login-live.com-secure.net Open in urlscan Pro
78.47.159.0  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login-live.com-secure.net/de/	5 KB 6 KB	132ms 37ms	Document text/html	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 5aa8caa7067efbf51232832298b337582c00619f968de5ca4325b1885cf2b68b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Host login-live.com-secure.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx/1.14.2 Date Tue, 13 Jul 2021 20:56:24 GMT Content-Type text/html Content-Length 5463 Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Connection keep-alive ETag "60e2c190-1557" Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Referrer-Policy strict-origin Accept-Ranges bytes
GET H/1.1	200 OK	bootstrap.min.css login-live.com-secure.net/assets/bootstrap/css/	138 KB 138 KB	45ms 44ms	Stylesheet text/css	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/bootstrap/css/bootstrap.min.css Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 46b4721c80749cc5e1ec6cf4c5fec78a2c51fdfc4ee9c94f2223cdaf4fbd8ced Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-22646" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 140870 X-Content-Type-Options nosniff
GET H/1.1	200 OK	fontawesome-all.min.css login-live.com-secure.net/assets/fonts/	40 KB 40 KB	117ms 52ms	Stylesheet text/css	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/fonts/fontawesome-all.min.css Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash fd702d8d6882cc47c74308ec46b1476035492c3d887741b279bb830c49b9b2bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-a033" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 41011 X-Content-Type-Options nosniff
GET H/1.1	200 OK	material-icons.min.css login-live.com-secure.net/assets/fonts/	667 B 1 KB	106ms 34ms	Stylesheet text/css	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/fonts/material-icons.min.css Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 3b1570b5ff9ff35087c117c63a418199a11c6eeaf6954846b297b7bf95496129 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-29b" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 667 X-Content-Type-Options nosniff
GET H/1.1	200 OK	typicons.min.css login-live.com-secure.net/assets/fonts/	15 KB 15 KB	128ms 52ms	Stylesheet text/css	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/fonts/typicons.min.css Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 8660ed12799916f277ccbb1fa1ba74dc2483dffa91089998ddfed5a9feb32200 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-3a89" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 14985 X-Content-Type-Options nosniff
GET H/1.1	200 OK	styles.min.css login-live.com-secure.net/assets/css/	4 KB 4 KB	111ms 36ms	Stylesheet text/css	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/css/styles.min.css Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash e6d320e78607a6fef00f912cc201d2745e38271aedae23cfa9a0b7823542cc2d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-fc4" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 4036 X-Content-Type-Options nosniff
GET H/1.1	200 OK	info.svg login-live.com-secure.net/assets/img/	338 B 709 B	37ms 37ms	Image image/svg+xml	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login-live.com-secure.net/assets/img/info.svg Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash e78098c9d55fcd196acc23bb905e94881fbe157504e9c179f23ae85399e28682 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-152" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 338 X-Content-Type-Options nosniff
GET H/1.1	200 OK	question.svg login-live.com-secure.net/assets/img/	2 KB 2 KB	34ms 34ms	Image image/svg+xml	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login-live.com-secure.net/assets/img/question.svg Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-613" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1555 X-Content-Type-Options nosniff
GET H/1.1	200 OK	_version.js Show response login-live.com-secure.net/assets/js/	80 B 458 B	116ms 38ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/js/_version.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 00646f48f5303963be9bc2f08c1a91de77d21cd4b564832b4c35230f468aa746 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:24:13 GMT Server nginx/1.14.2 ETag "60e2c1ad-50" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 80 X-Content-Type-Options nosniff
GET H/1.1	200 OK	5.19.2-sentry.min.js Show response login-live.com-secure.net/assets/js/	57 KB 57 KB	37ms 37ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/js/5.19.2-sentry.min.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 7aaaa9db626b93b7f3f84506642bad0e32f1d914ce151d4f23ac88317b58705f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:45 GMT Server nginx/1.14.2 ETag "60e2c191-e260" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 57952 X-Content-Type-Options nosniff
GET H/1.1	200 OK	jquery.min.js Show response login-live.com-secure.net/assets/js/	85 KB 85 KB	47ms 46ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/js/jquery.min.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:45 GMT Server nginx/1.14.2 ETag "60e2c191-15282" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 86658 X-Content-Type-Options nosniff
GET H/1.1	200 OK	bootstrap.min.js Show response login-live.com-secure.net/assets/bootstrap/js/	69 KB 69 KB	54ms 54ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/bootstrap/js/bootstrap.min.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 928f97f310d8f768c5e3d521e3b1ce2cff156f9cc60c5d09fad772f4a2c43f52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-1141a" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 70682 X-Content-Type-Options nosniff
GET H/1.1	200 OK	lang.js Show response login-live.com-secure.net/assets/js/	19 KB 20 KB	58ms 57ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/js/lang.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 0acca0c94ebaa625ffffc6650a8942c9feeb3e42739df5bdf36435613917d8a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-4d35" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 19765 X-Content-Type-Options nosniff
GET H/1.1	200 OK	main.js Show response login-live.com-secure.net/assets/js/	1 KB 2 KB	34ms 34ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/js/main.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash ab21975975bc50565bb8c3c547e29ffaea99a1f70ddddd1328a016ab83cc1dc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-5b5" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1461 X-Content-Type-Options nosniff
GET H/1.1	200 OK	bundle.min.js Show response login-live.com-secure.net/assets/js/	11 KB 11 KB	33ms 33ms	Script application/javascript	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login-live.com-secure.net/assets/js/bundle.min.js Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 16338693257207afecfd0db0881700330f25d2efec43463e330a98dd206c9256 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:45 GMT Server nginx/1.14.2 ETag "60e2c191-2c63" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 11363 X-Content-Type-Options nosniff
GET H/1.1	200 OK	ip Show response api.sosafe.de/v1/user/	77 B 650 B	137ms 46ms	XHR application/json	116.203.230.3 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.sosafe.de/v1/user/ip Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/assets/js/5.19.2-sentry.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.230.3 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.3.230.203.116.clients.your-server.de Software nginx / Resource Hash e9f51290c7050c5bd66a45c9fb34ee8ccdf2b95e9f16551a37d496ca4d508ecd Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:24 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none X-DNS-Prefetch-Control off Connection keep-alive Content-Length 77 X-XSS-Protection 0 Referrer-Policy no-referrer Server nginx ETag W/"4d-AMmnFyvD6yGR7Kqbsp8LnkKBpx0" Expect-CT max-age=0 X-Frame-Options SAMEORIGIN X-Download-Options noopen Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true
GET H/1.1	200 OK	info Show response api.sosafe.de/v1/report/	675 B 1 KB	51ms 50ms	XHR application/json	116.203.230.3 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.sosafe.de/v1/report/info?code=4221b072335df1ca05ed685b3632c506 Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/assets/js/5.19.2-sentry.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.230.3 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.3.230.203.116.clients.your-server.de Software nginx / Resource Hash ecc9012fe5c421149acf0e70eccfefe4979ef2fd2887db1a9452bff6fdbe99ba Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:25 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none X-DNS-Prefetch-Control off Connection keep-alive Content-Length 675 X-XSS-Protection 0 Referrer-Policy no-referrer Server nginx ETag W/"2a3-mMNN3V2cLhlQMu1/ignp9BEvGXU" Expect-CT max-age=0 X-Frame-Options SAMEORIGIN X-Download-Options noopen Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true
GET H/1.1	200 OK	report Show response api.sosafe.de/v1/	11 KB 12 KB	193ms 141ms	XHR application/json	116.203.230.3 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.sosafe.de/v1/report?code=4221b072335df1ca05ed685b3632c506&type=2 Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/assets/js/5.19.2-sentry.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.230.3 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.3.230.203.116.clients.your-server.de Software nginx / Resource Hash e2fc95a542d2220697a5b576425c8f1d543d1c3c60d7013237929b8f5313bc60 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:25 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none X-DNS-Prefetch-Control off Connection keep-alive Content-Length 11418 X-XSS-Protection 0 Referrer-Policy no-referrer Server nginx ETag W/"2c9a-h3aEIicDVAQ+MFfu3+R0mAnNRd8" Expect-CT max-age=0 X-Frame-Options SAMEORIGIN X-Download-Options noopen Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true
GET H/1.1	200 OK	1.png login-live.com-secure.net/assets/img/	642 KB 642 KB	40ms 40ms	Image image/png	78.47.159.0 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login-live.com-secure.net/assets/img/1.png Requested by Host: login-live.com-secure.net URL: https://login-live.com-secure.net/de/?code=4221b072335df1ca05ed685b3632c506 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.47.159.0 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web.sosafe.de Software nginx/1.14.2 / Resource Hash 81c4f50096d17e8cdfe9c95d5996af25efba6d081462ddd068a1014fd7cd28d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host login-live.com-secure.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://login-live.com-secure.net/ Connection keep-alive Referer https://login-live.com-secure.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 20:56:25 GMT Referrer-Policy strict-origin Last-Modified Mon, 05 Jul 2021 08:23:44 GMT Server nginx/1.14.2 ETag "60e2c190-a06fb" Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 657147 X-Content-Type-Options nosniff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| soSafeSentryBuild object| Sentry object| __SENTRY__ function| $ function| jQuery object| bootstrap object| soSafeDictionary function| hasFinishedLoading function| onCodeInfoLoaded function| stylePageRtl object| CONSTANTS_DEV object| CONSTANTS_PROD object| CONSTANTS_STAGE object| CONSTANTS function| isDevelopmentEnvironment function| isStagingEnvironment function| isProductionEnvironment function| initPage function| getPage function| getUserIp function| getInfoForCode function| sendReportCall function| translate function| initLang function| setEventListeners function| findGetParameter string| soSafeLanguage string| infopage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sosafe.de
login-live.com-secure.net
116.203.230.3
78.47.159.0
00646f48f5303963be9bc2f08c1a91de77d21cd4b564832b4c35230f468aa746
0acca0c94ebaa625ffffc6650a8942c9feeb3e42739df5bdf36435613917d8a2
16338693257207afecfd0db0881700330f25d2efec43463e330a98dd206c9256
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
3b1570b5ff9ff35087c117c63a418199a11c6eeaf6954846b297b7bf95496129
46b4721c80749cc5e1ec6cf4c5fec78a2c51fdfc4ee9c94f2223cdaf4fbd8ced
5aa8caa7067efbf51232832298b337582c00619f968de5ca4325b1885cf2b68b
7aaaa9db626b93b7f3f84506642bad0e32f1d914ce151d4f23ac88317b58705f
81c4f50096d17e8cdfe9c95d5996af25efba6d081462ddd068a1014fd7cd28d4
8660ed12799916f277ccbb1fa1ba74dc2483dffa91089998ddfed5a9feb32200
928f97f310d8f768c5e3d521e3b1ce2cff156f9cc60c5d09fad772f4a2c43f52
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
ab21975975bc50565bb8c3c547e29ffaea99a1f70ddddd1328a016ab83cc1dc7
e2fc95a542d2220697a5b576425c8f1d543d1c3c60d7013237929b8f5313bc60
e6d320e78607a6fef00f912cc201d2745e38271aedae23cfa9a0b7823542cc2d
e78098c9d55fcd196acc23bb905e94881fbe157504e9c179f23ae85399e28682
e9f51290c7050c5bd66a45c9fb34ee8ccdf2b95e9f16551a37d496ca4d508ecd
ecc9012fe5c421149acf0e70eccfefe4979ef2fd2887db1a9452bff6fdbe99ba
fd702d8d6882cc47c74308ec46b1476035492c3d887741b279bb830c49b9b2bf