login.micsosoft.de Open in urlscan Pro
52.174.181.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://login.micsosoft.de/?rid=FmKMDMz
Submission: On September 13 via manual (September 13th 2021, 9:19:00 am UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 52.174.181.111, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.micsosoft.de.

This is the only time login.micsosoft.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.174.181.111 52.174.181.111	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.226.156.131 13.226.156.131	16509 (AMAZON-02) (AMAZON-02)
1	13.226.156.196 13.226.156.196	16509 (AMAZON-02) (AMAZON-02)
3	13.226.156.88 13.226.156.88	16509 (AMAZON-02) (AMAZON-02)
8	4

1 52.174.181.111 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.micsosoft.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.156.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-131.dus51.r.cloudfront.net

d3d436weoz42qs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-196.dus51.r.cloudfront.net

d3nnb1hxumbr0v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.156.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-88.dus51.r.cloudfront.net

dqxfeigpboy46.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net d3d436weoz42qs.cloudfront.net d3nnb1hxumbr0v.cloudfront.net dqxfeigpboy46.cloudfront.net	522 KB
1	micsosoft.de login.micsosoft.de	11 KB
8	2

	Domain	Requested by
3	dqxfeigpboy46.cloudfront.net	login.micsosoft.de
3	d3d436weoz42qs.cloudfront.net	login.micsosoft.de
1	d3nnb1hxumbr0v.cloudfront.net	login.micsosoft.de
1	login.micsosoft.de
8	4

This site contains links to these domains. Also see Links.

Domain
register.gotowebinar.com
www.hrworks.de
jobs.hrworks.de

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://login.micsosoft.de/?rid=FmKMDMz
Frame ID: 6644B5A9B77CFF526FD5DDD5B104E0DD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Kundenlogin zur Online HR Software

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

533 kB
Transfer

1203 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://register.gotowebinar.com/register/5360807894198475019?source=login
Title: Sichern Sie sich einen Platz bei HR Kompakt!

Search URL Search Domain Scan URL

URL: https://www.hrworks.de/news/was-ist-ein-culture-deck/?utm_source=login.hrworks.de&utm_medium=referral&utm_campaign=culture_deck
Title: Hier geht's zum Artikel

Search URL Search Domain Scan URL

URL: https://www.hrworks.de/produkt/homeoffice-software/
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: http://www.hrworks.de/
Title: HRworks

Search URL Search Domain Scan URL

URL: https://jobs.hrworks.de/
Title: Stellenangebote

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login.micsosoft.de/	68 KB 11 KB	127ms 78ms	Document text/html	52.174.181.111 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://login.micsosoft.de/?rid=FmKMDMz Protocol HTTP/1.1 Server 52.174.181.111 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `d41b8b2e7d1ebf521562ab52f22786df80b3c1b23bbdee4cc8439cdc93561ddc` Request headers Host login.micsosoft.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Content-Encoding gzip Content-Type text/html; charset=utf-8 Vary Accept-Encoding X-Server gophish Date Mon, 13 Sep 2021 09:18:51 GMT Transfer-Encoding chunked
GET H2	200	bootstrap.min.css d3d436weoz42qs.cloudfront.net/theme/assets/global/plugins/bootstrap/css/	115 KB 25 KB	44ms 10ms	Stylesheet text/css	13.226.156.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3d436weoz42qs.cloudfront.net/theme/assets/global/plugins/bootstrap/css/bootstrap.min.css Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.156.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-131.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `f1d2154ad019224eaf66b73fc05b3118d16cd0b5623f811ac0048345d73ebc2c` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-meta-cb-modifiedtime Mon, 03 Oct 2016 11:05:48 GMT date Sun, 12 Sep 2021 16:03:21 GMT content-encoding gzip last-modified Fri, 21 Oct 2016 14:12:53 GMT server AmazonS3 age 62243 etag "9780e69c4052b61a4dbe6a5bf407becf" x-amz-meta-cb-realsize 117914 x-cache Hit from cloudfront content-type text/css via 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 25416 x-amz-cf-id 2YtGQKK-w5ExB766gSnVzijUh-MNnxLW_WtOJ2uZK3nsMr5uMX0VZQ==
GET H2	200	components.min.css d3d436weoz42qs.cloudfront.net/theme/assets/global/css/	600 KB 88 KB	51ms 18ms	Stylesheet text/css	13.226.156.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3d436weoz42qs.cloudfront.net/theme/assets/global/css/components.min.css Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.156.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-131.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `95388bf825bb8056de7a702286c141bbe50ba2e14e267a335aa27660d69e127b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-meta-cb-modifiedtime Mon, 03 Oct 2016 11:05:48 GMT date Mon, 13 Sep 2021 03:12:29 GMT content-encoding gzip last-modified Fri, 21 Oct 2016 14:19:03 GMT server AmazonS3 age 25027 etag "d7026d417d9db519007461c35a0faccf" x-amz-meta-cb-realsize 614179 x-cache Hit from cloudfront content-type text/css via 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 89983 x-amz-cf-id TZqi-uGoX5Idmk-qA3aJIbyxG_r7R0nqR1k5Pptx5xc84ONwybp90Q==
GET H2	200	light.min.css d3d436weoz42qs.cloudfront.net/theme/assets/layouts/layout4/css/themes/	16 KB 3 KB	61ms 27ms	Stylesheet text/css	13.226.156.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3d436weoz42qs.cloudfront.net/theme/assets/layouts/layout4/css/themes/light.min.css Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.156.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-131.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `ccc5d7a2d5c8f2badbc564a1e5c764593ac8bd73c4c8c9fe61d64e839a12cf2a` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-meta-cb-modifiedtime Mon, 03 Oct 2016 11:06:11 GMT date Sun, 12 Sep 2021 19:08:03 GMT content-encoding gzip last-modified Fri, 21 Oct 2016 14:03:35 GMT server AmazonS3 age 51049 etag "bf0b2f772848133646f5239ecf56f17e" x-amz-meta-cb-realsize 16684 x-cache Hit from cloudfront content-type text/css via 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 2330 x-amz-cf-id x3D3fskSm-Q_yzjdRbljeSKytfKqrC5gbrb_UjN60HfulSUYS9Wr4A==
GET H2	200	favicon-192.png d3nnb1hxumbr0v.cloudfront.net/images/logos2018/favicons/	7 KB 7 KB	66ms 10ms	Image image/png	13.226.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3nnb1hxumbr0v.cloudfront.net/images/logos2018/favicons/favicon-192.png Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.156.196 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-196.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `95aefa56b2c152c8583a20d421b607e62e6ade256e70d51370ad05c5d67d5ff6` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 12 Sep 2021 19:06:31 GMT via 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront) last-modified Fri, 27 Apr 2018 13:42:48 GMT server AmazonS3 age 51141 etag "e5f2d67f5106524c423b24c42a6a374c" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 6785 x-amz-cf-id 4p2RgLB_m9O49yv3uw9SPalaSasovOHxqv4M6s9i15xoL6Va37NIUQ==
GET H/1.1	200 OK	login_hrkompakt.jpg.jpeg dqxfeigpboy46.cloudfront.net/	45 KB 45 KB	5058ms 23ms	Image binary/octet-stream	13.226.156.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dqxfeigpboy46.cloudfront.net/login_hrkompakt.jpg.jpeg Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.156.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-88.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `003cb572b39fe96ce52b86752718639f5a61c9379453f1d23b62ec79e7efa245` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Mon, 13 Sep 2021 08:31:53 GMT Via 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront) Last-Modified Thu, 06 May 2021 13:15:36 GMT Server AmazonS3 Age 2824 ETag "9c0c56eba054115d05bed3a7c8e48de3" X-Cache Hit from cloudfront Content-Type binary/octet-stream Connection keep-alive X-Amz-Cf-Pop DUS51-C1 Accept-Ranges bytes Content-Length 45636 X-Amz-Cf-Id AWPwem91mpQOdSVN4HIgkv1z5ZY4qC7jNfPKP5J-FIWM6GZ6Ab5B-g==
GET H/1.1	200 OK	Culture_Deck.jpeg dqxfeigpboy46.cloudfront.net/	171 KB 171 KB	5048ms 14ms	Image binary/octet-stream	13.226.156.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dqxfeigpboy46.cloudfront.net/Culture_Deck.jpeg Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.156.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-88.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `699fbd1c05106054095427944cb150d62f8b59bbcff9ed919e6e45c0c490e8ca` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Mon, 13 Sep 2021 03:33:42 GMT Via 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront) Last-Modified Tue, 02 Mar 2021 10:32:32 GMT Server AmazonS3 Age 21078 ETag "f54dded0a9bf4b468c0cfc7a323ba204" X-Cache Hit from cloudfront Content-Type binary/octet-stream Connection keep-alive X-Amz-Cf-Pop DUS51-C1 Accept-Ranges bytes Content-Length 175124 X-Amz-Cf-Id zJRx4aXw5eepJIjOzjMqFGgyh4PIGUhcCxqtBjfW0AXmew23lh7lWg==
GET H/1.1	200 OK	lockdown.jpeg dqxfeigpboy46.cloudfront.net/	182 KB 183 KB	5049ms 13ms	Image binary/octet-stream	13.226.156.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dqxfeigpboy46.cloudfront.net/lockdown.jpeg Requested by Host: login.micsosoft.de URL: http://login.micsosoft.de/?rid=FmKMDMz Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.156.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-88.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash `bc3197aa496887fd10d89a50d06ca861a470af860c3cbd48b82ca97b60987026` Request headers Accept-Language de-DE,de;q=0.9 Referer http://login.micsosoft.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sun, 12 Sep 2021 18:52:29 GMT Via 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront) Last-Modified Wed, 20 Jan 2021 16:11:12 GMT Server AmazonS3 Age 51988 ETag "91bfbd92ef2bcb4b7a34fc405b9f1aa5" X-Cache Hit from cloudfront Content-Type binary/octet-stream Connection keep-alive X-Amz-Cf-Pop DUS51-C1 Accept-Ranges bytes Content-Length 186498 X-Amz-Cf-Id 4DnBoJmwcA2qb4Wh9-lqB8Gm7UlNjfgEXJu-k4a7RAzpsHV5oO8BVQ==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3d436weoz42qs.cloudfront.net
d3nnb1hxumbr0v.cloudfront.net
dqxfeigpboy46.cloudfront.net
login.micsosoft.de
13.226.156.131
13.226.156.196
13.226.156.88
52.174.181.111
003cb572b39fe96ce52b86752718639f5a61c9379453f1d23b62ec79e7efa245
699fbd1c05106054095427944cb150d62f8b59bbcff9ed919e6e45c0c490e8ca
95388bf825bb8056de7a702286c141bbe50ba2e14e267a335aa27660d69e127b
95aefa56b2c152c8583a20d421b607e62e6ade256e70d51370ad05c5d67d5ff6
bc3197aa496887fd10d89a50d06ca861a470af860c3cbd48b82ca97b60987026
ccc5d7a2d5c8f2badbc564a1e5c764593ac8bd73c4c8c9fe61d64e839a12cf2a
d41b8b2e7d1ebf521562ab52f22786df80b3c1b23bbdee4cc8439cdc93561ddc
f1d2154ad019224eaf66b73fc05b3118d16cd0b5623f811ac0048345d73ebc2c

login.micsosoft.de Open in urlscan Pro 52.174.181.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

533 kBTransfer

1203 kBSize

0 Cookies

5 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

login.micsosoft.de Open in urlscan Pro
52.174.181.111 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

533 kB
Transfer

1203 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions