office365-renens.ch Open in urlscan Pro
83.166.150.213  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response office365-renens.ch/login/	3 KB 2 KB	120ms 22ms	Document text/html	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Full URL https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash a5a4dfda1c54f042bf537a226edc400b0530312e27f49a945e1b094ddb95672d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Thu, 05 May 2022 16:28:59 GMT etag W/"626275ca-d5c" last-modified Fri, 22 Apr 2022 09:30:50 GMT server nginx/1.18.0 (Ubuntu) strict-transport-security max-age=31536000; includeSubdomains; preload
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/	141 KB 22 KB	54ms 34ms	Stylesheet text/css	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://office365-renens.ch/ Origin https://office365-renens.ch accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3913628 x-jsd-version 4.0.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19153-FRA, cache-hhn4026-HHN timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"235ed-iVElpFIqOxDuetoG7mUDWHy/lcU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuqAofUMJPzzpRguiyCZarDJEL7yZVPzDnOVw7nBSKWDitNjJy2Acjf4BE1FMxdTyLD31Jg2Tk3deNcdBqnijNukAfFWeEGXhHtF29%2FUlGjX75f8j08uQMZdr%2BMD1FwBNeWcIJpxqf%2FcUpyGJYA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 706ada367ec79b5d-FRA
GET H2	200	jquery-3.2.1.slim.min.js Show response code.jquery.com/	68 KB 24 KB	51ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.slim.min.js Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Request headers Referer https://office365-renens.ch/ Origin https://office365-renens.ch accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-10fdd" vary Accept-Encoding x-hw 1651768139.dop129.fr8.t,1651768139.cds226.fr8.hn,1651768139.cds257.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 23856
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/	19 KB 7 KB	58ms 39ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/popper.min.js Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://office365-renens.ch/ Origin https://office365-renens.ch accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3913603 x-jsd-version 1.12.9 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19133-FRA, cache-hhn4023-HHN timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"4af4-w7l3qkuN+2nWUeBwFQMdOF3tlks" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EWVAAC5BqSn3K%2Fkzpux%2BPo5ZBoSsXmLzAW2Hvz%2FbeAGW%2BXq2um%2F%2FlOjjvKlrtTPI5kXOBXKyvqT67NctD2tJBtYt8LeXlgdcPyLmIyS3%2FrOq3hCZ7LLzTVtL4OWTeeHV5msLq80jCufQ8YCxqc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 706ada367ecb9b5d-FRA
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/	48 KB 14 KB	48ms 29ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://office365-renens.ch/ Origin https://office365-renens.ch accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3913603 x-jsd-version 4.0.0 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19178-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLsTUeysdjRF8XCL6RLq6Z%2Fjx4EGmfedfxX009ymHbXwVV0s6iHyQWQN1YM7%2F%2F06hml6jrFAy5Z0KLcN%2BgCFdKSXkvJjmtYgh0UUNZwj5mzUpDTB9uEiJXh02wGmhZ3PnJIpLCuy%2FTmfqlRL7xI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 706ada367ed09b5d-FRA
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	58ms 21ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 12:41:09 GMT content-encoding gzip x-content-type-options nosniff age 13670 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 05 May 2023 12:41:09 GMT
GET H2	200	style.css office365-renens.ch/login/	2 KB 2 KB	23ms 23ms	Stylesheet text/css	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Full URL https://office365-renens.ch/login/style.css Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 387eb4317f4cd5faee655ba47be25bc6839948dbf12acf3dac10f6f6933df987 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Fri, 22 Apr 2022 09:26:27 GMT server nginx/1.18.0 (Ubuntu) etag "626274c3-7bc" strict-transport-security max-age=31536000; includeSubdomains; preload content-type text/css accept-ranges bytes content-length 1980
GET H2	200	logo.png office365-renens.ch/login/	9 KB 9 KB	39ms 39ms	Image image/png	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://office365-renens.ch/login/logo.png Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 8676528565f3486b56ca0079887a07c7519ce3073a01de3a5cb739006234d101 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Fri, 22 Apr 2022 08:40:44 GMT server nginx/1.18.0 (Ubuntu) etag "62626a0c-24ab" strict-transport-security max-age=31536000; includeSubdomains; preload content-type image/png accept-ranges bytes content-length 9387
GET H2	200	logo.svg office365-renens.ch/login/	378 B 568 B	34ms 34ms	Image image/svg+xml	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://office365-renens.ch/login/logo.svg Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash ae9cd11b7615ded2ce4aa11d21b034b5f9707aa6cb27d46596947903ccb92247 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Mon, 21 Mar 2022 10:51:03 GMT server nginx/1.18.0 (Ubuntu) etag "62385897-17a" strict-transport-security max-age=31536000; includeSubdomains; preload content-type image/svg+xml accept-ranges bytes content-length 378
GET H2	200	ssl.svg office365-renens.ch/login/	603 B 793 B	34ms 34ms	Image image/svg+xml	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://office365-renens.ch/login/ssl.svg Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 3b439667b653b07d8eec20a02b2c7cb25e4eb2a91acdbdb61f28f9163237067d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Mon, 21 Mar 2022 10:51:03 GMT server nginx/1.18.0 (Ubuntu) etag "62385897-25b" strict-transport-security max-age=31536000; includeSubdomains; preload content-type image/svg+xml accept-ranges bytes content-length 603
GET H2	200	script.js Show response office365-renens.ch/login/	3 KB 4 KB	22ms 22ms	Script application/javascript	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Full URL https://office365-renens.ch/login/script.js Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 9b77d4060ca1f1f31148ebc0859e01d3c21d7a09ba63538f5f6c69174f28498a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Fri, 22 Apr 2022 08:55:36 GMT server nginx/1.18.0 (Ubuntu) etag "62626d88-db8" strict-transport-security max-age=31536000; includeSubdomains; preload content-type application/javascript accept-ranges bytes content-length 3512
GET H2	200	background.png office365-renens.ch/login/	2 MB 2 MB	29ms 29ms	Image image/png	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://office365-renens.ch/login/background.png Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 278703bed90b97ede86bfbb18cdb16b938947406a5cfa90c997d43007d31550d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Fri, 22 Apr 2022 08:40:20 GMT server nginx/1.18.0 (Ubuntu) etag "626269f4-1e4ef0" strict-transport-security max-age=31536000; includeSubdomains; preload content-type image/png accept-ranges bytes content-length 1986288
GET H2	200	/ Show response office365-renens.ch/ Frame FC04	21 KB 6 KB	219ms 218ms	Document text/html	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Full URL https://office365-renens.ch/?rid=gwTs70p Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 9e7372a391497adc10a3822de6f969c7354eb015b4d8c95d41fe4432b506c3dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers Referer https://office365-renens.ch/login/?rid=gwTs70p Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Thu, 05 May 2022 16:28:59 GMT server nginx/1.18.0 (Ubuntu) strict-transport-security max-age=31536000; includeSubdomains; preload vary Accept-Encoding x-server gophish
GET H2	200	/ office365-renens.ch/	21 KB 21 KB	219ms 218ms	Image text/html	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://office365-renens.ch/?rid=gwTs70p Requested by Host: office365-renens.ch URL: https://office365-renens.ch/login/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/login/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT content-encoding gzip x-server gophish server nginx/1.18.0 (Ubuntu) vary Accept-Encoding strict-transport-security max-age=31536000; includeSubdomains; preload content-type text/html; charset=utf-8
GET H2	200	converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css office365-renens.ch/login/ Frame FC04	108 KB 108 KB	24ms 23ms	Stylesheet text/css	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Full URL https://office365-renens.ch/login/converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css Requested by Host: office365-renens.ch URL: https://office365-renens.ch/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 0b110c35df6ba7923eb2b80869f047fe3102e2f41ddc767627cb977f44e2ae75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Fri, 22 Apr 2022 09:38:02 GMT server nginx/1.18.0 (Ubuntu) etag "6262777a-1af9d" strict-transport-security max-age=31536000; includeSubdomains; preload content-type text/css accept-ranges bytes content-length 110493
GET H2	200	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg office365-renens.ch/login/ Frame FC04	4 KB 4 KB	26ms 26ms	Image image/svg+xml	83.166.150.213 INFOMANIAK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://office365-renens.ch/login/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Requested by Host: office365-renens.ch URL: https://office365-renens.ch/?rid=gwTs70p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.166.150.213 , Switzerland, ASN29222 (INFOMANIAK-AS, CH), Reverse DNS ov-345534.infomaniak.ch Software nginx/1.18.0 (Ubuntu) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/?rid=gwTs70p User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 16:28:59 GMT last-modified Fri, 22 Apr 2022 09:38:02 GMT server nginx/1.18.0 (Ubuntu) etag "6262777a-e43" strict-transport-security max-age=31536000; includeSubdomains; preload content-type image/svg+xml accept-ranges bytes content-length 3651
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame FC04	94 KB 94 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: office365-renens.ch URL: https://office365-renens.ch/?rid=gwTs70p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://office365-renens.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 14:32:25 GMT x-content-type-options nosniff age 6994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95992 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 05 May 2023 14:32:25 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery function| Popper object| bootstrap object| searchParams object| minimize object| square object| exit object| titleBar object| draggable object| title function| enlarge

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
office365-renens.ch
2001:4de0:ac18::1:a:1a
2606:4700::6810:5514
2a00:1450:4001:82f::200a
83.166.150.213
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0b110c35df6ba7923eb2b80869f047fe3102e2f41ddc767627cb977f44e2ae75
278703bed90b97ede86bfbb18cdb16b938947406a5cfa90c997d43007d31550d
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
387eb4317f4cd5faee655ba47be25bc6839948dbf12acf3dac10f6f6933df987
3b439667b653b07d8eec20a02b2c7cb25e4eb2a91acdbdb61f28f9163237067d
8676528565f3486b56ca0079887a07c7519ce3073a01de3a5cb739006234d101
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9b77d4060ca1f1f31148ebc0859e01d3c21d7a09ba63538f5f6c69174f28498a
9e7372a391497adc10a3822de6f969c7354eb015b4d8c95d41fe4432b506c3dd
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a5a4dfda1c54f042bf537a226edc400b0530312e27f49a945e1b094ddb95672d
ae9cd11b7615ded2ce4aa11d21b034b5f9707aa6cb27d46596947903ccb92247
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d