mso-login.knyjbio.com
Open in
urlscan Pro
209.250.253.127
Malicious Activity!
Public Scan
Effective URL: https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true
Submission: On August 01 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 29th 2022. Valid for: 3 months.
This is the only time mso-login.knyjbio.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 18.66.97.88 18.66.97.88 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 201.217.243.22 201.217.243.22 | 263237 (PowerHost...) (PowerHost Telecom SPA) | |
1 | 165.73.80.50 165.73.80.50 | 37611 (Afrihost) (Afrihost) | |
63 | 209.250.253.127 209.250.253.127 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
80 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
walmart.onelink.me |
ASN263237 (PowerHost Telecom SPA, CL)
PTR: servidor.edumas.cl
ikk63a2jlh.edumas.cl |
ASN37611 (Afrihost, ZA)
PTR: 165-73-80-50.ip.afrihost.co.za
apclothing.co.za |
ASN20473 (AS-CHOOPA, US)
PTR: 209.250.253.127.vultrusercontent.com
mso-login.knyjbio.com | |
ll.knyjbio.com | |
aadcdn-msftauth-d1144925.knyjbio.com | |
portal-microsoftonline-d1144925.knyjbio.com | |
res-1-cdn-office-d1144925.knyjbio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
63 |
knyjbio.com
mso-login.knyjbio.com ll.knyjbio.com aadcdn-msftauth-d1144925.knyjbio.com portal-microsoftonline-d1144925.knyjbio.com res-1-cdn-office-d1144925.knyjbio.com wwwofc.knyjbio.com Failed |
1 MB |
1 |
apclothing.co.za
apclothing.co.za |
614 B |
1 |
edumas.cl
ikk63a2jlh.edumas.cl |
1 KB |
1 |
onelink.me
1 redirects
walmart.onelink.me — Cisco Umbrella Rank: 175470 |
328 B |
80 | 4 |
Domain | Requested by | |
---|---|---|
41 | res-1-cdn-office-d1144925.knyjbio.com |
portal-microsoftonline-d1144925.knyjbio.com
|
14 | aadcdn-msftauth-d1144925.knyjbio.com |
mso-login.knyjbio.com
aadcdn-msftauth-d1144925.knyjbio.com |
5 | mso-login.knyjbio.com |
apclothing.co.za
mso-login.knyjbio.com |
2 | portal-microsoftonline-d1144925.knyjbio.com |
aadcdn-msftauth-d1144925.knyjbio.com
portal-microsoftonline-d1144925.knyjbio.com |
1 | ll.knyjbio.com |
mso-login.knyjbio.com
|
1 | apclothing.co.za |
ikk63a2jlh.edumas.cl
|
1 | ikk63a2jlh.edumas.cl | |
1 | walmart.onelink.me | 1 redirects |
0 | wwwofc.knyjbio.com Failed |
portal-microsoftonline-d1144925.knyjbio.com
|
80 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
go-microsoft-d1144925.knyjbio.com |
www-ms.knyjbio.com |
privacy-microsoft-d1144925.knyjbio.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.apclothing.co.za R3 |
2022-06-08 - 2022-09-06 |
3 months | crt.sh |
knyjbio.com R3 |
2022-07-29 - 2022-10-27 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true
Frame ID: FCD65E8E7A589D896FDF26B6BE6D74DD
Requests: 22 HTTP requests in this frame
Frame:
https://portal-microsoftonline-d1144925.knyjbio.com/Prefetch/Prefetch.aspx
Frame ID: ACEB44334710C179C12631129FB53A1A
Requests: 57 HTTP requests in this frame
Frame:
https://wwwofc.knyjbio.com/prefetch/prefetch
Frame ID: 79732581B68336DB916CF7AC9CF016A2
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://walmart.onelink.me/UIev?c=Mobile%20Web%20App%20Banner&pid=Walmart.com&af_dp=walmart://&af_web_d...
HTTP 302
http://ikk63a2jlh.edumas.cl/?c=Mobile%20Web%20App%20Banner&pid=Walmart.com Page URL
- https://apclothing.co.za/cgi/ Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Benennen Sie Ihr persönliches Microsoft-Konto um.
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz & Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://walmart.onelink.me/UIev?c=Mobile%20Web%20App%20Banner&pid=Walmart.com&af_dp=walmart://&af_web_dp=http://ikk63a2jlh.edumas.cl/.
HTTP 302
http://ikk63a2jlh.edumas.cl/?c=Mobile%20Web%20App%20Banner&pid=Walmart.com Page URL
- https://apclothing.co.za/cgi/ Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://walmart.onelink.me/UIev?c=Mobile%20Web%20App%20Banner&pid=Walmart.com&af_dp=walmart://&af_web_dp=http://ikk63a2jlh.edumas.cl/. HTTP 302
- http://ikk63a2jlh.edumas.cl/?c=Mobile%20Web%20App%20Banner&pid=Walmart.com
80 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ikk63a2jlh.edumas.cl/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
apclothing.co.za/cgi/ |
425 B 614 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mso-login.knyjbio.com/ |
56 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
mso-login.knyjbio.com/ |
184 B 343 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mso-login.knyjbio.com/ |
279 KB 83 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
reportbssotelemetry
mso-login.knyjbio.com/common/instrumentation/ |
264 B 831 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
mso-login.knyjbio.com/ |
326 KB 79 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Me.htm
ll.knyjbio.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/js/ |
382 KB 109 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Prefetch.aspx
portal-microsoftonline-d1144925.knyjbio.com/Prefetch/ Frame ACEB |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_8363475333f6d315e7ae.js
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/js/ |
81 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
aadcdn-msftauth-d1144925.knyjbio.com/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
aadcdn-msftauth-d1144925.knyjbio.com/ests/2.1/content/cdnbundles/ |
0 15 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf.js
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/js/asyncchunk/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_20ead0268c36816fd612.js
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_account_aad_f83ebff69a4a1685e4dc9650cdab8886.svg
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg
aadcdn-msftauth-d1144925.knyjbio.com/shared/1.0/content/images/ |
379 B 686 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddedfonts.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
3 KB 685 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/admin/css/ Frame ACEB |
1 MB 193 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o365themedefault.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masterstyles15.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
92 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masterstyles15mvc.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
website.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home15.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assistancepanel.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conciergehelper.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signup16.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/content/css/ Frame ACEB |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adoption.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonhealthdashboard.css
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame ACEB |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webcontrols.png
res-1-cdn-office-d1144925.knyjbio.com/images/ Frame ACEB |
223 B 223 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
res-1-cdn-office-d1144925.knyjbio.com/Images/ Frame ACEB |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_bg_signup_office.jpg
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O365SharedClusteredImage.png
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
servicestatus.png
res-1-cdn-office-d1144925.knyjbio.com/images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
pagelayout_white_panel.jpg
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
pagelayout_mos_background_right.jpg
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
pagelayout_mos_background_left.jpg
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
pagelayout_nav_highlight.jpg
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
header_wizard_hl_mos.jpg
res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
list_bullet_5x5.gif
res-1-cdn-office-d1144925.knyjbio.com/Images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
spinner_16x16_metro.gif
res-1-cdn-office-d1144925.knyjbio.com/images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
spinner_24x24_metro.gif
res-1-cdn-office-d1144925.knyjbio.com/images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
signup_ms_logo.png
res-1-cdn-office-d1144925.knyjbio.com/shell/images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
o365_gallatin_logo.png
res-1-cdn-office-d1144925.knyjbio.com/shell/images/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
image1.jpg
res-1-cdn-office-d1144925.knyjbio.com/images/backgrounds/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
arrow_staticup_16.png
res-1-cdn-office-d1144925.knyjbio.com/images/scrollbar/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
arrow_staticdown_16.png
res-1-cdn-office-d1144925.knyjbio.com/images/scrollbar/ Frame ACEB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.axd
portal-microsoftonline-d1144925.knyjbio.com/ Frame ACEB |
23 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoftajaxcombined.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
223 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1_10_2_min.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/jquery/ Frame ACEB |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headbundle.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
81 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controlbundle.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
87 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angularlib.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
156 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angularextensions.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
1 MB 249 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adminbootstrap.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
527 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adminapp.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
679 KB 157 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mscorlib.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
listgrid.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame ACEB |
60 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
peoplepicker.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame ACEB |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
productkeycontrol.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame ACEB |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gridview.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame ACEB |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
netperf.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
searchbox.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
passwordstrengthmeter.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hipcontrol.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame ACEB |
38 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geminiwizard.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame ACEB |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webuivalidation.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrendsstream.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reporting.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assistancepanel.js
res-1-cdn-office-d1144925.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame ACEB |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
prefetch
wwwofc.knyjbio.com/prefetch/ Frame 7973 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/images/servicestatus.png
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/pagelayout_white_panel.jpg
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/pagelayout_mos_background_right.jpg
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/pagelayout_mos_background_left.jpg
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/pagelayout_nav_highlight.jpg
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/Shell/Images/header_wizard_hl_mos.jpg
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/Images/list_bullet_5x5.gif
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/images/spinner_16x16_metro.gif
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/images/spinner_24x24_metro.gif
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/shell/images/signup_ms_logo.png
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/shell/images/o365_gallatin_logo.png
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/images/backgrounds/image1.jpg
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/images/scrollbar/arrow_staticup_16.png
- Domain
- res-1-cdn-office-d1144925.knyjbio.com
- URL
- https://res-1-cdn-office-d1144925.knyjbio.com/images/scrollbar/arrow_staticdown_16.png
- Domain
- wwwofc.knyjbio.com
- URL
- https://wwwofc.knyjbio.com/prefetch/prefetch
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf boolean| __convergedlogin_pcustomizationloader_20ead0268c36816fd6124 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.knyjbio.com/ | Name: __hWgY Value: ZDExNDQ5MjUtZjdlMS00YTQxLTk3MGQtNDU3OGNjYWIxZjViOmEyOTIyMGU0LTViODgtNDk5Yi05ZDM2LTU4N2ZhM2IxYmMwOA== |
|
.mso-login.knyjbio.com/ | Name: AADSSO Value: NA|NoExtension |
|
mso-login.knyjbio.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
.mso-login.knyjbio.com/ | Name: brcap Value: 0 |
22 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn-msftauth-d1144925.knyjbio.com
apclothing.co.za
ikk63a2jlh.edumas.cl
ll.knyjbio.com
mso-login.knyjbio.com
portal-microsoftonline-d1144925.knyjbio.com
res-1-cdn-office-d1144925.knyjbio.com
walmart.onelink.me
wwwofc.knyjbio.com
res-1-cdn-office-d1144925.knyjbio.com
wwwofc.knyjbio.com
165.73.80.50
18.66.97.88
201.217.243.22
209.250.253.127
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1b81e667a70bd2b7c14e4a308a3bc08d6d0cdb36a3e1086aab9171867d3fd722
20a31d02e5c08450a7f2ad04a1d27baa658164bcb6fe22fd51451e17c0873abc
233ca3c04e50043a8d8375091a2a63cd9aaac1dd8ab182c5971d468b2190e169
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
28383c7e2db70923ffdabf9ea34e3666be26ebcd37120def4f5a0234e69e1246
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
382ffa068deb747a667d355fb79785af950a1b5f27a6bee0f1c97383f4cb1996
3c3e756be9379c8b7757922a3391d8572c13920b68cc3f13e56f36f96da5d2fb
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45687e475f460de37f64c7b5e3bdff1d3513c3091903ba62e896b70b7ec18a3f
5715cd42a647f28b941c38667ca176cc4601e48ce8d0561f62f5f9760277d230
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
6c922d369b8fd9d347ae23c3ef9f807640ce43ce10a39793d10316d262b72f40
6fedae5107f342161ba5b8dc77d5d20a77feec58a4417a4cb14c8baa883d157e
78f204fb7b794aad7425f3822f1c8c0107f0fa1442369a798aef0dc6bf35b40d
7b1669da90261cdb1483950bb480ad96875f84b09bc48d1055303ce94821bf64
811e2184acac6e3dc10851b5e1ddd6f431ab4feff39a4914ee487a961f7761db
85d15d3688e71a6831cdceaa3627be8ad2166c416790dab213cfca83e27609aa
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8bf973de8da0a1f7e9b64fbf8a19419b6b827b7f749652a3cf11edc1df08f721
8c05723b6df250c03284223be5d156b0e9def9d8239a82f685fcdd15ffaffec7
8dc4107571ba20983d62df95a23d5cabc961418c55b75a8ceb1437a83cc7ab3f
965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1
a0d9745b12cf929e8ceb934c7c0f70769382d97753be259b1915c309c458a337
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ba0691647985232beae5ae3ec67e44090bfaa40f3d9af4f8ea3fd826240ec3aa
bd46329a5ce91526655104a2a80989fc97adf3a0ba569b7eed5a96a02017eadb
c0b7806669c48e1ce336fca1f2dd25acbc77f37ad8e689d7233df21f5acdde3c
c489d4e375417ab56e3d1c18e5fbcf38e55f110f726eab15c0f3c8f99e00ce7d
c619da3f6bfcd466de3214fa3adf2465c26b993fe57fb396221b84c7482079a6
ca9861bafbb648a2641af5a99f253a684d585422cec3c8145d0bf1a8dc65806c
cc7d820f5220432d1265355e36f4c966025002aceaed015b2cfb5072b350d87b
ce9a4c8d5909d0786b05a52296c895f2599a140c548e4e144a1bd27417c91ad5
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
da9b69418a149d4472ca8dbbc35731c6651c8ddd4879d94c7d4e26865f5d7f4a
df61425dc2d2fedd4b5652b415de95a0b838cd60bff33ae409a14cfa561f40d8
dfc7822961a2c2ee31a2ce050f7b5c884da602f675255da7f0e72d9e573f895a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef719d3fa49c7e97febd3e1e354c2c0a83968f90d8660a74a12174a0f2101664
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f6aa682e1196bbeec9fa1ce5d4d9023599b7ca3eeaf971fcc6572b00f14d1120
f8b0801bbab88d61a16ef1227730e5ff065cf15eb785fe1caf2082614b66ab82