mso.mscenter-exchangeprotect.ml
Open in
urlscan Pro
204.44.125.124
Public Scan
Effective URL: https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true
Submission Tags: falconsandbox
Submission: On July 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.
This is the only time mso.mscenter-exchangeprotect.ml was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 204.44.125.124 204.44.125.124 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
11 | 2 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.44.125.124.static.quadranet.com
mso.mscenter-exchangeprotect.ml | |
login.mscenter-exchangeprotect.ml | |
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
mscenter-exchangeprotect.ml
1 redirects
mso.mscenter-exchangeprotect.ml login.mscenter-exchangeprotect.ml aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml Failed |
213 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
4 | mso.mscenter-exchangeprotect.ml |
1 redirects
mso.mscenter-exchangeprotect.ml
|
1 | aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml |
mso.mscenter-exchangeprotect.ml
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml |
1 | login.mscenter-exchangeprotect.ml |
mso.mscenter-exchangeprotect.ml
|
0 | portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml Failed |
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mscenter-exchangeprotect.ml R3 |
2022-07-27 - 2022-10-25 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true
Frame ID: 7C38EC2621986B353F3FA5D98B94C4D4
Requests: 10 HTTP requests in this frame
Frame:
https://portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml/Prefetch/Prefetch.aspx
Frame ID: 4AD1FCECE29A767F1B25AE50DE064AC0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true
HTTP 301
https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true Page URL
- https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true
HTTP 301
https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true Page URL
- https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true HTTP 301
- https://mso.mscenter-exchangeprotect.ml/?username=bboyce%40rivian.com&sso_reload=true
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
mso.mscenter-exchangeprotect.ml/ Redirect Chain
|
61 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
mso.mscenter-exchangeprotect.ml/ |
200 B 357 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
mso.mscenter-exchangeprotect.ml/ |
339 KB 81 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Me.htm
login.mscenter-exchangeprotect.ml/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_G9uLwWVLX9pFa198LIT55w2.js
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/js/ |
382 KB 109 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Prefetch.aspx
portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml/Prefetch/ Frame 4AD1 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf.js
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/js/asyncchunk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml
- URL
- https://portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml/Prefetch/Prefetch.aspx
- Domain
- aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
- URL
- https://aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/ests/2.1/content/cdnbundles/converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
- Domain
- aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
- URL
- https://aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
- Domain
- aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
- URL
- https://aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf.js
- Domain
- aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
- URL
- https://aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
- Domain
- aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
- URL
- https://aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mscenter-exchangeprotect.ml/ | Name: __LnrD Value: YTdiZjFjM2YtMzNlMi00Yzk4LTgzNTMtMmU0MzgyMDVhZTQxOmZkMWQ4OWYyLWI4ZWUtNGZkNi05MTgxLTQxYzUzMDYxZmVmNg== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
login.mscenter-exchangeprotect.ml
mso.mscenter-exchangeprotect.ml
portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml
aadcdn-msftauth-a7bf1c3f.mscenter-exchangeprotect.ml
portal-microsoftonline-a7bf1c3f.mscenter-exchangeprotect.ml
204.44.125.124
3b3e3cf4386eb546bcd5e6f8e289c65e42a960815dd6031f3583dbab1849f97b
553a8c24ff59a092a18140d80a8aec7c5a6b6e41c8c198311390bcd3f8b54e47
bef6897cb728d37db6993e31b20f77a7daf33b6e233f12b560cf43a3b75568d1
f8921ee1de6e54e774fa6f8a2120e23fea5adf85e7bfe516261e1100af8271b5