urlscan.io logo urlscan.io
SecurityTrails logo

ocprq.martinrobbin.com Open in urlscan Pro
159.223.169.40  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hnrvrve.martinrobbin.com/
Effective URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%...
Submission: On June 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 159.223.169.40, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is ocprq.martinrobbin.com.
TLS certificate: Issued by R11 on June 28th 2024. Valid for: 3 months.
This is the only time ocprq.martinrobbin.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 20 159.223.169.40 14061 (DIGITALOC...)
7 2a02:26f0:480... 20940 (AKAMAI-ASN1)
24 2
Domain Requested by
11 jrhte.martinrobbin.com ocprq.martinrobbin.com
jrhte.martinrobbin.com
7 r4.res.office365.com mejeff.martinrobbin.com
3 ocprq.martinrobbin.com htejre.martinrobbin.com
2 mejeff.martinrobbin.com 1 redirects jrhte.martinrobbin.com
1 hrvetbr.martinrobbin.com ocprq.martinrobbin.com
1 htejre.martinrobbin.com ocprq.martinrobbin.com
1 meheff.martinrobbin.com 1 redirects
1 hnrvrve.martinrobbin.com 1 redirects
24 8

This site contains links to these domains. Also see Links.

Domain
mejeff.martinrobbin.com
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
ocprq.martinrobbin.com
R11		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Frame ID: FE3A2980E4914E8E34307B3FB9520BE9
Requests: 16 HTTP requests in this frame

Frame: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Frame ID: EE340470F075819FC0DA0DE8D873F1FA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Outlook anmelden

Page URL History Show full URLs

  1. https://hnrvrve.martinrobbin.com/ HTTP 302
    https://meheff.martinrobbin.com/bkZMWINh HTTP 302
    https://mejeff.martinrobbin.com/owa/ HTTP 302
    https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
  2. https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

8
Subdomains

2
IPs

2
Countries

1895 kB
Transfer

4005 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hnrvrve.martinrobbin.com/ HTTP 302
    https://meheff.martinrobbin.com/bkZMWINh HTTP 302
    https://mejeff.martinrobbin.com/owa/ HTTP 302
    https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM Page URL
  2. https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hnrvrve.martinrobbin.com/ HTTP 302
  • https://meheff.martinrobbin.com/bkZMWINh HTTP 302
  • https://mejeff.martinrobbin.com/owa/ HTTP 302
  • https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authorize
ocprq.martinrobbin.com/common/oauth2/
Redirect Chain
  • https://hnrvrve.martinrobbin.com/
  • https://meheff.martinrobbin.com/bkZMWINh
  • https://mejeff.martinrobbin.com/owa/
  • https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0000...
26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
cc0dec04bf94a2575ec62051b567ec0a6bcf5c1601cd4a57121360be96373706

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jun 2024 18:07:03 GMT
Expires
-1
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Ms-Ests-Server
2.1.18399.9 - WUS3 ProdSlices
X-Ms-Request-Id
60dcc8a7-f063-4f7c-9821-6a5056e80200
X-Ms-Srs
1.P

Redirect headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jun 2024 18:07:03 GMT
Location
https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ&RemoteIP=159.223.169.0&Environment=MT"}],"include_subdomains":true}
Request-Id
27771c6e-5e97-0bfd-6044-d6f94c471479
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
X-Backend-Begin
2024-06-28T18:07:04.246
X-Backend-End
2024-06-28T18:07:04.246
X-Backendhttpstatus
302 302
X-Beserver
SA1PR13MB5418
X-Besku
WCS7
X-Calculatedbetarget
SA1PR13MB5418.namprd13.PROD.OUTLOOK.COM
X-Calculatedfetarget
SA1P222CU007.internal.outlook.com
X-Diaginfo
SA1PR13MB5418
X-Feefzinfo
MNZ
X-Feproxyinfo
BL1PR13CA0198.NAMPRD13.PROD.OUTLOOK.COM
X-Feserver
SA1P222CA0157 BL1PR13CA0198
X-Firsthopcafeefz
MNZ
X-Owa-Diagnosticsinfo
2;0;0
X-Proxy-Backendserverstatus
302
X-Proxy-Routingcorrectness
1
X-Rum-Notupdatequerieddbcopy
1
X-Rum-Notupdatequeriedpath
1
X-Rum-Validated
1
X-Ua-Compatible
IE=EmulateIE7
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
htejre.martinrobbin.com/shared/1.0/content/js/ 		138 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htejre.martinrobbin.com/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Requested by
Host: ocprq.martinrobbin.com
URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
ECAcc (nyd/D19A) /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:05 GMT
Content-Md5
PV+8QYbvRbBN6L+LpoYZZw==
Age
2579709
Transfer-Encoding
chunked
X-Cache
HIT
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Fri, 24 May 2024 22:12:32 GMT
Server
ECAcc (nyd/D19A)
Etag
0x8DC7C3E9BFAA7DE
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
c0c2c256-e01e-0095-580f-b23a5b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
Primary Request authorize
ocprq.martinrobbin.com/common/oauth2/ 		44 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Requested by
Host: htejre.martinrobbin.com
URL: https://htejre.martinrobbin.com/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a6c08edf1d86f9cb8ad09a67bd05a92f7665ea9778f646e66c85828f10c1d872

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jun 2024 18:07:05 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Dns-Prefetch-Control
on
X-Ms-Ests-Server
2.1.18399.9 - WUS3 ProdSlices
X-Ms-Request-Id
3db1448d-0ccf-4844-bcc3-bfb7572e0200
X-Ms-Srs
1.P
favicon.ico
ocprq.martinrobbin.com/ 		0
680 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ocprq.martinrobbin.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 18:07:05 GMT
Referrer-Policy
strict-origin-when-cross-origin
X-Ms-Srs
1.P
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Transfer-Encoding
chunked
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
X-Ms-Request-Id
3c91fedd-a4ce-42a9-b20e-606c32919700
Cache-Control
private
Connection
close
X-Ms-Ests-Server
2.1.18348.7 - NCUS ProdSlices
Me.htm
hrvetbr.martinrobbin.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://hrvetbr.martinrobbin.com/Me.htm?v=3
Requested by
Host: ocprq.martinrobbin.com
URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
jrhte.martinrobbin.com/ests/2.1/content/cdnbundles/ 		111 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jrhte.martinrobbin.com/ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
Requested by
Host: ocprq.martinrobbin.com
URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:06 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Thu, 16 May 2024 00:58:09 GMT
Etag
0x8DC754341030FA7
X-Azure-Ref
20240628T180706Z-157bfc59976brdspzs6h43btvn00000004z000000000kus7
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Ms-Request-Id
1e0eefff-201e-000c-2969-c51187000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
ConvergedLogin_PCore_Kjlmc42uL0ATl_21eYcwVg2.js
jrhte.martinrobbin.com/shared/1.0/content/js/ 		437 KB
437 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/js/ConvergedLogin_PCore_Kjlmc42uL0ATl_21eYcwVg2.js
Requested by
Host: ocprq.martinrobbin.com
URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a34b2c38d8892663d93c38171daaeca65dc800bfb6e71aee024ade965e64d149

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:06 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Mon, 10 Jun 2024 23:03:53 GMT
Etag
0x8DC89A199648BCC
X-Azure-Ref
20240628T180706Z-157bfc59976wmxnhd3euvu5bkg00000007tg00000000hcfs
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
abf2fb63-201e-000c-2a79-c81187000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
jrhte.martinrobbin.com/ests/2.1/content/cdnbundles/ 		61 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.martinrobbin.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
Requested by
Host: ocprq.martinrobbin.com
URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:06 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 29 May 2024 00:49:48 GMT
Etag
0x8DC7F793DB52758
X-Azure-Ref
20240628T180706Z-157bfc59976wmxnhd3euvu5bkg00000007tg00000000hcfr
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
de3292b0-201e-001c-80dc-c8a1a5000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
jrhte.martinrobbin.com/shared/1.0/content/js/asyncchunk/ 		219 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
Requested by
Host: jrhte.martinrobbin.com
URL: https://jrhte.martinrobbin.com/shared/1.0/content/js/ConvergedLogin_PCore_Kjlmc42uL0ATl_21eYcwVg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:07 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Thu, 28 Mar 2024 21:22:21 GMT
Etag
0x8DC4F6D2782F92A
X-Azure-Ref
20240628T180707Z-157bfc59976wmxnhd3euvu5bkg00000007tg00000000hch0
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
202ce4fb-c01e-0046-1b77-c5cc83000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
prefetch.aspx
mejeff.martinrobbin.com/owa/ Frame EE34 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mejeff.martinrobbin.com/owa/prefetch.aspx
Requested by
Host: jrhte.martinrobbin.com
URL: https://jrhte.martinrobbin.com/shared/1.0/content/js/ConvergedLogin_PCore_Kjlmc42uL0ATl_21eYcwVg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0a6aee6765ba6c9a2ce4c7cab14e2d266f2a191e0af749ea341a1aeee4d3861

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ocprq.martinrobbin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Cache-Control
private, no-store
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jun 2024 18:07:06 GMT
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ&RemoteIP=159.223.169.0&Environment=MT"}],"include_subdomains":true}
Request-Id
f6b75ecd-6646-7de4-63f4-0df6a7151bdd
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Backend-Begin
2024-06-28T18:07:07.657
X-Backend-End
2024-06-28T18:07:07.657
X-Backendhttpstatus
200 200
X-Beserver
BN7PR13MB2371
X-Besku
WCS5
X-Calculatedbetarget
BN7PR13MB2371.namprd13.prod.outlook.com
X-Calculatedfetarget
BN9PR03CU019.internal.outlook.com
X-Diaginfo
BN7PR13MB2371
X-Feefzinfo
MNZ
X-Feproxyinfo
BL1PR13CA0198.NAMPRD13.PROD.OUTLOOK.COM
X-Feserver
BN9PR03CA0514 BL1PR13CA0198
X-Firsthopcafeefz
MNZ
X-Owa-Diagnosticsinfo
3;0;0
X-Owa-Version
15.20.7719.25
X-Proxy-Backendserverstatus
200
X-Proxy-Routingcorrectness
1
X-Rum-Notupdatequerieddbcopy
1
X-Rum-Notupdatequeriedpath
1
X-Rum-Validated
1
X-Ua-Compatible
IE=EmulateIE7
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/15.20.7719.26/scripts/ Frame EE34 		648 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/scripts/boot.worldwide.0.mouse.js
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:44:24 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
179692
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/15.20.7719.26/scripts/ Frame EE34 		644 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/scripts/boot.worldwide.1.mouse.js
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:44:13 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
163064
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/15.20.7719.26/scripts/ Frame EE34 		647 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/scripts/boot.worldwide.2.mouse.js
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:44:25 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
169666
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/15.20.7719.26/scripts/ Frame EE34 		645 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/scripts/boot.worldwide.3.mouse.js
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:44:14 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
145599
sprite1.mouse.png
r4.res.office365.com/owa/prem/15.20.7719.26/resources/images/0/ Frame EE34 		132 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/resources/images/0/sprite1.mouse.png
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:54:32 GMT
server
AkamaiNetStorage
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
132
sprite1.mouse.css
r4.res.office365.com/owa/prem/15.20.7719.26/resources/images/0/ Frame EE34 		994 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/resources/images/0/sprite1.mouse.css
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:54:31 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
288
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/15.20.7719.26/resources/styles/0/ Frame EE34 		227 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/15.20.7719.26/resources/styles/0/boot.worldwide.mouse.css
Requested by
Host: mejeff.martinrobbin.com
URL: https://mejeff.martinrobbin.com/owa/prefetch.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:24::1726:6268 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mejeff.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:07:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jun 2024 17:55:01 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
44144
49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
jrhte.martinrobbin.com/shared/1.0/content/images/appbackgrounds/ 		987 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:42 GMT
Etag
0x8DB5C3F457E15E1
X-Azure-Ref
20240628T180708Z-157bfc59976brdspzs6h43btvn00000004z000000000kuxr
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Ms-Request-Id
a4d2eb4a-001e-005a-7296-c688b8000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
49_6ffe0a92d779c878835b40171ffc2e13.jpg
jrhte.martinrobbin.com/shared/1.0/content/images/appbackgrounds/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:42 GMT
Etag
0x8DB5C3F4584F323
X-Azure-Ref
20240628T180708Z-157bfc59976brdspzs6h43btvn00000004z000000000kuxs
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Ms-Request-Id
3f05a33f-701e-003d-4768-c51b94000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
53_7a3c80bf9694448bac31a9589d2e9e92.png
jrhte.martinrobbin.com/shared/1.0/content/images/applogos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:45 GMT
Etag
0x8DB5C3F475BAFC0
X-Azure-Ref
20240628T180708Z-157bfc59976brdspzs6h43btvn00000004z000000000kuxv
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Ms-Request-Id
73e126ff-a01e-0004-257b-c54996000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
jrhte.martinrobbin.com/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:48 GMT
Etag
0x8DB5C3F4911527F
X-Azure-Ref
20240628T180708Z-157bfc59976brdspzs6h43btvn00000004z000000000kuxu
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
1027e37f-801e-007e-0678-c5b583000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
jrhte.martinrobbin.com/shared/1.0/content/js/asyncchunk/ 		111 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
Requested by
Host: jrhte.martinrobbin.com
URL: https://jrhte.martinrobbin.com/shared/1.0/content/js/ConvergedLogin_PCore_Kjlmc42uL0ATl_21eYcwVg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Thu, 28 Mar 2024 21:22:22 GMT
Etag
0x8DC4F6D2855897D
X-Azure-Ref
20240628T180708Z-157bfc59976wmxnhd3euvu5bkg00000007tg00000000hcku
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-Ms-Request-Id
a6f31001-801e-007e-5887-c5b583000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
jrhte.martinrobbin.com/shared/1.0/content/images/ 		17 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Sun, 18 Oct 2020 03:02:03 GMT
Etag
0x8D8731230C851A6
X-Azure-Ref
20240628T180708Z-157bfc59976wmxnhd3euvu5bkg00000007tg00000000hckt
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
X-Ms-Request-Id
d8638ad4-501e-0013-2479-c528ba000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
jrhte.martinrobbin.com/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jrhte.martinrobbin.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.223.169.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocprq.martinrobbin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Ms-Blob-Type
BlockBlob
Date
Fri, 28 Jun 2024 18:07:08 GMT
Transfer-Encoding
chunked
X-Cache
TCP_HIT
X-Fd-Int-Roxy-Purgeid
4554691
Connection
close
X-Ms-Lease-Status
unlocked
Last-Modified
Wed, 24 May 2023 10:11:49 GMT
Etag
0x8DB5C3F49ED96E0
X-Azure-Ref
20240628T180708Z-157bfc59976zjhm6vgvm5vrzqs000000012000000000s80r
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Ms-Request-Id
4527c70b-001e-000e-5d77-c54783000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
X-Ms-Version
2009-09-19
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ function| lp function| _0x410e92 function| _0x5778 function| _0x4864 function| checkElement3 function| checkElement function| checkElement2 boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8

18 Cookies

Domain/Path Name / Value
.martinrobbin.com/ Name: eHLJ
Value: 35baff6293533976fc1a4c6e96bff8877f037c43482a1f21cdeda5fb0c3285d9
mejeff.martinrobbin.com/ Name: ClientId
Value: 6E31886402A643D18959FDDF900128DD
mejeff.martinrobbin.com/ Name: OIDC
Value: 1
mejeff.martinrobbin.com/ Name: OpenIdConnect.nonce.v3.7ElBmOtJbw-4f0r4rU1W1V8BoFe0RYxGE9W9SfOZlrY
Value: 638551948242461417.36165dbd-02e6-4735-9076-446db722bc42
mejeff.martinrobbin.com/ Name: X-OWA-RedirectHistory
Value: ArLym14B6SKgHZ2X3Ag
.ocprq.martinrobbin.com/ Name: esctx-P7vGA0Fg8Fo
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYWtolZeVxiYuTMKZ0yNIu1fmPktGe4H9edkykn4tSyafem9_103L6m8lsi4QP3rRLMB1xN7ZwUH6mg2Vy30SmAPXBt5WojsgUTBoBhOhW-43HENaW9KlseORTnhCtnMsEUzzna6Zb4xqcb13bxuJcHyAA
ocprq.martinrobbin.com/ Name: x-ms-gateway-slice
Value: estsfd
ocprq.martinrobbin.com/ Name: stsservicecookie
Value: estsfd
.ocprq.martinrobbin.com/ Name: AADSSO
Value: NA|NoExtension
ocprq.martinrobbin.com/ Name: SSOCOOKIEPULLED
Value: 1
ocprq.martinrobbin.com/ Name: buid
Value: 0.AS4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY48g8XrBMcMXUcnq3ubjImXXzyGQqVPydGi1XGR1gKGJ_YIB2yYe4k7tLrTn7A_i6YQ-z9bt_FgOEuh5LQV5dR8-K1cuHv2PGqdXAI7xYt2IgAA
.ocprq.martinrobbin.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYT1CgREDvtt17fdWoWoUe0iXIQ04yJt6IKFR8n6LqTc14Ae623r-M6p68jN4UsrumcAVOHFS7Prc5-4yAWGsgeSBjUEOIxiFSuttFeXqsb513FgZqqHUTmg6nCvkqGmV-AwJ9AWnb7jvWz27mbJ694IHtFRpTF1TOyQnxgaGhA5UgAA
.ocprq.martinrobbin.com/ Name: esctx-2nMJe4iMftg
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY4r-upYGwZi7kOFttwGSJnexY_rB25U-NN1Xj7q75bwKr5JKyiJjerG_p568ieoDLaI5YZrVy6VR3_ZbwsNhiCPE_G359kjopuwE_RO_BJQH5P_4tgybFEFHjCaT013o21l2SC26M9RndAH6cMfm3LCAA
ocprq.martinrobbin.com/ Name: fpc
Value: ArClco8zIwpPmPOt8tNzwVyerOTJAQAAAMnyEN4OAAAA
.hrvetbr.martinrobbin.com/ Name: uaid
Value: 11b433cac76a4f508b2e71e9341ee513
.hrvetbr.martinrobbin.com/ Name: MSPRequ
Value: id=N&lt=1719598026&co=1
.ocprq.martinrobbin.com/ Name: brcap
Value: 0
mejeff.martinrobbin.com/ Name: OWAPF
Value: v:15.20.7719.26&l:mouse

2 Console Messages

Source Level URL
Text
network error URL: https://ocprq.martinrobbin.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://ocprq.martinrobbin.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=27771c6e-5e97-0bfd-6044-d6f94c471479&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638551948242461417.36165dbd-02e6-4735-9076-446db722bc42&state=DYsxFoAgDMWKPo-D0PLbwnFEnB29vh2SlyWJiPZgC1INkVvrqjzQBQJjsJ_N2HTNlas8luFN86geBVvTReYNSfEe5f2u8gM&sso_reload=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hnrvrve.martinrobbin.com
hrvetbr.martinrobbin.com
htejre.martinrobbin.com
jrhte.martinrobbin.com
meheff.martinrobbin.com
mejeff.martinrobbin.com
ocprq.martinrobbin.com
r4.res.office365.com
159.223.169.40
2a02:26f0:480:24::1726:6268
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1f90c3543f5b76b8295a8d298dbce301d9c379027c128b47fda21e002638107f
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
58fa5e4a247076c76b9683f01fdf108f54ff88fda4221b2de376eb96d1f2ba2a
5f5adbc771d02801fb69961683d3ee1f50b7e9c8a66dc3f3cc86263a3f995c0d
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a0a6aee6765ba6c9a2ce4c7cab14e2d266f2a191e0af749ea341a1aeee4d3861
a34b2c38d8892663d93c38171daaeca65dc800bfb6e71aee024ade965e64d149
a6c08edf1d86f9cb8ad09a67bd05a92f7665ea9778f646e66c85828f10c1d872
cc0dec04bf94a2575ec62051b567ec0a6bcf5c1601cd4a57121360be96373706
d5238dcd5576de5c01381727798f579c4722e1c0b07f544135fbe537d7ccf94f
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898