urlscan.io logo urlscan.io
SecurityTrails logo

lamejorcompra.es Open in urlscan Pro
104.21.19.80  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lamejorcompra.es/Pprime/office
Effective URL: http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000001-0000-0ff1-cf00-0...
Submission: On June 21 via automatic, source links-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 104.21.19.80, located in United States and belongs to CLOUDFLARENET, US. The main domain is lamejorcompra.es.
This is the only time lamejorcompra.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 5 104.21.19.80 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::42 8068 (MICROSOFT...)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
9 4
Apex Domain
Subdomains		 Transfer
5 office365.com
r4.res.office365.com
662 KB
5 lamejorcompra.es
lamejorcompra.es
384 KB
2 msauth.net
aadcdn.msauth.net
30 KB
9 3
Domain Requested by
5 r4.res.office365.com srcdoc
5 lamejorcompra.es 3 redirects
2 aadcdn.msauth.net lamejorcompra.es
9 3

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2021-04-07 -
2022-04-07		 a year crt.sh
*.res.outlook.com
Microsoft RSA TLS CA 02		 2021-01-20 -
2022-01-20		 a year crt.sh

This page contains 2 frames:

Primary Page: http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000001-0000-0ff1-cf00-000000000000&_pageLabel=page_logonform&_pageSession=decd68198d004108d1e9214fd3ce7a57
Frame ID: 7DD619FF814F1A704EBB958B4A57F5FA
Requests: 10 HTTP requests in this frame

Frame: https://r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/boot.worldwide.0.mouse.js
Frame ID: 0C974992C3E6B86749822B14DD10CEBF
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lamejorcompra.es/Pprime/office HTTP 301
    http://lamejorcompra.es/Pprime/office/ HTTP 302
    http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d HTTP 301
    http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/ Page URL
  2. http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

9
Requests

78 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1074 kB
Transfer

3713 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lamejorcompra.es/Pprime/office HTTP 301
    http://lamejorcompra.es/Pprime/office/ HTTP 302
    http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d HTTP 301
    http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/ Page URL
  2. http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000001-0000-0ff1-cf00-000000000000&_pageLabel=page_logonform&_pageSession=decd68198d004108d1e9214fd3ce7a57 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lamejorcompra.es/Pprime/office HTTP 301
  • http://lamejorcompra.es/Pprime/office/ HTTP 302
  • http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d HTTP 301
  • http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/
Redirect Chain
  • http://lamejorcompra.es/Pprime/office
  • http://lamejorcompra.es/Pprime/office/
  • http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d
  • http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/
199 B
938 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/
Protocol
HTTP/1.1
Server
104.21.19.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3087507289b08edce1903a0496078f562a5e47fbd42b4fea45033d494a9e8ea1

Request headers

Host
lamejorcompra.es
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 15:10:51 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Referrer-Policy
CF-Cache-Status
DYNAMIC
cf-request-id
0ad0b8e72d00004151ae33d000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5PBxksKngbNoVHF2F4BsjeMh4h4d1Sf7kdYvSg6uXxVp%2FyuVHfK%2BzPugIXWZj1HRKVFM7vS0qXsadwWBCrtwvydfD1XQXl%2BUUYnlz8OmmZRntIRks5Zbmfvg7u%2FYnA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
662e2a85198d4151-HAM
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Mon, 21 Jun 2021 15:10:51 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/
CF-Cache-Status
DYNAMIC
cf-request-id
0ad0b8e6dd000041517c863000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3ZjmDT4MQLtjdWKObfqEsE8QNbHzFRO4QYdx%2FBLsZHk3qcu3MwWLxVYWw%2BW3RxS%2BGAJNG2CZBM7VVXLVtAFzWQwT%2FimZjxDrclO2i7J82ndFsKASpcS%2BxpZ30xo8Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
662e2a849fa14151-HAM
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Primary Request authorize.php
lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/ 		826 KB
381 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000001-0000-0ff1-cf00-000000000000&_pageLabel=page_logonform&_pageSession=decd68198d004108d1e9214fd3ce7a57
Protocol
HTTP/1.1
Server
104.21.19.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcfe1e4623230e305f3994fedc7e13bb32e21f131d4ee7e06f9c37a69c6a983

Request headers

Host
lamejorcompra.es
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/

Response headers

Date
Mon, 21 Jun 2021 15:10:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Referrer-Policy
CF-Cache-Status
DYNAMIC
cf-request-id
0ad0b8e7a1000041517c883000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3BfcNyvI7osLvuBJN4yXLeAmAy2S0gfcVKz81OR6Ehxy6IbKy9ExzGmVQ0YsqyoC3BBmrMWgYldOLZnNBFGvZXACTNyIS%2FK4OGHQTgbHHKILmuT0yw6tExFYTfM81g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
662e2a85cc494151-HAM
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
converged.v2.login.min_50vzauwvxyzipxbkbzkzpg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_50vzauwvxyzipxbkbzkzpg2.css
Requested by
Host: lamejorcompra.es
URL: http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000001-0000-0ff1-cf00-000000000000&_pageLabel=page_logonform&_pageSession=decd68198d004108d1e9214fd3ce7a57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Jun 2021 15:10:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0KTnPYAAAAAA6b1w7BZrKQoC+KXxdr1b4TE9OMjFFREdFMTUwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
xlNGh4B09W+8khn0UZpq9w==
x-cache
TCP_HIT
content-length
18714
x-ms-lease-status
unlocked
last-modified
Wed, 18 Dec 2019 23:55:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D78415B7CDD900
x-azure-ref
0/KvQYAAAAAD5TTcBvHqYSL3mMWz6xmC+RlJBRURHRTEwMTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e1026574-601e-0029-6ed2-65d553000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_3afga6pstjh7f2bka__ixa2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_3afga6pstjh7f2bka__ixa2.js
Requested by
Host: lamejorcompra.es
URL: http://lamejorcompra.es/Pprime/office/08fd27ddf2318d0d1ed0a16cceb6587d/authorize.php?client_id=00000001-0000-0ff1-cf00-000000000000&_pageLabel=page_logonform&_pageSession=decd68198d004108d1e9214fd3ce7a57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Jun 2021 15:10:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0Aa/OYAAAAAD8L69FvoZmQZvlqy+p4sp1TE9OMjFFREdFMDIwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
UBOZypXc18MQ1TxoSOXDOQ==
x-cache
TCP_HIT
content-length
11112
x-ms-lease-status
unlocked
last-modified
Wed, 18 Dec 2019 23:58:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D784163F3FCE2D
x-azure-ref
0/KvQYAAAAABsXlN0VSfkR4ggP9ewpDisRlJBRURHRTEwMTQAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e15b595c-001e-003f-5868-659f7d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d587f6c48a9b22bbe97150249e0c0655ac1780bd273431480a22f8a5bfef6c

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		277 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		915 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		915 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

Referer
http://lamejorcompra.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/ Frame 0C97 		648 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/boot.worldwide.0.mouse.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2a1::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3d05d46146f38af96edee763df57892ccbf155494ab977c44b618fedb6d60f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 15:10:52 GMT
content-encoding
gzip
last-modified
Sat, 21 Dec 2019 09:08:43 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
179730
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/ Frame 0C97 		644 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/boot.worldwide.1.mouse.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2a1::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0a67653a09d3f3c540a0c0691af6b0bf5b7c76062ba27f79247707a958091e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 15:10:52 GMT
content-encoding
gzip
last-modified
Sat, 21 Dec 2019 09:08:41 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
163057
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/ Frame 0C97 		647 KB
167 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/boot.worldwide.2.mouse.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2a1::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93fb192d93946ff9f853be4d5c0c4f4a2cc0b9fb328e89dba7b14210136f844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 15:10:52 GMT
content-encoding
gzip
last-modified
Sat, 21 Dec 2019 09:08:44 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
169998
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/ Frame 0C97 		645 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3499.0.2717365/scripts/boot.worldwide.3.mouse.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2a1::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
314e50eeee61a62fa0c754173772948b40cab0463092bc834011f17fa05de594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 15:10:52 GMT
content-encoding
gzip
last-modified
Sat, 21 Dec 2019 09:08:41 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
timing-allow-origin
*
content-length
145699
sprite1.mouse.png
r4.res.office365.com/owa/prem/16.3499.0.2717365/resources/images/0/ Frame 0C97 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r4.res.office365.com/owa/prem/16.3499.0.2717365/resources/images/0/sprite1.mouse.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2a1::753 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 15:10:52 GMT
last-modified
Sat, 21 Dec 2019 09:04:43 GMT
server
AkamaiNetStorage
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=630720000, s-maxage=630720000
accept-ranges
bytes
timing-allow-origin
*
content-length
16664

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| savepage_ShadowLoader

0 Cookies