msoftnetworkaus013.blob.core.windows.net Open in urlscan Pro
52.239.137.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Submission: On July 30 via manual (July 30th 2019, 7:50:39 am UTC) from NL

Summary HTTP 21 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 52.239.137.100, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is msoftnetworkaus013.blob.core.windows.net.
TLS certificate: Issued by Microsoft IT TLS CA 1 on May 1st 2019. Valid for: 2 years.

This is the only time msoftnetworkaus013.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
11	52.239.137.100 52.239.137.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
8	2a02:26f0:6c0... 2a02:26f0:6c00:283::35c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::35c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.190.129.2 20.190.129.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
21	4

11 52.239.137.100 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

msoftnetworkaus013.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:283::35c1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::35c1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.129.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	windows.net msoftnetworkaus013.blob.core.windows.net	41 KB
9	microsoftonline-p.com secure.aadcdn.microsoftonline-p.com	301 KB
1	microsoftonline.com login.microsoftonline.com	553 B
21	3

	Domain	Requested by
11	msoftnetworkaus013.blob.core.windows.net	msoftnetworkaus013.blob.core.windows.net secure.aadcdn.microsoftonline-p.com
9	secure.aadcdn.microsoftonline-p.com	msoftnetworkaus013.blob.core.windows.net
1	login.microsoftonline.com	secure.aadcdn.microsoftonline-p.com
21	3

This site contains links to these domains. Also see Links.

Domain
login.microsoftonline.com
passwordreset.microsoftonline.com
login.live.com
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft IT TLS CA 1	`2019-05-01` - `2021-05-01`	2 years	crt.sh
secure.aadcdn.microsoftonline-p.com Microsoft IT TLS CA 4	`2019-07-17` - `2021-07-17`	2 years	crt.sh
stamp2.login.microsoftonline.com Microsoft IT TLS CA 1	`2018-09-24` - `2020-09-24`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Frame ID: 99174F6CA1D53C69B9AF1968DB4E219B
Requests: 20 HTTP requests in this frame

Frame: https://msoftnetworkaus013.blob.core.windows.net/aus/xxmicrosoftonline_files/prefetch.html
Frame ID: 0AF5A8A11707A018190B744CB8BF8297
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Microsoft HTTPAPI (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

343 kB
Transfer

571 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://login.microsoftonline.com/login.srf?wa=wsignin1.0&rpsnv=4&ct=1499405334&rver=6.7.6640.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.office365.com%2fowa%2f%3fRpsCsrfState%3d4910423f-6239-8b2b-5e89-0d1ce1ed0172&id=260563&CBCXT=out&msafed=0&client-request-id=3965f448-e5de-4e00-b4c2-c5401632f918
Title: Try it now

Search URL Search Domain Scan URL

URL: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAeNisFLPKCkpKLbS188vLcnJz8_Wy09Ly0xONTYz1UvOz9XLL0rPTAGxopiBCoqEuAQ8vqRa3nvK4Lfl0FEHMaOfEqsYlfAaoZ9fnqh_gZFxExO7r5NnfHCwzwmmy5_5bzEJ-hele6aEF7ulpqQWJZZk5uddYBF4xcJjwGzFwcElwCDBoMDwg4VxESvQUtvKt1-ZWtt9euOyFHL1tRhOseqnJ5dGOJlnOzm6BVn4JQeaexi5OAWVVJiH-LilmjhFeASFpJeWVJWWezka2BpaGU5gE5rAxnSKjWEXZwhh99oHFRQ7FxelBZcklqTamlgaGpgYGafpmhkZW-paJBkl6ZqmWljqGqQYJqcapqYYGJobAQA1&mkt=en-US&hosted=0&device_platform=Windows+10
Title: Can’t access your account?

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAeNisFLPKCkpKLbS188vLcnJz8_Wy09Ly0xONTYz1UvOz9XLL0rPTAGxopiBCoqEuAQ8vqRa3nvK4Lfl0FEHMaOfEqsYlfAaoZ9fnqh_gZFxExO7r5NnfHCwzwmmy5_5bzEJ-hele6aEF7ulpqQWJZZk5uddYBF4xcJjwGzFwcElwCDBoMDwg4VxESvQUtvKt1-ZWtt9euOyFHL1tRhOseqnJ5dGOJlnOzm6BVn4JQeaexi5OAWVVJiH-LilmjhFeASFpJeWVJWWezka2BpaGU5gE5rAxnSKjWEXZwhh99oHFRQ7FxelBZcklqTamlgaGpgYGafpmhkZW-paJBkl6ZqmWljqGqQYJqcapqYYGJobAQA1&id=&cbcxt=out&uaid=3965f448e5de4e00b4c2c5401632f918&pcexp=false&popupui=
Title: Sign in with a Microsoft account

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & Cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request home.html Show response
msoftnetworkaus013.blob.core.windows.net/aus/ 39 KB
39 KB 1246ms
43ms Document
text/html 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a893d9f01ec10a282aa73acf3dfcd092a1c7e0ec1ffcb972e1942ff2d859a844

Request headers

Host: msoftnetworkaus013.blob.core.windows.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Length: 39637
Content-Type: text/html
Last-Modified: Thu, 18 Jul 2019 14:02:47 GMT
ETag: 0x8D70B889D07C761
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f701ad2f-401e-009a-13ab-46234a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2019 07:50:22 GMT

GET
H/1.1 200
OK login.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 22 KB
5 KB 10ms
8ms Stylesheet
text/css 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/login.min.css

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

1cb99b8f6ef91cab65770c9233f5a9db4e461d1c39c2e561c8606e3994eb1a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 10:00:31 GMT
Content-MD5: kWZAWCshmJ7GwpEv5MDUtg==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570550
Connection: keep-alive
Content-Length: 4943

GET
H/1.1 404
The specified blob does not exist. jquery.1.11.min.js.download
msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/ 0
0 60ms
37ms Script
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/jquery.1.11.min.js.download
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Origin: https://msoftnetworkaus013.blob.core.windows.net

Response headers

x-ms-request-id: f701ad3a-401e-009a-1cab-46234a000000
Date: Tue, 30 Jul 2019 07:50:22 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK aad.login.min.js Show response
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 176 KB
43 KB 11ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2bf::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/aad.login.min.js

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

6ae8b5dd36bc17d5372ea5e78901009118e6f7c9d10538a7c30b7a04d488fe98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Origin: https://msoftnetworkaus013.blob.core.windows.net

Response headers

Date: Tue, 30 Jul 2019 07:50:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 10:00:39 GMT
Content-MD5: LsFmMggU7MHe3JFAZKSnWg==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570550
Connection: keep-alive
Content-Length: 43789

GET
H/1.1 404
The specified blob does not exist. heroillustration
msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/ 215 B
215 B 96ms
37ms Image
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/heroillustration
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 25e17f9e5ae968bc923d60866404ffaff62818e9ae5c00ce5b4aaeba2331348f

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id: f701ad3e-401e-009a-20ab-46234a000000
Date: Tue, 30 Jul 2019 07:50:22 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 89 B
454 B 7ms
6ms Stylesheet
text/css 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/login_hover.min.css

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 10:00:15 GMT
Content-MD5: k+LdzPr5J17LuCAOBMVTBQ==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570550
Connection: keep-alive
Content-Length: 82

GET
H/1.1 404
The specified blob does not exist. bannerlogo
msoftnetworkaus013.blob.core.windows.net/aus/xxmicrosoftonline_files/ 215 B
215 B 144ms
37ms Image
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/xxmicrosoftonline_files/bannerlogo
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6da594d1f0578855ff35b39479545de017ef5ed5c0977ccf51a30c3bc6cd8dc8

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id: f701ad4b-401e-009a-2bab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 404
The specified blob does not exist. close.png
msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/ 215 B
215 B 142ms
37ms Image
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/close.png
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9fdd49d9ea099ea427f6322a686b9d174e13fdc82cc250e1fabfd7caaf9da34c

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id: f701ad4f-401e-009a-2fab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 404
The specified blob does not exist. bannerlogo
msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/ 215 B
215 B 181ms
38ms Image
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/bannerlogo
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fa4cc5704653039de1dfc36eca72b85e49702a36aea46edd139016ca10b2b60e

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id: f701ad62-401e-009a-3fab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK microsoft_logo.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/images/ 1 KB
1 KB 25ms
25ms Image
image/png 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/images/microsoft_logo.png

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:23 GMT
Last-Modified: Sat, 18 May 2019 10:00:33 GMT
Content-MD5: 7ZyesNzhfXUr7eprWs2m2Q==
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570550
Connection: keep-alive
Content-Length: 1057

GET
H/1.1 404
The specified blob does not exist. jquery.1.11.min.js.download
msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/ 0
0 219ms
37ms Script
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/jquery.1.11.min.js.download
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id: f701ad77-401e-009a-53ab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 404
The specified blob does not exist. prefetch.html Show response
msoftnetworkaus013.blob.core.windows.net/aus/xxmicrosoftonline_files/ Frame 0AF5 215 B
490 B 63ms
36ms Document
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/xxmicrosoftonline_files/prefetch.html
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2e24e29564dd05d39ac382fb539068b9034a15b4f9c302a92d7360a32f391c6d

Request headers

Host: msoftnetworkaus013.blob.core.windows.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Response headers

Content-Length: 215
Content-Type: application/xml
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f701ad43-401e-009a-25ab-46234a000000
x-ms-version: 2009-09-19
Date: Tue, 30 Jul 2019 07:50:23 GMT

GET
H/1.1 404
The specified blob does not exist. jquery.1.11.min.js.download
msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/ 0
0 40ms
39ms Script
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/aus/microsoftonline_files/jquery.1.11.min.js.download
Requested by: Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-ms-request-id: f701ad8b-401e-009a-65ab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK watsonsupport.min.js Show response
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 108 KB
38 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 09:59:56 GMT
Content-MD5: uh+HH+n7/grQTOu2+tsxCg==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570549
Connection: keep-alive
Content-Length: 38473

GET
H/1.1 200
OK frameworksupport.min.js Show response
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 12 KB
5 KB 26ms
25ms Script
application/x-javascript 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/frameworksupport.min.js

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

28fc6d7aad53bdadbf261065679f33162d224ccc3a3058eaa903ca1957386f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 09:59:55 GMT
Content-MD5: ozTmQtEh5tzHeeYuGZhr5g==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570550
Connection: keep-alive
Content-Length: 5035

GET
H/1.1 200
OK watson.min.js Show response
secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/ 10 KB
4 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watson.min.js

Requested by

Host: msoftnetworkaus013.blob.core.windows.net
URL: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

fe9b30b90e759478adc4edc39bc41bed8f106a4df34dec65558d495cbb44dd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 May 2019 09:59:54 GMT
Content-MD5: 5pDiCuXDnJmIS75OdPn+/A==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=570550
Connection: keep-alive
Content-Length: 4160

POST
H/1.1 405
The resource doesn't support specified Http Verb. watson Show response
msoftnetworkaus013.blob.core.windows.net/common/handlers/ 237 B
506 B 35ms
34ms XHR
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/common/handlers/watson
Requested by: Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 80b9f87ae64341413e900b3de2fc0b14dcf3c0c818281fe568dcd065049dd065

Request headers

Origin: https://msoftnetworkaus013.blob.core.windows.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
client-request-id: 3965f448-e5de-4e00-b4c2-c5401632f918
canary: AQABAAAAAABnfiG-mA6NTae7CdWW7QfdkP9IzD6Ek9AmyFuTpRnxhY6jFtdYy7OzLDboMpHirUE9tbkiQPtmwW8wNWCrxi8RCmzF2vFvdZTtMWj3h6ZezLntPwknjaQZGZfhDvREs0BBTjv7fMRBlK9fi-UgfLC2medgBwaxSdY5DrkIEa9LF3bLry4H7GQXl_hrjSkNglhgfEckuCKC0WlF6_qYFOYMkHkoSXBiDjFS0Rz-7QBOKCAA
Content-Type: application/json; charset=UTF-8
hpgid: 1002
Accept: application/json
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
X-Requested-With: XMLHttpRequest
hpgact: 2101

Response headers

x-ms-request-id: f701adc9-401e-009a-16ab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
Server: Microsoft-HTTPAPI/2.0
Content-Length: 237
Allow: GET,HEAD,PUT,DELETE
Content-Type: application/xml

GET
H/1.1 200
OK bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ 4 KB
5 KB 7ms
6ms Image
image/png 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/bannerlogo?ts=635538653042733860

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:24 GMT
Last-Modified: Thu, 11 Dec 2014 03:28:24 GMT
Content-MD5: nwmifU9ps1V8dDNXSinXJg==
Strict-Transport-Security: max-age=31536000
Content-Type: image\jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=51688
Connection: keep-alive
Content-Length: 4585

GET
H/1.1 200
OK heroillustration
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ 199 KB
199 KB 10ms
10ms Image
image/jpeg 2a02:26f0:6c00:283::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/heroillustration?ts=635538653045233940

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:283::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:50:24 GMT
Last-Modified: Thu, 11 Dec 2014 03:28:24 GMT
Content-MD5: ZSg7Ej6yNeYXaumMAqxbHA==
Strict-Transport-Security: max-age=31536000
Content-Type: image\jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=51691
Connection: keep-alive
Content-Length: 203294

POST
H/1.1 204
No Content telemetry Show response
login.microsoftonline.com/common/login/ 0
553 B 155ms
45ms XHR
text/plain 20.190.129.2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/login/telemetry?client-request-id=3965f448-e5de-4e00-b4c2-c5401632f918

Requested by

Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.129.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
Origin: https://msoftnetworkaus013.blob.core.windows.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Tue, 30 Jul 2019 07:50:24 GMT
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 55a0e325-ca90-4efe-bcc1-cdb18b7a0a00
Cache-Control: no-cache, no-store
Expires: -1

POST
H/1.1 405
The resource doesn't support specified Http Verb. watson Show response
msoftnetworkaus013.blob.core.windows.net/common/handlers/ 237 B
506 B 36ms
35ms XHR
application/xml 52.239.137.100
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://msoftnetworkaus013.blob.core.windows.net/common/handlers/watson
Requested by: Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6177.20/content/cdnbundles/watsonsupport.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.100 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 24a476543da3087c6f4eba1cffbb055a86a6340589246006fa070b93e380a5d0

Request headers

Origin: https://msoftnetworkaus013.blob.core.windows.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
client-request-id: 3965f448-e5de-4e00-b4c2-c5401632f918
canary: AQABAAAAAABnfiG-mA6NTae7CdWW7QfdkP9IzD6Ek9AmyFuTpRnxhY6jFtdYy7OzLDboMpHirUE9tbkiQPtmwW8wNWCrxi8RCmzF2vFvdZTtMWj3h6ZezLntPwknjaQZGZfhDvREs0BBTjv7fMRBlK9fi-UgfLC2medgBwaxSdY5DrkIEa9LF3bLry4H7GQXl_hrjSkNglhgfEckuCKC0WlF6_qYFOYMkHkoSXBiDjFS0Rz-7QBOKCAA
Content-Type: application/json; charset=UTF-8
hpgid: 1002
Accept: application/json
Referer: https://msoftnetworkaus013.blob.core.windows.net/aus/home.html
X-Requested-With: XMLHttpRequest
hpgact: 2101

Response headers

x-ms-request-id: f701adf3-401e-009a-3dab-46234a000000
Date: Tue, 30 Jul 2019 07:50:23 GMT
Server: Microsoft-HTTPAPI/2.0
Content-Length: 237
Allow: GET,HEAD,PUT,DELETE
Content-Type: application/xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			msoftnetworkaus013.blob.core.windows.net/aus	1969-12-31 23:59:59	Name: testcookie Value: testcookie

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.microsoftonline.com
msoftnetworkaus013.blob.core.windows.net
secure.aadcdn.microsoftonline-p.com
20.190.129.2
2a02:26f0:6c00:283::35c1
2a02:26f0:6c00:2bf::35c1
52.239.137.100
080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491
1cb99b8f6ef91cab65770c9233f5a9db4e461d1c39c2e561c8606e3994eb1a30
24a476543da3087c6f4eba1cffbb055a86a6340589246006fa070b93e380a5d0
25e17f9e5ae968bc923d60866404ffaff62818e9ae5c00ce5b4aaeba2331348f
28fc6d7aad53bdadbf261065679f33162d224ccc3a3058eaa903ca1957386f22
2e24e29564dd05d39ac382fb539068b9034a15b4f9c302a92d7360a32f391c6d
6ae8b5dd36bc17d5372ea5e78901009118e6f7c9d10538a7c30b7a04d488fe98
6da594d1f0578855ff35b39479545de017ef5ed5c0977ccf51a30c3bc6cd8dc8
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b
80b9f87ae64341413e900b3de2fc0b14dcf3c0c818281fe568dcd065049dd065
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
9fdd49d9ea099ea427f6322a686b9d174e13fdc82cc250e1fabfd7caaf9da34c
a893d9f01ec10a282aa73acf3dfcd092a1c7e0ec1ffcb972e1942ff2d859a844
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
fa4cc5704653039de1dfc36eca72b85e49702a36aea46edd139016ca10b2b60e
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603
fe9b30b90e759478adc4edc39bc41bed8f106a4df34dec65558d495cbb44dd27

msoftnetworkaus013.blob.core.windows.net Open in urlscan Pro 52.239.137.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

343 kBTransfer

571 kBSize

1 Cookies

5 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

44 JavaScript Global Variables

1 Cookies

Indicators

msoftnetworkaus013.blob.core.windows.net Open in urlscan Pro
52.239.137.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

343 kB
Transfer

571 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!