assets-usa.mkt.dynamics.com
Open in
urlscan Pro
13.105.221.10
Malicious Activity!
Public Scan
Submission: On April 03 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on January 26th 2024. Valid for: a year.
This is the only time assets-usa.mkt.dynamics.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 13.105.221.10 13.105.221.10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 52.146.76.30 52.146.76.30 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
assets-usa.mkt.dynamics.com | |
cxppusa1formui01cdnsa01-endpoint.azureedge.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public-usa.mkt.dynamics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
dynamics.com
assets-usa.mkt.dynamics.com — Cisco Umbrella Rank: 39200 public-usa.mkt.dynamics.com — Cisco Umbrella Rank: 64639 |
9 KB |
2 |
azureedge.net
cxppusa1formui01cdnsa01-endpoint.azureedge.net — Cisco Umbrella Rank: 216729 |
133 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
3 | assets-usa.mkt.dynamics.com |
cxppusa1formui01cdnsa01-endpoint.azureedge.net
|
2 | public-usa.mkt.dynamics.com |
cxppusa1formui01cdnsa01-endpoint.azureedge.net
|
2 | cxppusa1formui01cdnsa01-endpoint.azureedge.net |
assets-usa.mkt.dynamics.com
cxppusa1formui01cdnsa01-endpoint.azureedge.net |
7 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
assets-usa.mkt.dynamics.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-01-26 - 2025-01-20 |
a year | crt.sh |
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-01-03 - 2024-12-28 |
a year | crt.sh |
prdia888eus0aks.mkt.dynamics.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-02-29 - 2025-02-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://assets-usa.mkt.dynamics.com/308eefe3-a7e6-ee11-9046-000d3a98ad27/digitalassets/standaloneforms/964fa71d-f8f0-ee11-904b-7c1e5214929d
Frame ID: 117CB83D5DD2BE72FCF98B9EA3849B9F
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
964fa71d-f8f0-ee11-904b-7c1e5214929d
assets-usa.mkt.dynamics.com/308eefe3-a7e6-ee11-9046-000d3a98ad27/digitalassets/standaloneforms/ |
491 B 784 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FormLoader.bundle.js
cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/ |
694 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
964fa71d-f8f0-ee11-904b-7c1e5214929d
assets-usa.mkt.dynamics.com/308eefe3-a7e6-ee11-9046-000d3a98ad27/digitalassets/forms/ |
28 KB 5 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translation.json
cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/public/locales/en-us/ |
1 KB 883 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
visits
public-usa.mkt.dynamics.com/api/v1.0/orgs/308eefe3-a7e6-ee11-9046-000d3a98ad27/landingpageforms/forms/964fa71d-f8f0-ee11-904b-7c1e5214929d/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
573de1a6-abe6-ee11-904d-6045bdd34369
assets-usa.mkt.dynamics.com/308eefe3-a7e6-ee11-9046-000d3a98ad27/digitalassets/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
visits
public-usa.mkt.dynamics.com/api/v1.0/orgs/308eefe3-a7e6-ee11-9046-000d3a98ad27/landingpageforms/forms/964fa71d-f8f0-ee11-904b-7c1e5214929d/ |
43 B 425 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
April 3rd 2024, 2:20:28 pm
UTC —
From Canada
Threats:
Phishing
Brands:
Office 365
US
Comment: fake voicemail with a link forwarding to a fake microsoft login page
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| d365mktforms object| d365mkt0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets-usa.mkt.dynamics.com
cxppusa1formui01cdnsa01-endpoint.azureedge.net
public-usa.mkt.dynamics.com
13.105.221.10
52.146.76.30
0d1ab156b98488ce3ee034dd62fcb85984757f27074038d61aae8d27b466bb45
27459edba31950b37f1fb41e9f0f5e17f146e46854a2050a1791d54546f1d5ac
491377db69c365d489c88bd4ac641d341b52e6a70b034390a5fc3d161268bca5
779b4fbe4a213e68edb39d99832b2eb3c3eeceb8dc06004ee5bffa104a56b239
962553fbe9e7d65bf4c3e7e68834eefeddb471276d13933573a2d68d81c0edbc
ce87f10bb79c5c88d4d78554589e846f52df4da6905720f686d18839c902577b