urlscan.io logo urlscan.io
SecurityTrails logo

live.teamvibes.org Open in urlscan Pro
45.83.123.245  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2ly.link/1z7wC
Effective URL: https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2f...
Submission: On August 05 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 45.83.123.245, located in Virgin Islands (British) and belongs to INTERNET-IT, VG. The main domain is live.teamvibes.org.
TLS certificate: Issued by E5 on July 22nd 2024. Valid for: 3 months.
This is the only time live.teamvibes.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 35.226.132.161 396982 (GOOGLE-CL...)
2 4 45.83.123.245 200313 (INTERNET-IT)
6 2620:1ec:29:1... 8075 (MICROSOFT...)
2 20.42.65.89 8075 (MICROSOFT...)
11 4
1    35.226.132.161 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.132.226.35.bc.googleusercontent.com
2ly.link
4    45.83.123.245 (Virgin Islands (British))

ASN200313 (INTERNET-IT, VG)
PTR: teamvibes.org
outlook.teamvibes.org
live.teamvibes.org
6    2620:1ec:29:1::72 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
logincdn.msauth.net
2    20.42.65.89 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
6 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 6694
283 KB
4 teamvibes.org
outlook.teamvibes.org
live.teamvibes.org
34 KB
2 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 144
761 B
1 2ly.link
2ly.link
514 B
11 4
Domain Requested by
6 logincdn.msauth.net live.teamvibes.org
logincdn.msauth.net
2 browser.events.data.microsoft.com logincdn.msauth.net
2 live.teamvibes.org live.teamvibes.org
2 outlook.teamvibes.org 2 redirects
1 2ly.link 1 redirects
11 5

This site contains no links.

Subject Issuer Validity Valid
live.teamvibes.org
E5		 2024-07-22 -
2024-10-20		 3 months crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-07 -
2025-06-02		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-31 -
2025-03-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Frame ID: B12AA0308F9F4045527EFD1FFC8E7529
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your Microsoft account

Page URL History Show full URLs

  1. https://2ly.link/1z7wC HTTP 302
    https://outlook.teamvibes.org/messages HTTP 302
    https://outlook.teamvibes.org/owa/?nlp=1 HTTP 302
    https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&w... Page URL

Page Statistics

11
Requests

91 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

314 kB
Transfer

1046 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2ly.link/1z7wC HTTP 302
    https://outlook.teamvibes.org/messages HTTP 302
    https://outlook.teamvibes.org/owa/?nlp=1 HTTP 302
    https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.srf
live.teamvibes.org/
Redirect Chain
  • https://2ly.link/1z7wC
  • https://outlook.teamvibes.org/messages
  • https://outlook.teamvibes.org/owa/?nlp=1
  • https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45...
27 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.83.123.245 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
teamvibes.org
Software
/
Resource Hash
3b6bc5c8cbe41e920aa3c65d3028c6e336919605c058f3c57a63bb1b57634b0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Aug 2024 11:22:21 GMT
Expires
Mon, 05 Aug 2024 11:21:22 GMT
Link
<https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Ppserver
PPV: 30 H: BL02EPF0001D944 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Dns-Prefetch-Control
on
X-Ms-Request-Id
2dc2a4c8-972f-4ef4-9c87-cde13696b902
X-Ms-Route-Info
C542_BL2

Redirect headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Aug 2024 11:22:21 GMT
Location
https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=AMS&RemoteIP=2a0d:1640:1::&Environment=MT"}],"include_subdomains":true}
Request-Id
f5520631-b695-51ce-bbcf-7bcba19e4e8e
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
X-Backend-Begin
2024-08-05T11:22:22.435
X-Backend-End
2024-08-05T11:22:22.450
X-Backendhttpstatus
302
X-Beserver
AM0PR0302MB3187
X-Besku
WCS5
X-Calculatedbetarget
AM0PR0302MB3187.eurprd03.prod.outlook.com
X-Diaginfo
AM0PR0302MB3187
X-Feefzinfo
AMS
X-Feproxyinfo
AM0PR03CA0075.EURPRD03.PROD.OUTLOOK.COM
X-Feserver
AM0PR03CA0075
X-Firsthopcafeefz
AMS
X-Owa-Diagnosticsinfo
8;0;0;
X-Proxy-Backendserverstatus
302
X-Proxy-Routingcorrectness
1
X-Rum-Notupdatequerieddbcopy
1
X-Rum-Notupdatequeriedpath
1
X-Rum-Validated
1
X-Ua-Compatible
IE=EmulateIE7
login_en-gb_z-uBFBC5mIQaWo8OI-Kcog2.js
logincdn.msauth.net/shared/5/js/ 		906 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/shared/5/js/login_en-gb_z-uBFBC5mIQaWo8OI-Kcog2.js
Requested by
Host: live.teamvibes.org
URL: https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5e4ea88b2dfa6cb21007f3ae8de1b93c1d8c9507a26f324eda0f1a7deb81934

Request headers

Referer
https://live.teamvibes.org/
Origin
https://live.teamvibes.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 11:22:23 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
67912908
content-length
233533
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jul 2024 00:00:31 GMT
etag
0x8DCA07350E60C12
x-azure-ref
20240805T112223Z-r16f76c6d84svlb45auzzsx4e00000000h4000000000g28r
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
58677a25-801e-0006-4913-dd1f92000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
3aebbdafc809ccea95d4f2bf89103b71cd8b7088464da235f37441b5109b199a.js
live.teamvibes.org/s/ 		796 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.teamvibes.org/s/3aebbdafc809ccea95d4f2bf89103b71cd8b7088464da235f37441b5109b199a.js
Requested by
Host: live.teamvibes.org
URL: https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.83.123.245 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
teamvibes.org
Software
/
Resource Hash
cf30989945dba9c1e5753f67d92d41d7790f0874e6a565920ddf87d71735a92d

Request headers

Referer
https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
close
Transfer-Encoding
chunked
Content-Type
application/javascript
oneds-analytics-js_c176266d237b7f729fc3_en-gb.js
logincdn.msauth.net/shared/5/chunks/ 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_c176266d237b7f729fc3_en-gb.js
Requested by
Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/5/js/login_en-gb_z-uBFBC5mIQaWo8OI-Kcog2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a9af6e809994d66001711db34bdc4c56de0cf415840cf68fceed14553baeb0f

Request headers

Referer
https://live.teamvibes.org/
Origin
https://live.teamvibes.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 11:22:23 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
67912908
content-length
32829
x-ms-lease-status
unlocked
last-modified
Sat, 30 Mar 2024 01:22:58 GMT
etag
0x8DC5057EF22CDEB
x-azure-ref
20240805T112223Z-r16f76c6d84svlb45auzzsx4e00000000h4000000000g296
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
113120c9-a01e-0027-5590-dda32d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msauth.net/shared/5/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Requested by
Host: live.teamvibes.org
URL: https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://live.teamvibes.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 11:22:23 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
67912908
content-length
1435
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:25 GMT
etag
0x8DB772562988611
x-azure-ref
20240805T112223Z-r16f76c6d84w6g2dqwaz3rgs980000000m3g00000000kpdf
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3b19c022-a01e-0055-1080-daa462000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19d.svg
logincdn.msauth.net/shared/5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
Requested by
Host: live.teamvibes.org
URL: https://live.teamvibes.org/login.srf?wa=wsignin1.0&rpsnv=157&ct=1722856942&rver=7.0.6738.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d8e01dfd1-e69d-6cfa-45aa-71d194693235&id=292841&aadredir=1&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://live.teamvibes.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 11:22:23 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
673
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:22 GMT
etag
0x8DB7725611C3E0C
x-azure-ref
20240805T112223Z-r16f76c6d84w6g2dqwaz3rgs980000000m3g00000000kpdg
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3b6e4086-b01e-0031-7871-d9ef8d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
3aebbdafc809ccea95d4f2bf89103b71cd8b7088464da235f37441b5109b199a
live.teamvibes.org/s/ 		0
0
favicon.ico
logincdn.msauth.net/16.000.30293.2/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000.30293.2/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://live.teamvibes.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 11:22:23 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
67912908
content-length
17174
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jul 2024 22:25:13 GMT
etag
0x8DCA12F2B0BA035
x-azure-ref
20240805T112223Z-r16f76c6d84w6g2dqwaz3rgs980000000m3g00000000kpdk
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
8b92d8ef-c01e-006c-30ad-dc5f7e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin_options_4e48046ce74f4b89d450.svg
logincdn.msauth.net/shared/5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://live.teamvibes.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 11:22:24 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
67912908
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:30 GMT
etag
0x8DB772565B93440
x-azure-ref
20240805T112224Z-r16f76c6d84w6g2dqwaz3rgs980000000m3g00000000kpdy
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1d7ab833-801e-0065-33af-dc6d12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_c176266d237b7f729fc3_en-gb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.65.89 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a32c99bb90ee1cd8c3d4f2ac3df6d85c4869b6cad2f1618ae7f48de23d800985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1722856945962
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://live.teamvibes.org/
apikey
69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Aug 2024 11:22:26 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1552
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://live.teamvibes.org
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.65.89 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://live.teamvibes.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://live.teamvibes.org
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Mon, 05 Aug 2024 11:22:26 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
live.teamvibes.org
URL
https://live.teamvibes.org/s/3aebbdafc809ccea95d4f2bf89103b71cd8b7088464da235f37441b5109b199a

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PROOF object| ServerData function| $Loader object| g_dtFirstByte function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime function| getRedirect object| __dynProto$Gbl

16 Cookies

Domain/Path Name / Value
.teamvibes.org/ Name: adfd-f50b
Value: 3aebbdafc809ccea95d4f2bf89103b71cd8b7088464da235f37441b5109b199a
outlook.teamvibes.org/ Name: ClientId
Value: AE0612587E054A40B2B8D30BA1C78E25
.teamvibes.org/ Name: logonLatency
Value: LGN01=638584537424352722
outlook.teamvibes.org/ Name: exchangecookie
Value: e2fbaf6db9d348688e7be8b2784c7cad
outlook.teamvibes.org/ Name: RpsCsrfState.1NAT0Ej_jmK1sZF2p21Jk2gpwKSkGU4Rq1oqLnwbIyw
Value: 8e01dfd1-e69d-6cfa-45aa-71d194693235
outlook.teamvibes.org/ Name: X-OWA-RedirectHistory
Value: AhR7n8MBObg-4EC13Ag
.live.teamvibes.org/ Name: uaid
Value: 7fbb077847d24ab7ac9ca83da3979637
.live.teamvibes.org/ Name: MSPRequ
Value: id=292841&lt=1722856942&co=1
.live.teamvibes.org/ Name: MSCC
Value: 45.83.123.245-NL
.live.teamvibes.org/ Name: MSPOK
Value: $uuid-c92e53b6-6bec-41f3-b1a3-c2b6b744d28b
.live.teamvibes.org/ Name: OParams
Value: 11O.Dsiq*T6omoJAIra0G9cXr2JtPp!BhIgCyYyClZ7QRGOJgW6h7QwE6RSLUwSbPwKZz7XMcowPDQ56PfT3dqEgKZ!ArkFm*QCaKTaUaHYkahnTHMencULS3xGmuj0wIE7EtKbf5S9MXTDuWU45FPiVB99!iNbVzQxPLYAaG5fRzA9UOX6SMzscC95JZIjjkxM8sp2TWIg3NssHyvPIfHw0qiEDTGwNSOHGlkWSQKd2a*j2I4A14tRcp1NQM5Wvd39DHHiMwdHfjzllpRnUZr2h4!ZZ0FbaWv528rSpX*gGvzqn0PSN5Z5k!jYu0FTnrheya8bLhQNPTUTfy!l3yEIdB74qTHGx*pWofLYfTCBCBvsA8CkjwIhKzjpzbP5mQqoNwdPU!EHm0ogyv!lYR*NxrZeIyqpQpAFaul1K44CGRdpL
live.teamvibes.org/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 9b5b358e-919f-432e-a264-756850bdc8fe
live.teamvibes.org/ Name: ai_session
Value: 3A51k9NM65gZVyx4S3kiVX|1722856943951|1722856943951
.microsoft.com/ Name: MC1
Value: GUID=20088e0e959a48e996c8d9728eff3ed9&HASH=2008&LV=202408&V=4&LU=1722856947514
.microsoft.com/ Name: MS0
Value: b5c30bf1d0ae4077a49c069d79fda018
live.teamvibes.org/ Name: MSFPC
Value: GUID=20088e0e959a48e996c8d9728eff3ed9&HASH=2008&LV=202408&V=4&LU=1722856947514