793463e0600

GET
H2 200 ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js Show response
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ 382 KB
109 KB 738ms
676ms Script
application/x-javascript 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: a2d6da3593442d4e99f81681cb0ef06261dd81bd36123e18892296fc6c939762

Request headers

Referer: https://mso.corned.co/
Origin: https://mso.corned.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 18:33:27 GMT
server: nginx/1.21.6
age: 1657998
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 350b6840-001e-004e-1d45-92e3c9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 Me.htm
login.corned.co/ 0
0 484ms
468ms Other
text/html 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.corned.co/Me.htm?v=3
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 Prefetch.aspx Show response
portal-microsoftonline-dea4c03b.corned.co/Prefetch/ Frame 5C4B 10 KB
3 KB 501ms
482ms Document
text/html 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portal-microsoftonline-dea4c03b.corned.co/Prefetch/Prefetch.aspx
Requested by: Host: aadcdn-msftauth-dea4c03b.corned.co
URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 / ASP.NET
Resource Hash: b12bb9edafda8ba5175b9cbb738bf5aa29145888648c1048a56b67af11bc3683

Request headers

Referer: https://mso.corned.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache,no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 01:37:24 GMT
server: nginx/1.21.6
vary: Accept-Encoding Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge

GET
H2 200 oneDs_8363475333f6d315e7ae.js Show response
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ 81 KB
27 KB 356ms
355ms Script
application/x-javascript 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/oneDs_8363475333f6d315e7ae.js
Requested by: Host: aadcdn-msftauth-dea4c03b.corned.co
URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: afbafd5cea212f01758676625362e245c92fe15dcb78be8335a48e6b9863654f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
content-encoding: gzip
last-modified: Sat, 04 Jun 2022 01:23:25 GMT
server: nginx/1.21.6
age: 4329393
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 071fd5b8-a01e-0096-06f9-797f29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
aadcdn-msftauth-dea4c03b.corned.co/ests/2.1/content/cdnbundles/ 0
20 KB 357ms
356ms Other
text/css 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/ests/2.1/content/cdnbundles/converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 20:27:13 GMT
server: nginx/1.21.6
age: 2277986
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2acce49b-e01e-0039-21a1-8cc6de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
aadcdn-msftauth-dea4c03b.corned.co/ests/2.1/content/cdnbundles/ 0
15 KB 316ms
315ms Other
application/x-javascript 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
Requested by: Host: mso.corned.co
URL: https://mso.corned.co/?username=0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 22:43:47 GMT
server: nginx/1.21.6
age: 2571257
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 524074f5-b01e-0053-2ff6-896e6f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf.js Show response
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/asyncchunk/ 7 KB
3 KB 271ms
271ms Script
application/x-javascript 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf.js
Requested by: Host: aadcdn-msftauth-dea4c03b.corned.co
URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 3c55e62c03a56ed62e4c50de80afaf602cada4a09b32067434c28dbdfbed559f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 03:42:59 GMT
server: nginx/1.21.6
age: 2292959
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 69dca916-b01e-0016-5c7e-8c876c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 3 KB
3 KB 265ms
265ms Image
image/gif 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx/1.21.6
age: 3017421
etag: 0x8D79A1B9F2C6EC8
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 50691fd4-c01e-004f-58e7-851dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 4 KB
4 KB 267ms
267ms Image
image/gif 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:24 GMT
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx/1.21.6
age: 23130204
etag: 0x8D79A1B9F8A840E
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 5b247d59-a01e-005f-47fb-cea2ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pcustomizationloader_20ead0268c36816fd612.js
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 457ms
457ms Script
application/x-javascript 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_20ead0268c36816fd612.js
Requested by: Host: aadcdn-msftauth-dea4c03b.corned.co
URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 03:42:58 GMT
server: nginx/1.21.6
age: 2618814
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 37e80eaf-e01e-005b-4788-894940000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 374ms
373ms Image
image/svg+xml 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: nginx/1.21.6
age: 1289482
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b7f948ee-201e-0019-669f-95b88f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 4 KB
2 KB 261ms
261ms Image
image/svg+xml 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx/1.21.6
age: 7503296
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3d61ac0e-001e-004e-351b-5de3c9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 3 KB
3 KB 242ms
240ms Image
image/gif 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by: Host: aadcdn-msftauth-dea4c03b.corned.co
URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx/1.21.6
age: 3017422
etag: 0x8D79A1B9F2C6EC8
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 50691fd4-c01e-004f-58e7-851dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 4 KB
4 KB 392ms
390ms Image
image/gif 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by: Host: aadcdn-msftauth-dea4c03b.corned.co
URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/js/ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: nginx/1.21.6
age: 23130205
etag: 0x8D79A1B9F8A840E
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 5b247d59-a01e-005f-47fb-cea2ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 picker_account_aad_f83ebff69a4a1685e4dc9650cdab8886.svg
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 1 KB
1 KB 323ms
322ms Image
image/svg+xml 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/picker_account_aad_f83ebff69a4a1685e4dc9650cdab8886.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 7b1669da90261cdb1483950bb480ad96875f84b09bc48d1055303ce94821bf64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 02:21:26 GMT
server: nginx/1.21.6
age: 260647
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ae7f8e4a-c01e-002b-51fa-9e749b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg
aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/ 379 B
780 B 324ms
323ms Image
image/svg+xml 179.43.163.122
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn-msftauth-dea4c03b.corned.co/shared/1.0/content/images/picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.43.163.122 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.21.6 /
Resource Hash: 34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mso.corned.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 01:37:25 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 00:32:54 GMT
server: nginx/1.21.6
age: 29196652
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c2a67dba-e01e-0092-78ce-979485000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET embeddedfonts.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET admin.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/admin/css/ Frame 5C4B 0
0

GET o365themedefault.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET masterstyles15.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET masterstyles15mvc.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET website.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET home.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET home15.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET assistancepanel.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET conciergehelper.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET signup16.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/content/css/ Frame 5C4B 0
0

GET adoption.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET commonhealthdashboard.css
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/ Frame 5C4B 0
0

GET webcontrols.png
prod-msocdn-dea4c03b.corned.co/images/ Frame 5C4B 0
0

GET transparent.gif
prod-msocdn-dea4c03b.corned.co/Images/ Frame 5C4B 0
0

GET header_bg_signup_office.jpg
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET O365SharedClusteredImage.png
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET servicestatus.png
prod-msocdn-dea4c03b.corned.co/images/ Frame 5C4B 0
0

GET pagelayout_white_panel.jpg
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET pagelayout_mos_background_right.jpg
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET pagelayout_mos_background_left.jpg
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET pagelayout_nav_highlight.jpg
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET header_wizard_hl_mos.jpg
prod-msocdn-dea4c03b.corned.co/Shell/Images/ Frame 5C4B 0
0

GET list_bullet_5x5.gif
prod-msocdn-dea4c03b.corned.co/Images/ Frame 5C4B 0
0

GET spinner_16x16_metro.gif
prod-msocdn-dea4c03b.corned.co/images/ Frame 5C4B 0
0

GET spinner_24x24_metro.gif
prod-msocdn-dea4c03b.corned.co/images/ Frame 5C4B 0
0

GET signup_ms_logo.png
prod-msocdn-dea4c03b.corned.co/shell/images/ Frame 5C4B 0
0

GET o365_gallatin_logo.png
prod-msocdn-dea4c03b.corned.co/shell/images/ Frame 5C4B 0
0

GET image1.jpg
prod-msocdn-dea4c03b.corned.co/images/backgrounds/ Frame 5C4B 0
0

GET arrow_staticup_16.png
prod-msocdn-dea4c03b.corned.co/images/scrollbar/ Frame 5C4B 0
0

GET arrow_staticdown_16.png
prod-msocdn-dea4c03b.corned.co/images/scrollbar/ Frame 5C4B 0
0

GET WebResource.axd
portal-microsoftonline-dea4c03b.corned.co/ Frame 5C4B 0
0

GET microsoftajaxcombined.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET jquery-1_10_2_min.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/jquery/ Frame 5C4B 0
0

GET headbundle.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET controlbundle.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET angularlib.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET angularextensions.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET adminbootstrap.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET adminapp.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET mscorlib.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET listgrid.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/ Frame 5C4B 0
0

GET peoplepicker.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/ Frame 5C4B 0
0

GET productkeycontrol.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/ Frame 5C4B 0
0

GET gridview.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/ Frame 5C4B 0
0

GET netperf.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET searchbox.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET passwordstrengthmeter.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET hipcontrol.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/ Frame 5C4B 0
0

GET geminiwizard.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/ Frame 5C4B 0
0

GET webuivalidation.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET webtrends.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET webtrendsstream.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET home.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET reporting.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

GET assistancepanel.js
prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/ Frame 5C4B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/embeddedfonts.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/admin/css/admin.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/o365themedefault.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/masterstyles15.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/masterstyles15mvc.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/website.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/home.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/home15.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/assistancepanel.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/conciergehelper.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/content/css/signup16.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/adoption.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/commonhealthdashboard.css

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/webcontrols.png

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Images/transparent.gif

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/header_bg_signup_office.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/O365SharedClusteredImage.png

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/servicestatus.png

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/pagelayout_white_panel.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/pagelayout_mos_background_right.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/pagelayout_mos_background_left.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/pagelayout_nav_highlight.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Shell/Images/header_wizard_hl_mos.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/Images/list_bullet_5x5.gif

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/spinner_16x16_metro.gif

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/spinner_24x24_metro.gif

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/shell/images/signup_ms_logo.png

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/shell/images/o365_gallatin_logo.png

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/backgrounds/image1.jpg

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/scrollbar/arrow_staticup_16.png

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/images/scrollbar/arrow_staticdown_16.png

Domain: portal-microsoftonline-dea4c03b.corned.co
URL: https://portal-microsoftonline-dea4c03b.corned.co/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=637906088162791864

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/microsoftajaxcombined.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/jquery/jquery-1_10_2_min.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/headbundle.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/controlbundle.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/angularlib.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/angularextensions.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/adminbootstrap.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/adminapp.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/mscorlib.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/listgrid.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/peoplepicker.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/productkeycontrol.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/gridview.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/netperf.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/searchbox.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/passwordstrengthmeter.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/jsc/hipcontrol.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/webcontrols/js/geminiwizard.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/webuivalidation.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/webtrends.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/webtrendsstream.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/home.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/reporting.js

Domain: prod-msocdn-dea4c03b.corned.co
URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/js/assistancepanel.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.corned.co/	1970-01-20 05:09:41	Name: __niKS Value: ZGVhNGMwM2ItNjA5OS00Yzc4LWFjMjEtZjIwN2RmZWQ0Mjg1OmIyMzU3OTAzLTAxMWEtNDM1OS05NTYyLTE5NTk4NjJkOTE3NA==
.mso.corned.co/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
mso.corned.co/	1970-01-20 04:48:05	Name: SSOCOOKIEPULLED Value: 1
.mso.corned.co/	1970-01-20 14:09:41	Name: brcap Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prod-msocdn-dea4c03b.corned.co/2022.7.21.1/de-de/css/masterstyles15.css Message: Failed to load resource: the server responded with a status of 444 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn-msftauth-dea4c03b.corned.co
c0poft.codesandbox.io
codesandbox.io
login.corned.co
mso.corned.co
portal-microsoftonline-dea4c03b.corned.co
prod-msocdn-dea4c03b.corned.co
static.cloudflareinsights.com
portal-microsoftonline-dea4c03b.corned.co
prod-msocdn-dea4c03b.corned.co
179.43.163.122
2606:4700:4400::6812:2b11
2606:4700:4400::ac40:90ef
2606:4700:440e::ac40:9c1a
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
3c55e62c03a56ed62e4c50de80afaf602cada4a09b32067434c28dbdfbed559f
62483db86f3ba9581159a53ce478b67f4b1814e3ec0948dc60fabeeca10faff7
67fe4034ce08a373d62a16a9ddff3c923f0c3fff1bb43539379302fe92efe4b7
7b1669da90261cdb1483950bb480ad96875f84b09bc48d1055303ce94821bf64
80aa08ddc9aa219f5f7a3c187daf8fc6ba8c1b5fae6e14667b55a65b49ef703f
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
93f3ddc22ba8874d8fdcbcec620301fb240687969e3b63737251b8f0b2317e69
a2d6da3593442d4e99f81681cb0ef06261dd81bd36123e18892296fc6c939762
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
afbafd5cea212f01758676625362e245c92fe15dcb78be8335a48e6b9863654f
b12bb9edafda8ba5175b9cbb738bf5aa29145888648c1048a56b67af11bc3683
e2d758e70b76e09c6e1d11426b7e8fb454cab6ae5b79b061c733465d826900e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa6ed869cbbd7a493b716f73f96eee5fa7bf5655a7256ee7bbdc92a8ab52d63e

mso.corned.co Open in urlscan Pro 179.43.163.122 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

36 %HTTPS

75 %IPv6

3 Domains

8 Subdomains

5 IPs

2 Countries

1963 kBTransfer

7713 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mso.corned.co Open in urlscan Pro
179.43.163.122 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

36 %
HTTPS

75 %
IPv6

3
Domains

8
Subdomains

5
IPs

2
Countries

1963 kB
Transfer

7713 kB
Size

4
Cookies

88 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!