login.sharepoint.online.collaboration.document.center.vendequecompro.com Open in urlscan Pro
69.10.62.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://astim.scanmera.com/XsWWP8HCQ
Effective URL:
https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Submission: On November 05 via manual (November 5th 2025, 9:45:15 am UTC) from SK — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 69.10.62.42, located in United States and belongs to IS-AS-1, US. The main domain is login.sharepoint.online.collaboration.document.center.vendequecompro.com.
TLS certificate: Issued by R12 on November 4th 2025. Valid for: 3 months.

This is the only time login.sharepoint.online.collaboration.document.center.vendequecompro.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.40.58 104.21.40.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	69.10.62.42 69.10.62.42	19318 (IS-AS-1) (IS-AS-1)
2	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.205.104.12 23.205.104.12	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
9	4

1 104.21.40.58 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

astim.scanmera.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 69.10.62.42 (United States)

ASN19318 (IS-AS-1, US)
PTR: webhosting2051.is.cc

login.sharepoint.online.collaboration.document.center.vendequecompro.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.17.25.14 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.205.104.12 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-205-104-12.deploy.static.akamaitechnologies.com

statics.teams.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
3	vendequecompro.com login.sharepoint.online.collaboration.document.center.vendequecompro.com	9 KB
2	office.net statics.teams.cdn.office.net — Cisco Umbrella Rank: 197	8 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 273	6 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 934	30 KB
1	scanmera.com 1 redirects astim.scanmera.com	410 B
9	5

	Domain	Requested by
3	login.sharepoint.online.collaboration.document.center.vendequecompro.com	login.sharepoint.online.collaboration.document.center.vendequecompro.com
2	statics.teams.cdn.office.net	login.sharepoint.online.collaboration.document.center.vendequecompro.com
2	cdnjs.cloudflare.com	login.sharepoint.online.collaboration.document.center.vendequecompro.com
2	code.jquery.com	login.sharepoint.online.collaboration.document.center.vendequecompro.com
1	astim.scanmera.com	1 redirects
9	5

This site contains no links.

Subject Issuer	Validity	Valid
R12	`2025-11-04` - `2026-02-02`	3 months	crt.sh
*.jquery.com Sectigo Public Server Authentication CA DV E36	`2025-06-12` - `2026-06-26`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2025-09-17` - `2025-12-16`	3 months	crt.sh
*.teams.cdn.office.net Microsoft Azure RSA TLS Issuing CA 07	`2025-05-07` - `2026-05-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Frame ID: 6AC0EE337037CAC725E53C37A5A7FDB3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SharePoint

Page URL History Show full URLs

https://astim.scanmera.com/XsWWP8HCQ HTTP 302
https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/ Page URL

Detected technologies

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

52 kB
Transfer

238 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://astim.scanmera.com/XsWWP8HCQ HTTP 302
https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Redirect Chain

https://astim.scanmera.com/XsWWP8HCQ
https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

5 KB
2 KB

8309ms
2231ms

Document
text/html

69.10.62.42
IS-AS-1

General

Check archive.org

Download Go to

Full URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.10.62.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2051.is.cc
Software: LiteSpeed /
Resource Hash: 6af0c4768b19158d515430df2dcebf8abd246de9c05029f00babe41ad2699b64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2158
content-type: text/html
date: Wed, 05 Nov 2025 09:45:23 GMT
last-modified: Tue, 04 Nov 2025 08:43:48 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

cf-ray: 999b6ad1aec3cab0-LAX
content-length: 0
date: Wed, 05 Nov 2025 09:45:15 GMT
location: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OWn78givve0fZlXr8O13xFVpWoOQiJ4L%2FRL7xqBa0AWRfEvzbC4%2B0go66ls7Mg5GACPhLa0Vmz7ObmEh3svl9I89OzWX4ntssvLWCP7qPBVggQ%3D%3D"}]}
server: cloudflare
vary: accept-encoding

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 307ms
68ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 4937404
x-cache: HIT, HIT
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 465594, 146985
x-served-by: cache-lga21978-LGA, cache-lax-kwhp1940135-LAX
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1762335924.446118,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H3 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 7 KB
3 KB 153ms
79ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css

Requested by

Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "659946f6-a50"
age: 397019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7cqij23EFV10CCISOAXnqa6C6eqVKdZFlkYdPngEmBL1NavoTIovRAswzjuytBZpRtHVarBmqA5ARccdYbjgLr32VV%2B8vcQcJTHMc%2B2hRz85cjvKFeQ104Rl3VmG6WXneW%2F519T"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 09:45:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 13:26:30 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 999b6b06ca5a68e6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2640
server: cloudflare

GET
H3 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 5 KB
2 KB 154ms
80ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js

Requested by

Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "659946f7-75c"
age: 157534
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIpqLo1hbMtEMUzeirhkQ1XSfF2PvfRdTbVRyWrZckFqoa%2BJZVmwYZCZXr3vHYQmmBes1Cn4lALWTu9rL%2Fx4kiMy2YQSO3b%2F6wkDdurWabvguhDRHtOSsNhTRSnab%2FPlzVa31hdA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 09:45:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 06 Jan 2024 13:26:31 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 999b6b06ca5b68e6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1884
server: cloudflare

GET
H2 200 launcher.781909af2ea6328ff48b.css
statics.teams.cdn.office.net/hashedcss-launcher/ 36 KB
7 KB 553ms
191ms Stylesheet
text/css 23.205.104.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://statics.teams.cdn.office.net/hashedcss-launcher/launcher.781909af2ea6328ff48b.css
Requested by: Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.104.12 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-205-104-12.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 41c8b0c4705bd5ed39ac03b04dc7f330fe2aab114a876236688afcacddefc56c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

content-md5: deqehC/d0rIMPJfNNDHrJA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2014-02-14
etag: "0x8DD5C28527FFF3B"
x-ms-lease-status: unlocked
report-to: {"group":"NelMSTeams","max_age":604800,"endpoints":[{"url":"https://teams.nel.measure.office.net/api/report?cat=teams"}]}
x-ms-lease-state: available
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: text/css
last-modified: Wed, 05 Mar 2025 20:57:20 GMT
vary: Accept-Encoding
cache-control: public, max-age=31258485
nel: {"report_to":"NelMSTeams","max_age":604800,"failure_fraction":0.2,"success_fraction":0.001}
timing-allow-origin: *
akamai-request-id: 0.1edcda17.1762335924.de25290
x-ms-request-id: 79bdeccd-c01e-006a-615b-37cad0000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6113
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 sharepoint.jpg
login.sharepoint.online.collaboration.document.center.vendequecompro.com/ 7 KB
7 KB 180ms
175ms Image
image/jpeg 69.10.62.42
IS-AS-1

General

Check archive.org

Download Go to Show image

Full URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/sharepoint.jpg
Requested by: Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.10.62.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2051.is.cc
Software: LiteSpeed /
Resource Hash: 0aba68fe1c8b5a77fbd120d46ec794c0aaa21d7f6dc22a6d29c895346b6e91e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

cache-control: public, max-age=604800
expires: Wed, 12 Nov 2025 09:45:24 GMT
accept-ranges: bytes
content-length: 6670
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: image/jpeg
last-modified: Tue, 04 Nov 2025 08:19:35 GMT
server: LiteSpeed

GET
H2 200 microsoft_logo.3c5fb2e769272b22e31e2535162f6a38.svg
statics.teams.cdn.office.net/hashedassets-launcher/v3/ 378 B
1 KB 597ms
237ms Image
image/svg+xml 23.205.104.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://statics.teams.cdn.office.net/hashedassets-launcher/v3/microsoft_logo.3c5fb2e769272b22e31e2535162f6a38.svg
Requested by: Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.104.12 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-205-104-12.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3ea31966de64eb2b53b74e9bf9d0f5aa1e28967ee904df3883717d94aae13b68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

content-md5: 4Vtg955apN0Apdujdtm7Jw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
etag: "0x8DADF8398C9FE9F"
report-to: {"group":"NelMSTeams","max_age":604800,"endpoints":[{"url":"https://teams.nel.measure.office.net/api/report?cat=teams"}]}
x-ms-lease-state: available
date: Wed, 05 Nov 2025 09:45:24 GMT
content-disposition
content-type: image/svg+xml
last-modified: Fri, 16 Dec 2022 16:35:52 GMT
cache-control: public, max-age=29981953
nel: {"report_to":"NelMSTeams","max_age":604800,"failure_fraction":0.2,"success_fraction":0.001}
timing-allow-origin: *
akamai-request-id: 0.1edcda17.1762335924.de25291
x-ms-request-id: 2dcfaeac-501e-0068-7516-407468000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 378
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
0 1ms
1ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: login.sharepoint.online.collaboration.document.center.vendequecompro.com
URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 4937404
x-cache: HIT, HIT
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 465594, 146985
x-served-by: cache-lga21978-LGA, cache-lax-kwhp1940135-LAX
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1762335924.446118,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H2 200 sharepoint.jpg
login.sharepoint.online.collaboration.document.center.vendequecompro.com/ 7 KB
0 0ms
0ms Other
image/jpeg 69.10.62.42
IS-AS-1

General

Check archive.org

Download Go to

Full URL: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/sharepoint.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.10.62.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2051.is.cc
Software: LiteSpeed /
Resource Hash: 0aba68fe1c8b5a77fbd120d46ec794c0aaa21d7f6dc22a6d29c895346b6e91e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://login.sharepoint.online.collaboration.document.center.vendequecompro.com/

Response headers

cache-control: public, max-age=604800
expires: Wed, 12 Nov 2025 09:45:24 GMT
accept-ranges: bytes
content-length: 6670
date: Wed, 05 Nov 2025 09:45:24 GMT
content-type: image/jpeg
last-modified: Tue, 04 Nov 2025 08:19:35 GMT
server: LiteSpeed

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

4 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| toastr function| decodeUrlWithKey

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

astim.scanmera.com
cdnjs.cloudflare.com
code.jquery.com
login.sharepoint.online.collaboration.document.center.vendequecompro.com
statics.teams.cdn.office.net
104.17.25.14
104.21.40.58
151.101.130.137
23.205.104.12
69.10.62.42
0aba68fe1c8b5a77fbd120d46ec794c0aaa21d7f6dc22a6d29c895346b6e91e8
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
3ea31966de64eb2b53b74e9bf9d0f5aa1e28967ee904df3883717d94aae13b68
41c8b0c4705bd5ed39ac03b04dc7f330fe2aab114a876236688afcacddefc56c
6af0c4768b19158d515430df2dcebf8abd246de9c05029f00babe41ad2699b64
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

login.sharepoint.online.collaboration.document.center.vendequecompro.com Open in urlscan Pro 69.10.62.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

52 kBTransfer

238 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Window variables

0 Cookies

Indicators

login.sharepoint.online.collaboration.document.center.vendequecompro.com Open in urlscan Pro
69.10.62.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

52 kB
Transfer

238 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!