urlscan.io logo urlscan.io
SecurityTrails logo

client.dtmnebula.microsoft.com Open in urlscan Pro
13.95.224.134  Public Scan

Go To Rescan Add Verdict Report
URL: https://client.dtmnebula.microsoft.com/Landing
Submission Tags: @phishunt_io
Submission: On January 16 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 13.95.224.134, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is client.dtmnebula.microsoft.com.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on October 13th 2020. Valid for: a year.
This is the only time client.dtmnebula.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 13.95.224.134 8075 (MICROSOFT...)
9 1
Apex Domain
Subdomains		 Transfer
9 microsoft.com
client.dtmnebula.microsoft.com
143 KB
9 1
Domain Requested by
9 client.dtmnebula.microsoft.com client.dtmnebula.microsoft.com
9 1

This site contains links to these domains. Also see Links.

Domain
privacy
Subject Issuer Validity Valid
client.dtmnebula.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2020-10-13 -
2021-10-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://client.dtmnebula.microsoft.com/Landing
Frame ID: 529688E53C5D785948113591843B2183
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

143 kB
Transfer

429 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Landing
client.dtmnebula.microsoft.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
363b75845b4f35919b23063894af66cf0a7b26e14d8b44da23c474caad14f500
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
client.dtmnebula.microsoft.com
:scheme
https
:path
/Landing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
date
Sat, 16 Jan 2021 14:45:28 GMT
content-length
2558
dashboardmain.css
client.dtmnebula.microsoft.com/Content/Dashboard/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/Content/Dashboard/dashboardmain.css
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6d372042f1be38ed4cbef6da8fd2ab086d5ee6146f5de2be7ff38e064200476d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Jan 2021 00:07:02 GMT
server
Microsoft-IIS/10.0
etag
"0571c2f9ead61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1249
css
client.dtmnebula.microsoft.com/Content/ 		148 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/Content/css?v=fJ_zJlmYngjH7aZg3uZY9bwxghMZ4nzfBzidTURuYyg1
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3898c9fef20386d627536f3252cf132db17ce2686249c4f5abeea364af8a32d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 14:45:29 GMT
server
Microsoft-IIS/10.0
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
content-length
36290
expires
Sun, 16 Jan 2022 14:45:29 GMT
modernizr
client.dtmnebula.microsoft.com/bundles/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 14:45:29 GMT
server
Microsoft-IIS/10.0
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
5229
expires
Sun, 16 Jan 2022 14:45:29 GMT
jquery
client.dtmnebula.microsoft.com/bundles/ 		82 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
21fbbd6d8977efd96b0b22b85d6c6e393cf6b5841e817118f4ea7814ba0f1c4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 14:45:29 GMT
server
Microsoft-IIS/10.0
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
38105
expires
Sun, 16 Jan 2022 14:45:29 GMT
dialogFocus.js
client.dtmnebula.microsoft.com/Scripts/ 		983 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/Scripts/dialogFocus.js
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
57a4692f2f077f60ed28ce0618130bd6c8f9e08e3267ee6d8a0b242d4f014d68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Jan 2021 00:07:03 GMT
server
Microsoft-IIS/10.0
etag
"6fda309ead61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
473
bootstrap
client.dtmnebula.microsoft.com/bundles/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/bundles/bootstrap?v=Euuan3gE5m3GjTEzp6Ydj0krKjC3trM_f9YkJY20H701
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0833db7735726bd69344285a8eefd361af69798a977e6e3ad97731fefdae545e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 14:45:29 GMT
server
Microsoft-IIS/10.0
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
14208
expires
Sun, 16 Jan 2022 14:45:29 GMT
knockout
client.dtmnebula.microsoft.com/bundles/ 		62 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/bundles/knockout?v=4JxpNGkSp5vSm2nCtzcGo4QIuii_qu0G0NHxC9sJYAg1
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9fc8dc63149a0289473037696206a9ddaecfb1b1630d8acff307b593ee9048ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 14:45:29 GMT
server
Microsoft-IIS/10.0
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
27197
expires
Sun, 16 Jan 2022 14:45:29 GMT
jsll-3.js
client.dtmnebula.microsoft.com/Scripts/ 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.dtmnebula.microsoft.com/Scripts/jsll-3.js
Requested by
Host: client.dtmnebula.microsoft.com
URL: https://client.dtmnebula.microsoft.com/Landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.224.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e1b6786bef811d36fe5e3baca10ea369aba27ea08b75bfa99b2db8855978f3e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://client.dtmnebula.microsoft.com/Landing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 14:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Jan 2021 00:07:03 GMT
server
Microsoft-IIS/10.0
etag
"6fda309ead61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
20417

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| $ function| jQuery object| respond object| ko object| awa object| Asimov function| trapFocus

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff