www.sharepointin.com Open in urlscan Pro
2620:1ec:bdf::44  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request oauth Show response www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/	10 KB 11 KB	915ms 736ms	Document text/html	2620:1ec:bdf::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2a95298dff3d432869e29fdd8f3c8e45f29d6ca4b43c08b8ef82633ca5d4880b Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-type text/html; charset=utf-8 date Fri, 12 Aug 2022 10:40:33 GMT request-context appId= strict-transport-security max-age=2592000 x-azure-ref 0IS72YgAAAABxQt4YbQM9Sb20E84NqZBcRlJBMzFFREdFMDkxMwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA= x-cache CONFIG_NOCACHE
GET H2	200	Consent.css www.sharepointin.com/Content/OAuth/	3 KB 3 KB	956ms 955ms	Stylesheet text/css	2620:1ec:bdf::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sharepointin.com/Content/OAuth/Consent.css Requested by Host: www.sharepointin.com URL: https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 80d33446899027d1b7c07dae011fb56f7aeec69d6acbd92694012a503a1b14ea Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=2592000 last-modified Wed, 03 Aug 2022 07:30:53 GMT etag "1d8a70af63affb5" x-azure-ref 0Ii72YgAAAAC2cf8Qd3zxSaBJkllBiF/2RlJBMzFFREdFMDkxMwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA= x-cache CONFIG_NOCACHE content-type text/css date Fri, 12 Aug 2022 10:40:34 GMT accept-ranges bytes content-length 2869 request-context appId=
GET H2	200	Consent.js Show response www.sharepointin.com/Content/OAuth/	1 KB 1 KB	820ms 819ms	Script application/javascript	2620:1ec:bdf::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sharepointin.com/Content/OAuth/Consent.js Requested by Host: www.sharepointin.com URL: https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3ec55bfed4c7e6cd8c414794ba14e732f789f27bc85bd7b763557b9f6c563438 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=2592000 last-modified Thu, 04 Aug 2022 10:23:40 GMT etag "1d8a7ec43db5a47" x-azure-ref 0Ii72YgAAAAAW3hZW+SteQq9kVF+h0QL5RlJBMzFFREdFMDkxMwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA= x-cache CONFIG_NOCACHE content-type application/javascript date Fri, 12 Aug 2022 10:40:34 GMT accept-ranges bytes content-length 1095 request-context appId=
GET H2	200	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg aadcdn.msftauth.net/shared/1.0/content/images/	4 KB 2 KB	630ms 237ms	Image image/svg+xml	152.199.4.44 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Requested by Host: www.sharepointin.com URL: https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.4.44 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/797F) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers accept-language de-DE,de;q=0.9 Referer https://www.sharepointin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 12 Aug 2022 10:40:35 GMT content-encoding gzip content-md5 nzaLxFgP7ZB3dfMcaybWzw== age 1848946 x-cache HIT content-length 1435 x-ms-lease-status unlocked last-modified Thu, 16 Jan 2020 00:32:52 GMT server ECAcc (nya/797F) etag 0x8D79A1B9F5E121A vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 8c4227d2-a01e-003d-0c67-9d2d72000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	chevron_closed_31e954033877625e65f365d6c05762f0.svg aadcdn.msftauth.net/shared/1.0/content/images/	188 B 461 B	495ms 240ms	Image image/svg+xml	152.199.4.44 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/chevron_closed_31e954033877625e65f365d6c05762f0.svg Requested by Host: www.sharepointin.com URL: https://www.sharepointin.com/eur/aa8f1d77-309f-4e1b-9100-c06c42dd51c7/36f83f7a-a821-4447-8778-9b4793cc4b6b/8de21747-eb0e-457a-94d8-1284ab0ef0d3/oauth?id=aEQvVjhGR2ZkWVhHRDFnYmI4QnNoaGx5VUp1N1Y0VFljVTZKS1lQNk85Z2hQeGlRMUp6Sy9DVzZUbjNBWm1EMlZMNGFUN3JSNHJuNjVhR2plV1prZXFnODF1ZnVneThkazFUaTh3aDBMR3FjbzFEcUtJMitoemdESWFvMnZySmY0SThjZUNlaWZCRWxla0lhRlZ1YnJjNGRwS2dFd01Ec0VFL09YRHZZZEZ1N0QzNlFHNGlWMEtwQUNKTy83SWM0QXp5ZFlGRVppVnYzRHVHcGU3NnlOdzJnSXFnOHlFczlLT1dWY1R5Yk9FZ0hvTFZZQkVjM29EM0QrdXRQaDlmN2Q4MHlMMjBSNGlZMFo5OXYvTjZ2VGJnQjFiQXpMMmtsckZ1Y3dVcnVwaU9qa05QcmFBN3N1RkhXWFo3dVRFeHlyczl5RGFyYmhKN1pnTjh0ZG9CWUVnPT0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.4.44 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/797E) / Resource Hash 7b635e83e36842b4dfefb600f4cdf2874617736578f448fc12fcf1f448a638d1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.sharepointin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 12 Aug 2022 10:40:35 GMT content-encoding gzip content-md5 dIPLujNB6F61jh3T+4rdyg== age 13598451 x-cache HIT content-length 171 x-ms-lease-status unlocked last-modified Thu, 16 Jan 2020 00:32:46 GMT server ECAcc (nya/797E) etag 0x8D79A1B9BBDC35C vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id f0ff41ea-301e-0077-3d8a-32fb92000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3189c2b776a26cdb16d5bb0ae9a79ca19dce8c446c1f2ecbe220918ad06e9fbe Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d0ba57a5768efbfa574cc497f87c9a73daf190b4802bc1aa6ab01eefd25fa5f0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| showHide function| showDetails function| hideDetails

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
www.sharepointin.com
152.199.4.44
2620:1ec:bdf::44
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
2a95298dff3d432869e29fdd8f3c8e45f29d6ca4b43c08b8ef82633ca5d4880b
3189c2b776a26cdb16d5bb0ae9a79ca19dce8c446c1f2ecbe220918ad06e9fbe
3ec55bfed4c7e6cd8c414794ba14e732f789f27bc85bd7b763557b9f6c563438
7b635e83e36842b4dfefb600f4cdf2874617736578f448fc12fcf1f448a638d1
80d33446899027d1b7c07dae011fb56f7aeec69d6acbd92694012a503a1b14ea
d0ba57a5768efbfa574cc497f87c9a73daf190b4802bc1aa6ab01eefd25fa5f0