urlscan.io logo urlscan.io
SecurityTrails logo

microsoftonline.deeptechdropping.xyz Open in urlscan Pro
179.43.187.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/jascfhnpdr.appspot.com/vwqem.html
Effective URL: https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On January 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 179.43.187.190, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is microsoftonline.deeptechdropping.xyz.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.
This is the only time microsoftonline.deeptechdropping.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 185.235.230.181 47596 (ITEXPRESS-AS)
1 2 92.204.160.51 29066 (VELIANET-...)
2 8 179.43.187.190 51852 (PLI-AS)
14 5
1    2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    185.235.230.181 (Russian Federation)

ASN47596 (ITEXPRESS-AS, UA)
PTR: 93993.hosted-by-virtualdc.ru
ndimd.com
2    92.204.160.51 (Frankfurt am Main, Germany)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
ghnb.mechtechdropping.xyz
8    179.43.187.190 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
www.deeptechdropping.xyz
microsoftonline.deeptechdropping.xyz
6wkygyn7vpb8vyr.deeptechdropping.xyz
login-live.deeptechdropping.xyz
evr8u4aokxi7x1s.deeptechdropping.xyz
Domain Requested by
3 microsoftonline.deeptechdropping.xyz 1 redirects www.deeptechdropping.xyz
microsoftonline.deeptechdropping.xyz
2 www.deeptechdropping.xyz ghnb.mechtechdropping.xyz
www.deeptechdropping.xyz
2 ghnb.mechtechdropping.xyz 1 redirects
1 evr8u4aokxi7x1s.deeptechdropping.xyz microsoftonline.deeptechdropping.xyz
evr8u4aokxi7x1s.deeptechdropping.xyz
1 login-live.deeptechdropping.xyz microsoftonline.deeptechdropping.xyz
1 6wkygyn7vpb8vyr.deeptechdropping.xyz 1 redirects
1 ndimd.com
1 storage.googleapis.com
14 8

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
ndimd.com
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
mechtechdropping.xyz
R3		 2022-01-11 -
2022-04-11		 3 months crt.sh
deeptechdropping.xyz
R3		 2022-01-11 -
2022-04-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Frame ID: 3CFF340D22870CEE1C704E5EAB1E70F9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/jascfhnpdr.appspot.com/vwqem.html Page URL
  2. https://ndimd.com/aqf8y Page URL
  3. https://ghnb.mechtechdropping.xyz/ Page URL
  4. https://ghnb.mechtechdropping.xyz/ HTTP 302
    https://www.deeptechdropping.xyz/b/eed/ Page URL
  5. https://microsoftonline.deeptechdropping.xyz/login.srf?__smso=UN7taBkRQmmSHLLKk_Z3wg%3D%3D HTTP 302
    https://6wkygyn7vpb8vyr.deeptechdropping.xyz/login HTTP 302
    https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
  6. https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

14
Requests

64 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

5
IPs

3
Countries

417 kB
Transfer

1566 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/jascfhnpdr.appspot.com/vwqem.html Page URL
  2. https://ndimd.com/aqf8y Page URL
  3. https://ghnb.mechtechdropping.xyz/ Page URL
  4. https://ghnb.mechtechdropping.xyz/ HTTP 302
    https://www.deeptechdropping.xyz/b/eed/ Page URL
  5. https://microsoftonline.deeptechdropping.xyz/login.srf?__smso=UN7taBkRQmmSHLLKk_Z3wg%3D%3D HTTP 302
    https://6wkygyn7vpb8vyr.deeptechdropping.xyz/login HTTP 302
    https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Page URL
  6. https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ghnb.mechtechdropping.xyz/ HTTP 302
  • https://www.deeptechdropping.xyz/b/eed/
Request Chain 5
  • https://microsoftonline.deeptechdropping.xyz/login.srf?__smso=UN7taBkRQmmSHLLKk_Z3wg%3D%3D HTTP 302
  • https://6wkygyn7vpb8vyr.deeptechdropping.xyz/login HTTP 302
  • https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vwqem.html
storage.googleapis.com/jascfhnpdr.appspot.com/ 		63 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/jascfhnpdr.appspot.com/vwqem.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
51b95c0a2500f5951dd7d50c4b540fb71bb19aad842dbe911d081fc3e9332e85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdu8kE3TJ-7V8yDGmri217hQNXBwfSDVYUxhBg83AIoeAl0cOqNuvrGwRReJg4-uaNgxAqd2MbHSfE9KXNMn83R3D0H1Zg
expires
Tue, 11 Jan 2022 19:11:37 GMT
date
Tue, 11 Jan 2022 18:11:37 GMT
cache-control
public, max-age=3600
last-modified
Thu, 30 Dec 2021 15:18:58 GMT
etag
"07e0c6e610fd7d033d3770b4e7a48509"
x-goog-generation
1640877538770637
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
63
content-type
text/html
x-goog-hash
crc32c=rfjOUg== md5=B+DG5hD9fQM9N3C056SFCQ==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
63
server
UploadServer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aqf8y
ndimd.com/ 		76 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ndimd.com/aqf8y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.230.181 , Russian Federation, ASN47596 (ITEXPRESS-AS, UA),
Reverse DNS
93993.hosted-by-virtualdc.ru
Software
nginx /
Resource Hash
d263054c34714e39949b20cc5de4ed2e310bc5183545fd43f9f04c41000f61e5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/

Response headers

Server
nginx
Date
Tue, 11 Jan 2022 18:11:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
76
Connection
keep-alive
Keep-Alive
timeout=60
Last-Modified
Tue, 11 Jan 2022 14:37:16 GMT
ETag
"4c-5d54f63cae116"
Accept-Ranges
bytes
/
ghnb.mechtechdropping.xyz/ 		72 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ghnb.mechtechdropping.xyz/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.204.160.51 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
f6a978a58439a9c2b6529888e1f6752dedcc67c3b76c656c39362c3c88a77955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ndimd.com/

Response headers

server
nginx/1.17.10
date
Tue, 11 Jan 2022 18:11:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
/
www.deeptechdropping.xyz/b/eed/
Redirect Chain
  • https://ghnb.mechtechdropping.xyz/?
  • https://www.deeptechdropping.xyz/b/eed/
111 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.deeptechdropping.xyz/b/eed/
Requested by
Host: ghnb.mechtechdropping.xyz
URL: https://ghnb.mechtechdropping.xyz/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.190 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
fd4330770f4b2c38b62e45dfc344b870203a683dbe2538972c47c53e6f73fca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ghnb.mechtechdropping.xyz/?

Response headers

server
nginx/1.17.10
date
Tue, 11 Jan 2022 18:11:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx/1.17.10
date
Tue, 11 Jan 2022 18:11:38 GMT
content-type
text/html; charset=utf-8
location
https://www.deeptechdropping.xyz/b/eed/
strict-transport-security
max-age=31536000; includeSubDomains
/
www.deeptechdropping.xyz/b/eed/ 		237 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.deeptechdropping.xyz/b/eed/
Requested by
Host: www.deeptechdropping.xyz
URL: https://www.deeptechdropping.xyz/b/eed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.190 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.deeptechdropping.xyz/b/eed/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Jan 2022 18:11:39 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.17.10
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
authorize
microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/
Redirect Chain
  • https://microsoftonline.deeptechdropping.xyz/login.srf?__smso=UN7taBkRQmmSHLLKk_Z3wg%3D%3D
  • https://6wkygyn7vpb8vyr.deeptechdropping.xyz/login
  • https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&...
436 KB
120 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
Requested by
Host: www.deeptechdropping.xyz
URL: https://www.deeptechdropping.xyz/b/eed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.190 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.deeptechdropping.xyz/

Response headers

server
nginx/1.17.10
date
Tue, 11 Jan 2022 18:11:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache
pragma
no-cache
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
e69febfe-3a20-40a0-acc8-f95b04795801
x-ms-ests-server
2.1.12261.17 - WEULR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,50168,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx/1.17.10
date
Tue, 11 Jan 2022 18:11:39 GMT
content-type
text/html; charset=utf-8
location
https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
x-ua-compatible
IE=edge,chrome=1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: F8D144D0D8AB4D1587960286CA5DD8FA Ref B: VIEEDGE1010 Ref C: 2022-01-11T18:11:39Z
access-control-allow-origin
*
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
Primary Request authorize
microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/ 		487 KB
117 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Requested by
Host: microsoftonline.deeptechdropping.xyz
URL: https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.190 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
dc088d8827add16daa46541af44869c1674bd0f2e249eec551d510754229d132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0

Response headers

server
nginx/1.17.10
date
Tue, 11 Jan 2022 18:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache
pragma
no-cache
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
1dfa90e7-05b9-4b6f-9dd5-0eef6dc29c01
x-ms-ests-server
2.1.12261.17 - NEULR2 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
Me.htm
login-live.deeptechdropping.xyz/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login-live.deeptechdropping.xyz/Me.htm?v=3
Requested by
Host: microsoftonline.deeptechdropping.xyz
URL: https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.190 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.deeptechdropping.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/js/ 		459 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Requested by
Host: microsoftonline.deeptechdropping.xyz
URL: https://microsoftonline.deeptechdropping.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F6wkygyn7vpb8vyr.deeptechdropping.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637775214998624364.YWYxNzU5ODQtZGRhNi00MTIzLWJhZWUtNDgzZDllZGM2M2JhOTU0MTQ4MzEtZWFmOC00MDRjLWIxMGYtOGY2MWMxMDdlMTY2&ui_locales=de-DE&mkt=de-DE&state=vHONZtbwfHkAJ2xF2FVd5QDTLcSuBJ_fuYknvIQDXwF1hv7jmW4pJb4G-eR82frWBeWsldj0B9zBwRkjegeK-g_EmYI4NV6JJ8k94J79vhOya87NJ27321ia2hymF3o3hxPxu4cQwkCGm_1Q9dTCbgzsG5OVOMBKBrYi0LKuG0K7B-Y_JcQ2eu8XMYvDKcHR7gS68Cdl9rtF_FOKZxw2Dae9G013CXYKAVcU8ZK-SvVr6_cBl4rZz2hntPlwW1Yx31JZffKdGZBMPXfYfNTVjw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.190 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
10824c0edfc3de4642b7b7f855e1f221bf70b5a446a38934fecee8c8d5516a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.deeptechdropping.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jan 2022 18:11:42 GMT
content-encoding
gzip
x-azure-ref-originshield
0GFXdYQAAAAC9QpUhKBV1SbNw0Hmyj7mcTE9OMjFFREdFMDIxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
x-azure-ref
0XsjdYQAAAAB8Va2MPHjqQpnvoWERMP/WRlJBRURHRTEwMDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Thu, 04 Nov 2021 21:02:35 GMT
server
nginx/1.17.10
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d7af95a5-101e-001a-3ab2-068944000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
evr8u4aokxi7x1s.deeptechdropping.xyz/ests/2.1/content/cdnbundles/ 		0
0
ux.converged.login.strings-de.min_3vpk3xzqvz336ezzc9dpja2.js
evr8u4aokxi7x1s.deeptechdropping.xyz/ests/2.1/content/cdnbundles/ 		0
0
convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/js/asyncchunk/ 		0
0
marching_ants_white_166de53471265253ab3a456defe6da23.gif
evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/images/ 		0
0
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
evr8u4aokxi7x1s.deeptechdropping.xyz
URL
https://evr8u4aokxi7x1s.deeptechdropping.xyz/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Domain
evr8u4aokxi7x1s.deeptechdropping.xyz
URL
https://evr8u4aokxi7x1s.deeptechdropping.xyz/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_3vpk3xzqvz336ezzc9dpja2.js
Domain
evr8u4aokxi7x1s.deeptechdropping.xyz
URL
https://evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
Domain
evr8u4aokxi7x1s.deeptechdropping.xyz
URL
https://evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Domain
evr8u4aokxi7x1s.deeptechdropping.xyz
URL
https://evr8u4aokxi7x1s.deeptechdropping.xyz/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

16 Cookies

Domain/Path Name / Value
.mechtechdropping.xyz/ Name: __RoSJ
Value: p36cxDHDToKzqDqEm0XzAQ==
.deeptechdropping.xyz/ Name: __smso
Value: UN7taBkRQmmSHLLKk/Z3wg==
microsoftonline.deeptechdropping.xyz/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevra9Yl-Vz4riMZqka9UiLpYlZV3Fo5tO-hAvInTg-whekW4Whs9GHaFe7fhUlqt34b_ZReNe2EfPmC8Ruk5yMA3Xyxg9s2dXsJ-rjTI0G2ZjKk42qO3X0AwrDxnOUbGnQ51EAd8MtsHbWjBBMDPcMBXRrxhJYXtjOLekemZcPEd7MgAA
microsoftonline.deeptechdropping.xyz/ Name: stsservicecookie
Value: estsfd
microsoftonline.deeptechdropping.xyz/ Name: x-ms-gateway-slice
Value: estsfd
6wkygyn7vpb8vyr.deeptechdropping.xyz/ Name: MUID
Value: 312A9EAA63416A2A1B8F8F8362396B74
6wkygyn7vpb8vyr.deeptechdropping.xyz/ Name: .AspNetCore.Correlation.OpenIdConnectV2.PoltUXEVrqbNBRUejfn1sozNeILRy_k97A-0s_qHrE4
Value: N
6wkygyn7vpb8vyr.deeptechdropping.xyz/ Name: .AspNetCore.OpenIdConnect.Nonce.w2kz_oAALE2iC0UKxxPbm0bCMNerTto0Asd4H-C1mrsicGw-pM1BDoBJuD6i8Zw-8HbM3n0bPJ3j_tmZNA5benAoMELaVUXdY_xM7ohaISSfHV2FD7qQFBbeT46arZPTl_ZNLA88alZTcA4rV3vAZOkuKgqa0QWqV9qgFmVM6OmcoOPPgowZG5Ke211mEq8U07xdvd7GUFcnXQyLKibSNhlbfjaHkw-KFI0nWhQER-nGjd_61Mbv0rOywZzbXqUV
Value: N
6wkygyn7vpb8vyr.deeptechdropping.xyz/ Name: OH.DCAffinity
Value: OH-weu
6wkygyn7vpb8vyr.deeptechdropping.xyz/ Name: OH.FLID
Value: e3643b2f-ffd8-4747-8b3b-44ad7c06c9ad
.microsoftonline.deeptechdropping.xyz/ Name: AADSSO
Value: NA|NoExtension
microsoftonline.deeptechdropping.xyz/ Name: SSOCOOKIEPULLED
Value: 1
microsoftonline.deeptechdropping.xyz/ Name: buid
Value: 0.ASAAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr_01via1885NpeBI5fTIRgp1USqdqmFnDUfjENcAPMPSyFxs0ew41JmyzSu5DBjZm-Px4ERJkwYvTDNOn-FKyHi22R_ku97qrW8vhnqxjqNggAA
microsoftonline.deeptechdropping.xyz/ Name: fpc
Value: ArV1PjNjXWlJm0knBsqsFOi8Ae7AAQAAAFy_b9kOAAAA
login-live.deeptechdropping.xyz/ Name: MSPRequ
Value: "id=N&lt=1641924702&co=1"
login-live.deeptechdropping.xyz/ Name: uaid
Value: 8f0b5acce38b420685f21a014599502a

1 Console Messages

Source Level URL
Text
network error URL: https://ndimd.com/aqf8y
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)