leducaccountant.sharepoint.com
Open in
urlscan Pro
13.107.136.9
Malicious Activity!
Public Scan
Effective URL: https://leducaccountant.sharepoint.com/Shared%20Documents/Forms/AllItems.aspx?id=%2FShared%20Documents%2FJDH4635%2Epdf&parent=%2FShared...
Submission: On December 10 via manual from NZ
Summary
TLS certificate: Issued by Microsoft IT TLS CA 1 on March 7th 2018. Valid for: 2 years.
This is the only time leducaccountant.sharepoint.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Box.com (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 13.107.136.9 13.107.136.9 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
28 | 2.16.186.25 2.16.186.25 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 52.114.128.10 52.114.128.10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 13.107.6.168 13.107.6.168 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
39 | 5 |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
leducaccountant.sharepoint.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com
spoprod-a.akamaihd.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: sharept.ms
canadaeast1-mediap.svc.ms |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
akamaihd.net
spoprod-a.akamaihd.net |
3 MB |
6 |
sharepoint.com
2 redirects
leducaccountant.sharepoint.com |
122 KB |
3 |
microsoft.com
browser.pipe.aria.microsoft.com |
1 KB |
1 |
svc.ms
canadaeast1-mediap.svc.ms |
56 KB |
0 |
windows.net
Failed
login.windows.net Failed |
|
39 | 5 |
Domain | Requested by | |
---|---|---|
28 | spoprod-a.akamaihd.net |
leducaccountant.sharepoint.com
spoprod-a.akamaihd.net |
6 | leducaccountant.sharepoint.com |
2 redirects
spoprod-a.akamaihd.net
|
3 | browser.pipe.aria.microsoft.com |
spoprod-a.akamaihd.net
|
1 | canadaeast1-mediap.svc.ms | |
0 | login.windows.net Failed | |
39 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
troneriaonmoansoaozp.appspot.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sharepoint.com Microsoft IT TLS CA 1 |
2018-03-07 - 2020-03-06 |
2 years | crt.sh |
a248.e.akamai.net DigiCert ECC Secure Server CA |
2018-01-23 - 2019-01-19 |
a year | crt.sh |
*.pipe.aria.microsoft.com Microsoft IT TLS CA 1 |
2017-09-06 - 2019-09-06 |
2 years | crt.sh |
svc.ms Microsoft IT TLS CA 1 |
2018-06-22 - 2020-06-22 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://leducaccountant.sharepoint.com/Shared%20Documents/Forms/AllItems.aspx?id=%2FShared%20Documents%2FJDH4635%2Epdf&parent=%2FShared%20Documents&p=true&slrid=5983aa9e-9086-7000-9a35-433ed4cbb418
Frame ID: 7913851D78F9DC97C181A57A7A4EF80B
Requests: 40 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://leducaccountant.sharepoint.com/:b:/g/Eep3B56oGeNOlAtEy9m69CcBeoQqtdYqhw7bHIBl6SG3yA
HTTP 301
https://leducaccountant.sharepoint.com/_layouts/15/guestaccess.aspx?share=Eep3B56oGeNOlAtEy9m69CcBeoQqtdYqhw7bHIBl6... HTTP 302
https://leducaccountant.sharepoint.com/Shared%20Documents/Forms/AllItems.aspx?id=%2FShared%20Documents%2FJDH4635%2E... Page URL
Detected technologies
Microsoft SharePoint (CMS) ExpandRequireJS (JavaScript Frameworks) Expand
Detected patterns
- env /^requirejs$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://leducaccountant.sharepoint.com/:b:/g/Eep3B56oGeNOlAtEy9m69CcBeoQqtdYqhw7bHIBl6SG3yA
HTTP 301
https://leducaccountant.sharepoint.com/_layouts/15/guestaccess.aspx?share=Eep3B56oGeNOlAtEy9m69CcBeoQqtdYqhw7bHIBl6SG3yA HTTP 302
https://leducaccountant.sharepoint.com/Shared%20Documents/Forms/AllItems.aspx?id=%2FShared%20Documents%2FJDH4635%2Epdf&parent=%2FShared%20Documents&p=true&slrid=5983aa9e-9086-7000-9a35-433ed4cbb418 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://leducaccountant.sharepoint.com/_layouts/15/serviceworkerproxy.aspx?serviceWorkerUrl=https%3A%2F%2Fspoprod-a.akamaihd.net%2Ffiles%2Fodsp-next-prod_2018-11-23-sts_20181203.003%2Fpdfjsworker-mini-98886c51.js HTTP 302
- https://leducaccountant.sharepoint.com/_layouts/15/Authenticate.aspx?Source=%2F%5Flayouts%2F15%2Fserviceworkerproxy%2Easpx%3FserviceWorkerUrl%3Dhttps%253A%252F%252Fspoprod%2Da%2Eakamaihd%2Enet%252Ffiles%252Fodsp%2Dnext%2Dprod%5F2018%2D11%2D23%2Dsts%5F20181203%2E003%252Fpdfjsworker%2Dmini%2D98886c51%2Ejs HTTP 302
- https://leducaccountant.sharepoint.com/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F%255Flayouts%252F15%252Fserviceworkerproxy%252Easpx%253FserviceWorkerUrl%253Dhttps%25253A%25252F%25252Fspoprod%252Da%252Eakamaihd%252Enet%25252Ffiles%25252Fodsp%252Dnext%252Dprod%255F2018%252D11%252D23%252Dsts%255F20181203%252E003%25252Fpdfjsworker%252Dmini%252D98886c51%252Ejs&Source=cookie
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
AllItems.aspx
leducaccountant.sharepoint.com/Shared%20Documents/Forms/ Redirect Chain
|
65 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
listviewdataprefetch-mini-9ecb2fc3.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
70 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
knockout-mini-78b7f730.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
64 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
react-mini-34b95c6e.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
98 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistreactcontrolsbeforeplt-mini-6c1e3db0.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
302 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spoapp-mini-6be754d7.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
259 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spofiles-mini-35f6fd2e.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
610 KB 148 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spofiles-mini.resx-e8ac6d9d.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
78 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splist-mini-044f53ed.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
813 KB 205 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
require-a19851d1.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RenderListDataAsStream
leducaccountant.sharepoint.com/_api/web/GetList(@listUrl)/ |
14 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spoemptyfolderroot-mini.resx-167bd7dc.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
aria-mini-43e00b23.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spooneup-mini-07033627.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
360 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistdeferred-mini-e67e6dc1.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
2 MB 648 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistdeferredexpress-mini-98c1f121.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
2 MB 520 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistdeferred-mini.resx-3104235b.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
94 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spooneup-mini.resx-4381b31d.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistdeferredexpress-mini.resx-99c13ed7.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistitemsscopedeferred-mini.resx-61d1546c.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistreactcontrolsdeferred-mini-997f17c5.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
2 MB 537 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01EASERRXKO4DZ5KAZ4NHJIC2EZPM3V5BH
leducaccountant.sharepoint.com/_api/v2.0/drives/b!BqJXteBsgkaIJwNOz5WLICx9WuOUwDpPjieNsdA2WK5ttwTwBGmDR4MnYE6n4g_d/items/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
loadingspinner.gif
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/odsp-media/images/loading/ |
420 B 842 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
thumbnail
canadaeast1-mediap.svc.ms/transform/ |
55 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
odbpdf-mini-ab9e093a.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
399 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
odsp-next-icons-3-8b008e59.woff
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/odsp-media/fonts/ |
14 KB 14 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
odsp-next-icons-47c09d37.woff
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/odsp-media/fonts/ |
8 KB 9 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
odsp-next-icons-0-37af5ade.woff
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/odsp-media/fonts/ |
12 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
default.aspx
leducaccountant.sharepoint.com/_forms/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
authorize
login.windows.net/23d9ecee-9183-47a3-84df-f06a299cb636/oauth2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pdfjsworker-mini-98886c51.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
703 KB 209 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download.aspx
leducaccountant.sharepoint.com/_layouts/15/ |
76 KB 76 KB |
Fetch
application/pdf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistexecutors-mini-5505ea30.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ |
380 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
splistexecutors-mini.resx-776c7bd9.js
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/en-us/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
odsp-next-icons-1-b10a0732.woff
spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/odsp-media/fonts/ |
11 KB 11 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d6a533ac-3377-40b2-8cf0-4d09385aa0fa
https://leducaccountant.sharepoint.com/ |
8 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- leducaccountant.sharepoint.com
- URL
- https://leducaccountant.sharepoint.com/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F%255Flayouts%252F15%252Fserviceworkerproxy%252Easpx%253FserviceWorkerUrl%253Dhttps%25253A%25252F%25252Fspoprod%252Da%252Eakamaihd%252Enet%25252Ffiles%25252Fodsp%252Dnext%252Dprod%255F2018%252D11%252D23%252Dsts%255F20181203%252E003%25252Fpdfjsworker%252Dmini%252D98886c51%252Ejs&Source=cookie
- Domain
- login.windows.net
- URL
- https://login.windows.net/23d9ecee-9183-47a3-84df-f06a299cb636/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CAFE4BC31E1CF3835B023C2F811AFDD356D2CC1C7CCE2F0D%2D492C46A8F3F19E89FF40ABE64075BEB6448DD3C24846C3B915573A08C7C11791&redirect%5Furi=https%3A%2F%2Fleducaccountant%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=5a83aa9e%2D600a%2D7000%2D9a35%2D4021a6d7ef3b
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Box.com (Consumer)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _spPageContextInfo number| g_responseEnd object| FabricConfig object| moduleNameMapping function| requirejs function| require function| define function| ES6Promise object| _spModuleLink number| g_duration number| g_iisLatency number| g_requireJSDone number| g_deferDataLoadTime object| g_payload object| g_listData function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| DeferredListDataComplete string| DeferredListDataExpectedHash object| ODSP_TELEMETRY_MANAGER function| __onbeforeunload object| __packages__ number| __currentId__ object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| _perfMarks object| __events__ function| __loadTheme function| __loadTests object| __ko object| odstore object| fabricPerf function| _spLoaderCallback string| ListDataActualHash number| g_prefetchStart boolean| _pdfjsCompatibilityChecked boolean| __hasInitializeFocusRects__ boolean| __hasInitializedDir__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
leducaccountant.sharepoint.com/ | Name: SPWorkLoadAttribution Value: Url=https://leducaccountant.sharepoint.com/Shared%20Documents/Forms/AllItems.aspx&AppTitle=ModernDoclibListPage |
|
leducaccountant.sharepoint.com/ | Name: FedAuth Value: 77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjUsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYzdhYTQxNmQ3YmRjMDcwMzU3MmIxMGY1MDdlN2I3Yjk1OWRhNGRmY2I3OGM2NjNkYTIxZGQzMWJkN2M4MWFmZCwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNjN2FhNDE2ZDdiZGMwNzAzNTcyYjEwZjUwN2U3YjdiOTU5ZGE0ZGZjYjc4YzY2M2RhMjFkZDMxYmQ3YzgxYWZkLDEzMTg4ODg0MzE1MDAwMDAwMCwwLDEzMTg4OTcwNDE1NDEyMTM5MiwwLjAuMC4wLDI1OCwyM2Q5ZWNlZS05MTgzLTQ3YTMtODRkZi1mMDZhMjk5Y2I2MzYsLCw1OTgzYWE5ZS05MDg2LTcwMDAtOWEzNS00MzNlZDRjYmI0MTgsNTk4M2FhOWUtOTA4Ni03MDAwLTlhMzUtNDMzZWQ0Y2JiNDE4LFlZb0Z0MjFzN2srM0k3UVpFYkY1aVEsMCwwLDAsLFNUQ2srTGJjV3o4Smw5OWcrWjkxYnp5a3J6MzFlUU1GbGhjaEYrUUtXTDB3aXNCY2tTSlhaWW9VSU9wWGJxYzE3YWRjVG9DVjd1V0k1RTR4YWl1V3FaV3YzMUNJVlpiQ1VjaXN4dStPMCtIS0hxRjQ5Z1l3Nkx6RzVuRVNLcW1jUFZidklyWU9kVUgrSEV0a05TVGxkMlUwb1VJbDFDREUrUkhQK3BmQkhXQmM0ZUE5TmJYT1ZTUFEybGFyalNVekoyMEdVdlh3bkM3Vkd2TkVhcGNUWldnQVMvYnVta1VpRjhYMFFYbUJGNnE0SFBDN3IzTWdmenRRMkhRanZjT2dKNEtkSEE5dFVncEFRZkVTU2FNWEZqd0todTMwYlRYY2JOdjlXY2pjZTlPSm5aSE9VWml4a2xhenVZcjRFTDc3eTFScmlqZ0FOZzE4TGx4RFNEU2U5UT09PC9TUD4= |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://static.sharepointonline.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://spoprod-a.akamaihd.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-23-sts_20181203.003/ https://r1.res.office365.com https://webshell.suite.office.com https://shellux.msocdn.com https://shellprod.msocdn.com https://shellppe.msocdn.com https://c1-excel-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net 'unsafe-eval' 'nonce-24ad2481-d5c2-4490-a15a-abeed0306c7f' |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.pipe.aria.microsoft.com
canadaeast1-mediap.svc.ms
leducaccountant.sharepoint.com
login.windows.net
spoprod-a.akamaihd.net
leducaccountant.sharepoint.com
login.windows.net
13.107.136.9
13.107.6.168
2.16.186.25
52.114.128.10
00bf0a252e71ce004562bb31a3db42be3044079e3176927fb00302f065cff24f
041648aa69776e4ab1e5d38666f8df0778d762a8a4e3e38aaa5c4ed1ec2511ae
216e1f613ba7bbc3521c50354a8d9c5437ef7694494b9c6cdfeecc0a0902a9cf
22e4e25d985730d0bf6ee99097ea0d85ca903eb3451933b907a5fbf019f2206b
251c6cf2514cb9590f05380e7aca21194afb9a6de94c6a37aa1c90283cca0eb4
27c4a8dfbba23a66509e9e64737312b5f16ee9f24699a77d50cd8b51f3502059
2b18c0781fba21c4b13a23b67b015239f3225bec8d7e8912d09a45a8e19df4af
33a9a5e59972af399970d13c71d7161718f845dbd48f4e31123d6f54725e9d31
385de556086e36624077d6406a520e97c1816ba68b5d0c9068e07b7fe36c9969
3f33332e81b3e4b05a4382c2b3ed583322f0a5ab94afb718d99cdd1650f86d82
3fa1d2f19f1414098f2fe4d81eeb82b3dca356822a36aedcc96306259d4a0208
44c76c9a7d2eabdc32417037568444886d3fb753faf9f5de0712a7356aed31cc
482cb4d0301cacf7fae71db0a12a6f277e4cc3795d4c3985ad536460bbdb474c
4aca82447cad10f66839267d252e377cf248aadc1dcb921673a6b66e4d1fc93a
4c55697c59c9466ebff706a42e390e4b1f388dfec29c765109acb00b3322198c
747513be9980dafe092400ec61260edf427e75c894961e81a326a42ab33c3e7c
77450f2f9fb504f9cc80213fffdca823a873c00c1b294cea3def271880d581f7
77a85f5d869ab12cec69235cb0a80ce2e528f021bfa433aec385bdd057194ef7
818c4e4aa55ca4e1539c03d38ae73d08add02a72459ee48d45b6867f8461d8b8
840fe559e74401eca3e9b9e850adfb140defa1becae03f49d3d387b5e51c4949
85eac92a1728832c1c970e4c71c379d41dba9fbf2d8b0a992426a8f2f39c1492
8f7006e1ce117601afa019f6a64e7a0849265b6fbeeaf3e77ac5ab190c584281
903fec3eee9ff3fb95c52b94ae0e0579a471b9e4795c4c3238f8fd8d5b36dc21
a550fcdc9a5ec59a586b153c0c38653df89dc45ef0b88c78d8e5df80a47db9d4
b0255171fc0fbaf5f443826698e098be899927e08c54515dd47e8b77f90efdf8
bcbb92adc48d3bb765a064cf1f6719fc43b73ea54621f6302d3b166f2a52f721
bd48ad6473083f48218f4b7cbdf718034e02171f54018adbf9334604e56999a2
c41cf98ce2624567e212b8615e01fd915ceb511179426c328646116ce6a2572f
d1de39c93e6d7e38771374ad5b018248ce0fd3c56c098a12b3a91005a7f0ebcd
d97e084729679d28f7451912e62c65930c36b6ba4b092771044aa629a6bbc84f
e17b8b96dae6fc08f9c2e9e901ca1a7bd1512d272f45442e6ef2a17a9a25059b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e7983fa0d544df3ed7e40ee95fbb7179da153fada2dae5b9106230612c39ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faeea1adbbb3fb36ce42af96ec8097b3d70a0d121072153be67c32ab19b63dc9
fb3423e04ae4e0d3000d01332a270dbd035df4594bdd645f99cb99b9b769847c