office.nlognviewnow.pro
Open in
urlscan Pro
174.138.66.185
Malicious Activity!
Public Scan
Effective URL: https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission Tags: falconsandbox
Submission: On June 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by E6 on June 26th 2024. Valid for: 3 months.
This is the only time office.nlognviewnow.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.149.206.255 34.149.206.255 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2606:4700:440... 2606:4700:4400::6812:2249 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
26 | 13.32.99.49 13.32.99.49 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700::68... 2606:4700::6812:80d8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 8 | 174.138.66.185 174.138.66.185 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
12 | 2620:1ec:bdf::60 2620:1ec:bdf::60 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
51 | 8 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 255.206.149.34.bc.googleusercontent.com
shoutout.wix.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-49.fra60.r.cloudfront.net
landing-pages-cdn.app-us1.com |
ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com | |
prism.app-us1.com |
ASN14061 (DIGITALOCEAN-ASN, US)
office.nlognviewnow.pro | |
react.nlognviewnow.pro | |
ywnjb.nlognviewnow.pro |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
app-us1.com
landing-pages-cdn.app-us1.com — Cisco Umbrella Rank: 507404 diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 10615 prism.app-us1.com — Cisco Umbrella Rank: 10731 |
223 KB |
12 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1015 |
282 KB |
8 |
nlognviewnow.pro
3 redirects
office.nlognviewnow.pro react.nlognviewnow.pro ywnjb.nlognviewnow.pro |
76 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
4 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1065 |
49 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
ac-page.com
purestars12990.ac-page.com |
11 KB |
1 |
wix.com
1 redirects
shoutout.wix.com — Cisco Umbrella Rank: 93706 |
547 B |
51 | 8 |
Domain | Requested by | |
---|---|---|
26 | landing-pages-cdn.app-us1.com |
purestars12990.ac-page.com
|
12 | aadcdn.msauth.net |
office.nlognviewnow.pro
aadcdn.msauth.net |
5 | office.nlognviewnow.pro |
2 redirects
purestars12990.ac-page.com
aadcdn.msftauth.net |
3 | fonts.googleapis.com |
purestars12990.ac-page.com
|
2 | ywnjb.nlognviewnow.pro |
office.nlognviewnow.pro
aadcdn.msauth.net |
1 | aadcdn.msftauth.net |
office.nlognviewnow.pro
|
1 | prism.app-us1.com |
diffuser-cdn.app-us1.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | react.nlognviewnow.pro | 1 redirects |
1 | diffuser-cdn.app-us1.com |
purestars12990.ac-page.com
|
1 | purestars12990.ac-page.com | |
1 | shoutout.wix.com | 1 redirects |
51 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
ywnjb.nlognviewnow.pro |
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ac-page.com E1 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.app-us1.com Amazon RSA 2048 M02 |
2023-11-04 - 2024-12-01 |
a year | crt.sh |
diffuser-cdn.app-us1.com E1 |
2024-05-28 - 2024-08-26 |
3 months | crt.sh |
office.nlognviewnow.pro E6 |
2024-06-26 - 2024-09-24 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
prism.app-us1.com E1 |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
ywnjb.nlognviewnow.pro E5 |
2024-06-26 - 2024-09-24 |
3 months | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-04-30 - 2025-04-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638550159072871906.NGJkZDNjN2EtODFkOC00YmEzLWExY2MtMjk3YTBiNzRmNjFhZjk0NzE0YmQtMGZmYS00Y2JmLTg5MDktY2I3NmYxZGZkZmVj&ui_locales=de-DE&mkt=de-DE&client-request-id=ae44f5df-9931-4708-9be2-ad3ca4a3bf53&state=AicVDgSG1zuY5OW4ndpH1Wy_WbvR-IhdlIkkg9n9fq1DrSLBKYt1eUxTkllJfMrXIhN3KBG5gwrm8DsrLpt9pgxg-PR5um_nzJSd07JGyQzt9HASrjdEOdhPDICAwTqwHCmKFAnN7nAX-h0_naHURgtTs9R2icjAhZjOXgQpLFnNiC7MFI3_yay7uEwc-VvjXBQAbRG2Vj8YLNJqTICG5je2bGkTBtErI-rxSbNCG-sVeibFjco1sqt46BKQYKM6ywc6CZ82s_DNKs0GD07Ohg&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true
Frame ID: B5C6FAF3EB136FA9AA7BCD0B482F290A
Requests: 50 HTTP requests in this frame
Frame:
https://ywnjb.nlognviewnow.pro/Me.htm?v=3
Frame ID: 1FE49988ACD987C460C3E14B0D1A067B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://shoutout.wix.com/so/f3P1KurDb/c?w=XBK3aClwB72Gt3oFnm_NbVucnBM2FcKBoJqXr2cCOZ8.eyJ1IjoiaHR0cHM...
HTTP 302
https://purestars12990.ac-page.com/shdjmszbnjs Page URL
-
https://office.nlognviewnow.pro/OJbiuyFF
HTTP 302
https://office.nlognviewnow.pro/ HTTP 302
https://react.nlognviewnow.pro/login HTTP 302
https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
- https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
Detected technologies
Paths.js (JavaScript Graphics) ExpandDetected patterns
- paths(?:\.min)?\.js
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
GSAP (JavaScript frameworks) Expand
Detected patterns
- TweenMax(?:\.min)?\.js
Lodash (JavaScript Libraries) Expand
Detected patterns
- lodash.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Erstellen Sie jetzt eins!
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://shoutout.wix.com/so/f3P1KurDb/c?w=XBK3aClwB72Gt3oFnm_NbVucnBM2FcKBoJqXr2cCOZ8.eyJ1IjoiaHR0cHM6Ly9wdXJlc3RhcnMxMjk5MC5hYy1wYWdlLmNvbS9zaGRqbXN6Ym5qcyIsInIiOiJiZWVjNThmMi0wNWE3LTQwZTItNjEzOC02OWUxMzdmOGFlNGIiLCJtIjoibWFpbCIsImMiOiJlZDQ5ZmRkMC02YjcxLTQ1MjgtODA0ZC1lMzc0N2M4MjZiNmQifQ
HTTP 302
https://purestars12990.ac-page.com/shdjmszbnjs Page URL
-
https://office.nlognviewnow.pro/OJbiuyFF
HTTP 302
https://office.nlognviewnow.pro/ HTTP 302
https://react.nlognviewnow.pro/login HTTP 302
https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638550159072871906.NGJkZDNjN2EtODFkOC00YmEzLWExY2MtMjk3YTBiNzRmNjFhZjk0NzE0YmQtMGZmYS00Y2JmLTg5MDktY2I3NmYxZGZkZmVj&ui_locales=de-DE&mkt=de-DE&client-request-id=ae44f5df-9931-4708-9be2-ad3ca4a3bf53&state=AicVDgSG1zuY5OW4ndpH1Wy_WbvR-IhdlIkkg9n9fq1DrSLBKYt1eUxTkllJfMrXIhN3KBG5gwrm8DsrLpt9pgxg-PR5um_nzJSd07JGyQzt9HASrjdEOdhPDICAwTqwHCmKFAnN7nAX-h0_naHURgtTs9R2icjAhZjOXgQpLFnNiC7MFI3_yay7uEwc-VvjXBQAbRG2Vj8YLNJqTICG5je2bGkTBtErI-rxSbNCG-sVeibFjco1sqt46BKQYKM6ywc6CZ82s_DNKs0GD07Ohg&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0 Page URL
- https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638550159072871906.NGJkZDNjN2EtODFkOC00YmEzLWExY2MtMjk3YTBiNzRmNjFhZjk0NzE0YmQtMGZmYS00Y2JmLTg5MDktY2I3NmYxZGZkZmVj&ui_locales=de-DE&mkt=de-DE&client-request-id=ae44f5df-9931-4708-9be2-ad3ca4a3bf53&state=AicVDgSG1zuY5OW4ndpH1Wy_WbvR-IhdlIkkg9n9fq1DrSLBKYt1eUxTkllJfMrXIhN3KBG5gwrm8DsrLpt9pgxg-PR5um_nzJSd07JGyQzt9HASrjdEOdhPDICAwTqwHCmKFAnN7nAX-h0_naHURgtTs9R2icjAhZjOXgQpLFnNiC7MFI3_yay7uEwc-VvjXBQAbRG2Vj8YLNJqTICG5je2bGkTBtErI-rxSbNCG-sVeibFjco1sqt46BKQYKM6ywc6CZ82s_DNKs0GD07Ohg&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://shoutout.wix.com/so/f3P1KurDb/c?w=XBK3aClwB72Gt3oFnm_NbVucnBM2FcKBoJqXr2cCOZ8.eyJ1IjoiaHR0cHM6Ly9wdXJlc3RhcnMxMjk5MC5hYy1wYWdlLmNvbS9zaGRqbXN6Ym5qcyIsInIiOiJiZWVjNThmMi0wNWE3LTQwZTItNjEzOC02OWUxMzdmOGFlNGIiLCJtIjoibWFpbCIsImMiOiJlZDQ5ZmRkMC02YjcxLTQ1MjgtODA0ZC1lMzc0N2M4MjZiNmQifQ HTTP 302
- https://purestars12990.ac-page.com/shdjmszbnjs
- https://office.nlognviewnow.pro/OJbiuyFF HTTP 302
- https://office.nlognviewnow.pro/ HTTP 302
- https://react.nlognviewnow.pro/login HTTP 302
- https://office.nlognviewnow.pro/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638550159072871906.NGJkZDNjN2EtODFkOC00YmEzLWExY2MtMjk3YTBiNzRmNjFhZjk0NzE0YmQtMGZmYS00Y2JmLTg5MDktY2I3NmYxZGZkZmVj&ui_locales=de-DE&mkt=de-DE&client-request-id=ae44f5df-9931-4708-9be2-ad3ca4a3bf53&state=AicVDgSG1zuY5OW4ndpH1Wy_WbvR-IhdlIkkg9n9fq1DrSLBKYt1eUxTkllJfMrXIhN3KBG5gwrm8DsrLpt9pgxg-PR5um_nzJSd07JGyQzt9HASrjdEOdhPDICAwTqwHCmKFAnN7nAX-h0_naHURgtTs9R2icjAhZjOXgQpLFnNiC7MFI3_yay7uEwc-VvjXBQAbRG2Vj8YLNJqTICG5je2bGkTBtErI-rxSbNCG-sVeibFjco1sqt46BKQYKM6ywc6CZ82s_DNKs0GD07Ohg&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
shdjmszbnjs
purestars12990.ac-page.com/ Redirect Chain
|
47 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1023 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
27 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
landing-pages-cdn.app-us1.com/vendor/jquery/dist/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.min.js
landing-pages-cdn.app-us1.com/vendor/lodash/ |
71 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lz-string.min.js
landing-pages-cdn.app-us1.com/vendor/lz-string/libs/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
landing-pages-cdn.app-us1.com/vendor/angular/ |
174 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
URI.min.js
landing-pages-cdn.app-us1.com/vendor/urijs/src/ |
47 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-cookies.min.js
landing-pages-cdn.app-us1.com/vendor/angular-cookies/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-animate.min.js
landing-pages-cdn.app-us1.com/vendor/angular-animate/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngStorage.min.js
landing-pages-cdn.app-us1.com/vendor/ngstorage/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TweenMax.min.js
landing-pages-cdn.app-us1.com/vendor/gsap/src/minified/ |
113 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
landing-pages-cdn.app-us1.com/core/ |
107 B 480 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
services.js
landing-pages-cdn.app-us1.com/core/services/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
services.modal.js
landing-pages-cdn.app-us1.com/core/services/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
services.paths.js
landing-pages-cdn.app-us1.com/core/services/ |
786 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
directives.js
landing-pages-cdn.app-us1.com/core/directives/ |
34 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
directives.countdown.js
landing-pages-cdn.app-us1.com/core/directives/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
directives.parallax.js
landing-pages-cdn.app-us1.com/core/directives/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
directives.scratch.js
landing-pages-cdn.app-us1.com/core/directives/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
directives.background-video.js
landing-pages-cdn.app-us1.com/core/directives/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
filters.js
landing-pages-cdn.app-us1.com/core/filters/ |
33 B 406 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animations.js
landing-pages-cdn.app-us1.com/core/animations/ |
36 B 407 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
landing-pages-cdn.app-us1.com/analytics/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
landing-pages-cdn.app-us1.com/app/ |
217 B 611 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.controllers.js
landing-pages-cdn.app-us1.com/app/ |
183 B 556 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.config.js
landing-pages-cdn.app-us1.com/app/ |
210 B 604 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.templates.js
landing-pages-cdn.app-us1.com/app/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
landing-pages-cdn.app-us1.com/app/ |
41 B 434 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ |
41 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
office.nlognviewnow.pro/common/oauth2/v2.0/ Redirect Chain
|
21 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
prism.app-us1.com/ |
0 314 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
office.nlognviewnow.pro/common/oauth2/v2.0/ |
45 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
office.nlognviewnow.pro/ |
0 680 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
ywnjb.nlognviewnow.pro/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_HynxqeZdtbyHDb4R-n7Odg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
437 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
61 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
ywnjb.nlognviewnow.pro/ Frame 1FE4 |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ function| lp boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c821 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wix.com/ | Name: XSRF-TOKEN Value: 1719419104|gLqygvcTB-qT |
|
.ac-page.com/ | Name: __cfruid Value: 5392e382b15c83346ea5293dd927257e514767cd-1719419105 |
|
.nlognviewnow.pro/ | Name: 79a9-1b90 Value: e5380f568c72189b4f18dbb475d79c5a50d8e17fa36885aac102bbb221a780b5 |
|
prism.app-us1.com/ | Name: prism_1003220428 Value: df64772e-64ea-46a2-a474-71cf5b689b10 |
|
office.nlognviewnow.pro/ | Name: x-ms-gateway-slice Value: estsfd |
|
office.nlognviewnow.pro/ | Name: stsservicecookie Value: estsfd |
|
react.nlognviewnow.pro/ | Name: OH.DCAffinity Value: OH-eus |
|
react.nlognviewnow.pro/ | Name: OH.FLID Value: aa5fa8dd-e194-4652-aae1-7e83382476b8 |
|
react.nlognviewnow.pro/ | Name: .AspNetCore.OpenIdConnect.Nonce.dqy0a3_pkm0fR0dFOmo8-tY8NcAyTO_DDBJN0kq7vI3xUWlIL0YPhAjfaxsXgCvWAwOkPEM7HviGHfpPH6GxSMJCzNgYTCfVT44pGI_fDbYQl70m6MUdTW-ppflzPNRZ4scAqpZGKGUwSHzrKQOduf8acaMisb7QT7T2-zw4aogZDulx2xxvVj54R58KiDXWC3UdyUsXdD-nIQ5uiRimiyUhoQv77mx0bBYCaye7IKKJcOY-CSziLDX9EeD8Fnl- Value: N |
|
react.nlognviewnow.pro/ | Name: .AspNetCore.Correlation.JeQYehLp6-fGqvPfzkCo1o3gFHM-VLABHW9Z6-SLwhs Value: N |
|
.nlognviewnow.pro/ | Name: MUID Value: 07173757DCFD6BAD33D823FDDDFC6ACC |
|
.office.nlognviewnow.pro/ | Name: esctx-cF8FUGLE8BA Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY-Hwird57Vzy0ZBq4sKzDeIyb7nb24Bjov-acIkwULSvsx26kw2NVfC9lrmHGcfY9_ExcEPSskbzXV88tF-K9qyedf5IpA2-2xq3uWK9fl6njmGqorgyJKjty2yNoj4gzsDn9UqKAMkYewMuswZTWsCAA |
|
.office.nlognviewnow.pro/ | Name: AADSSO Value: NA|NoExtension |
|
office.nlognviewnow.pro/ | Name: SSOCOOKIEPULLED Value: 1 |
|
office.nlognviewnow.pro/ | Name: buid Value: 0.AXUAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY5rlyR0qCf8cLDONTQSX0WeKt2b24nKUzRpHyn9352bNuTzmfiz9TTpAFvnK5D6nWFxOzzgpuFGJ597ETGPr2i3DIZZqGiO3sQrcQ80gKccMgAA |
|
.office.nlognviewnow.pro/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYt1yC8pPK-oe3qyX_m9DKVvpTJUmlMA0IZAG6_NcaDqTLGw_mDkEL2joaTQh-QNRoUBNuaIieHEMVxuDp9RqzZf2x6MmqHow8i3S-1G-xYYmny0G8-TGS110onddVf1D3YHxLStebUUUJcjKT1Sm_uixpOe_t0JvEN-B4IdrtJU8gAA |
|
.office.nlognviewnow.pro/ | Name: esctx-RsHNZgjePs8 Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYA3iJXsJnH1aTXKxEsd_dyjwspdwYQM_EqoOvd_i4nI5382-lMaXgNBN-vjdlf_0iKesAtje4adB4kwHOV27tqPynvlY6y8b04hqB_eWAiUry25vCxqYclbHShASPb7C8V8tK3dTfBPgRFIisFfWpFSAA |
|
office.nlognviewnow.pro/ | Name: fpc Value: AkrEPYObYW5MtsvPe1c7XfG8Ae7AAQAAAOM3Dt4OAAAA |
|
.office.nlognviewnow.pro/ | Name: brcap Value: 0 |
|
.ywnjb.nlognviewnow.pro/ | Name: uaid Value: 1685c575c4d74d42bd39ddebdc062114 |
|
.ywnjb.nlognviewnow.pro/ | Name: MSPRequ Value: id=N<=1719419109&co=1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
landing-pages-cdn.app-us1.com
office.nlognviewnow.pro
prism.app-us1.com
purestars12990.ac-page.com
react.nlognviewnow.pro
shoutout.wix.com
ywnjb.nlognviewnow.pro
13.32.99.49
174.138.66.185
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:2249
2606:4700::6812:80d8
2620:1ec:bdf::60
2a00:1450:4001:809::200a
2a00:1450:4001:813::2003
34.149.206.255
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
04e2853193cb2766a21222cbe47e5d76e8e778b700b9dedb12a8a8e805e019b9
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
23804c857c0f312172654571928d8945eb9585b94f6d4be9c59a37eae054c0fd
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
7c4d524da831af235775ddf4b63560d918dec06749a961c9c8cd794005898def
7ef75ae3aad363044c20352ecbc5b1cb3c88e74dec726e5565af59f9bfc340ba
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
88ae81949d2a30a87f03bb65424966f8d7e43ca03a4a6162788d999e68a7da1c
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9432afb4df571b9d5e8af8db21ea3c1bca6aaab918467611df5332bcd1b029c1
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bb74a463df1b9de82f189f5e63c2a36ad84dad5616716a87fea647d533825bd0
c1ce68afd739796143f9b88c1199a4e7340a0357cd53748da2f900a3a5e75dc8
da27aa1c4c207ff999201b589ae81b56b22ae29984313092a3e3aec94154c8fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98322eaefda85e63beffc1bb99a34ac7d57a1184fce816afa308a3450d6a2bd