urlscan.io logo urlscan.io
SecurityTrails logo

login.deviceinventory.com Open in urlscan Pro
2606:4700:3037::ac43:c1cf  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://login.deviceinventory.com/
Submission: On February 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::ac43:c1cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.deviceinventory.com.
TLS certificate: Issued by E1 on February 15th 2024. Valid for: 3 months.
This is the only time login.deviceinventory.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
6 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 20.189.173.9 8075 (MICROSOFT...)
12 4
Apex Domain
Subdomains		 Transfer
6 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 4695
250 KB
4 deviceinventory.com
login.deviceinventory.com
ipv6.login.deviceinventory.com Failed
18 KB
2 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 152
766 B
12 3
Domain Requested by
6 logincdn.msauth.net login.deviceinventory.com
logincdn.msauth.net
4 login.deviceinventory.com 1 redirects login.deviceinventory.com
2 browser.events.data.microsoft.com logincdn.msauth.net
0 ipv6.login.deviceinventory.com Failed
12 4

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
Subject Issuer Validity Valid
login.deviceinventory.com
E1		 2024-02-15 -
2024-05-15		 3 months crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-01-17 -
2025-01-11		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-12-18 -
2024-12-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.deviceinventory.com/
Frame ID: 8F38EF91A3C140C99CDA651B99F6D0D7
Requests: 9 HTTP requests in this frame

Frame: https://login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Frame ID: 59CDE047C52DE52CC1E5EA334B03FF81
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Microsoft-Konto anmelden

Page Statistics

12
Requests

83 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

268 kB
Transfer

959 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://login.deviceinventory.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.deviceinventory.com/ 		26 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.deviceinventory.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c1cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc17d5305bdeabce42c9dab59538aa81bd3a5b14c5c72d5029ec72796875bca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
85600cd5bcd65bf1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 19:45:15 GMT
expires
Thu, 15 Feb 2024 19:44:15 GMT
link
<https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
ppserver
PPV: 30 H: BL02EPF00006758 V: 0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpeJMgHfRbvfKJJLTm9UXhvznnczZ7nFtj%2F73WyP0HuejTB22XN%2Bq1INxDufk%2F5BOiQJWQGES%2F4%2BDEcjMlTDFyBFz5Mksq0GtGbAoXMpfe%2FNd9aWEdgBTs3WFA95XP26U4Tlp4RNonV1l9Rkc5NytwDIVActpqQr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-ms-request-id
06502829-1e64-4487-8f1a-fab4701c989e
x-ms-route-info
C107_BL2
login_de_kSZO7j_JL5SVSa9GD5Hfng2.js
logincdn.msauth.net/shared/5/js/ 		828 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/shared/5/js/login_de_kSZO7j_JL5SVSa9GD5Hfng2.js
Requested by
Host: login.deviceinventory.com
URL: https://login.deviceinventory.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4fcc51aff1d9653e434d935f6dc1c2c271ee91fe9851e72f7f7baa7942686ae

Request headers

Referer
https://login.deviceinventory.com/
Origin
https://login.deviceinventory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
216899
x-ms-lease-status
unlocked
last-modified
Tue, 23 Jan 2024 22:22:24 GMT
etag
0x8DC1C61C63A7642
x-azure-ref
20240215T194516Z-pxwx83d94d5t3af4fehzerrnkw00000001qg00000000z6ks
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5d0fc18c-c01e-0056-124a-5f7ca1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneds-analytics-js_cc090683573a172263bd_de.js
logincdn.msauth.net/shared/5/chunks/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_cc090683573a172263bd_de.js
Requested by
Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/5/js/login_de_kSZO7j_JL5SVSa9GD5Hfng2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65f6b4c9241bcc02e06a4ad01011f61de6f1b78a24b1c2e0b2d7eba5d7343e49

Request headers

Referer
https://login.deviceinventory.com/
Origin
https://login.deviceinventory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
32750
x-ms-lease-status
unlocked
last-modified
Fri, 05 Jan 2024 02:38:34 GMT
etag
0x8DC0D9769E56A08
x-azure-ref
20240215T194516Z-pxwx83d94d5t3af4fehzerrnkw00000001qg00000000z6m9
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
90202e7b-d01e-006e-2658-55d74c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msauth.net/shared/5/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Requested by
Host: login.deviceinventory.com
URL: https://login.deviceinventory.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.deviceinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
1435
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:25 GMT
etag
0x8DB772562988611
x-azure-ref
20240215T194516Z-z1d06egh8p2gz436m7pw51t6pc00000001w000000000tu6a
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
58236b7c-401e-0072-32e9-5c419a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19d.svg
logincdn.msauth.net/shared/5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
Requested by
Host: login.deviceinventory.com
URL: https://login.deviceinventory.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.deviceinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
673
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:22 GMT
etag
0x8DB7725611C3E0C
x-azure-ref
20240215T194516Z-z1d06egh8p2gz436m7pw51t6pc00000001w000000000tu6b
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ec26f35d-501e-002f-3567-5ffdb2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
main.js
login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame 59CD
Redirect Chain
  • https://login.deviceinventory.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Requested by
Host: login.deviceinventory.com
URL: https://login.deviceinventory.com/
Protocol
H2
Server
2606:4700:3037::ac43:c1cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3a4f3600c20a0537d0c46a0743f2638cd02e218e9fb2a52b8e0b7de3294621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgNMQI3us6U%2FhCSUDvz4NRHQSG5AXuE1JQ3a52Ua4BoOCteTQCcqusO7wJptDalX7qxAexf5aEq3kABN%2BuZdS2lZQcRkRf%2BodIrX%2FaHNtejcwmUuQ2RnBg%2BzWvx6DJ71B%2BtRYPEGWQLl6VV4qrgcgg88c0s4ePP6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85600cde3f5f5bf1-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 15 Feb 2024 19:45:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erUTsBwPLJZ%2FCjFXb3nXXU3fQ7WNuEORyRlaFWi4wRTxPyCD98drOtZcLm9Skurwbq%2FxBo0ajbUmj7u%2F5ChCMeqeNhGg0r%2BY7%2FjIiR2gg%2FZ7RdiK89DFkhKd%2F4EMnjFUx75UVlR%2BovjUXWnhL2Df4LpjCxy4vRBa"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
85600cde1f345bf1-FRA
alt-svc
h3=":443"; ma=86400
85600cd5bcd65bf1
login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 59CD 		0
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.deviceinventory.com/cdn-cgi/challenge-platform/h/g/jsd/r/85600cd5bcd65bf1
Requested by
Host: login.deviceinventory.com
URL: https://login.deviceinventory.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c1cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmqHUFPrftPlCDn0XJz80ODo%2FbBiaLytPR4XoMXMTmaLEdhZTINVXrBaQsNR2dWUuqfEVgOJYoaZvSeQIiU7CpCiHRAuKzb%2FCVsWtaXcGgGI%2F6MOuyGqrE5oOe0V%2BeZPCMIsMeQonUgxgsXnZz7%2BAlyVP3mmAS4N"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85600cdee9941cc3-FRA
alt-svc
h3=":443"; ma=86400
ipv6.png
ipv6.login.deviceinventory.com/ 		0
0
signin_options_4e48046ce74f4b89d450.svg
logincdn.msauth.net/shared/5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.deviceinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:30 GMT
etag
0x8DB772565B93440
x-azure-ref
20240215T194516Z-z1d06egh8p2gz436m7pw51t6pc00000001w000000000tu74
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5cd0f601-c01e-0002-4db1-5eb39a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
documentation_bcb4d1dc4eae64f0b2b2.svg
logincdn.msauth.net/shared/5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/5/images/documentation_bcb4d1dc4eae64f0b2b2.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.deviceinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 19:45:16 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
606
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 15:44:25 GMT
etag
0x8DB7725628E26A3
x-azure-ref
20240215T194516Z-z1d06egh8p2gz436m7pw51t6pc00000001w000000000tu75
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bd430864-601e-005c-7d30-5f72b4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: logincdn.msauth.net
URL: https://logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_cc090683573a172263bd_de.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.9 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
cb50b134808a9d487924159c22531592b4d96a1f75c6279615bf8310c64634c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1708026318838
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://login.deviceinventory.com/
apikey
69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 19:45:19 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1455
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://login.deviceinventory.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.9 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://login.deviceinventory.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://login.deviceinventory.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 15 Feb 2024 19:45:18 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ipv6.login.deviceinventory.com
URL
https://ipv6.login.deviceinventory.com/ipv6.png?uaid=22389e86d2884683a3983c52aab41a95

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| PROOF object| ServerData function| $Loader object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| webpackChunk_msidentity_sisu_msa function| clearImmediate function| setImmediate object| regeneratorRuntime object| __dynProto$Gbl

8 Cookies

Domain/Path Name / Value
.login.deviceinventory.com/ Name: uaid
Value: 22389e86d2884683a3983c52aab41a95
.login.deviceinventory.com/ Name: MSPRequ
Value: id=N&lt=1708026315&co=1
.login.deviceinventory.com/ Name: MSCC
Value: 64.227.56.228-US
.login.deviceinventory.com/ Name: MSPOK
Value: $uuid-ebf24202-746f-4a7f-a86e-37d66e819f44
.login.deviceinventory.com/ Name: OParams
Value: 11O.DgzeFotGADjv6tXWYb6X!2x79yTSRXEq2LT4ndBPNn17NZQsKAIeRWZF0h0dV2gWHFNdMK6W1lZQL0gjsS5V7U*McLMhukjClfiTBjMRqK7EiTylZGGd68*M!bwsXylbqw$$
login.deviceinventory.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 75b509f6-4e0d-439d-b9e8-67326ed01f7d
.deviceinventory.com/ Name: cf_clearance
Value: cUEimKD7STSHJ0nX_eYlA4Aa6Tzm4vMOQVkCcDdOERY-1708026316-1.0-AZo0XPhdJhKQqA8ihOgaVYXGYDBidJuoSmrcLq/gE9VBb8ufL5eANLt0PCpRYUgM11FpsPYFCyewnP5K5oN0dpA=
login.deviceinventory.com/ Name: ai_session
Value: eKjjwapbKsmQ7f2pqL5o3B|1708026316835|1708026316835

3 Console Messages

Source Level URL
Text
network error URL: https://ipv6.login.deviceinventory.com/ipv6.png?uaid=22389e86d2884683a3983c52aab41a95
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://login.deviceinventory.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.deviceinventory.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.