mso-login.knyjbio.com
Open in
urlscan Pro
209.250.253.127
Malicious Activity!
Public Scan
Effective URL: https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true
Submission: On August 01 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 29th 2022. Valid for: 3 months.
This is the only time mso-login.knyjbio.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 18.66.97.88 18.66.97.88 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 201.217.243.22 201.217.243.22 | 263237 (PowerHost...) (PowerHost Telecom SPA) | |
1 | 165.73.80.50 165.73.80.50 | 37611 (Afrihost) (Afrihost) | |
72 | 209.250.253.127 209.250.253.127 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
79 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
walmart.onelink.me |
ASN263237 (PowerHost Telecom SPA, CL)
PTR: servidor.edumas.cl
ikk63a2jlh.edumas.cl |
ASN37611 (Afrihost, ZA)
PTR: 165-73-80-50.ip.afrihost.co.za
apclothing.co.za |
ASN20473 (AS-CHOOPA, US)
PTR: 209.250.253.127.vultrusercontent.com
mso-login.knyjbio.com | |
aadcdn-msftauth-c7903bb3.knyjbio.com | |
ll.knyjbio.com | |
portal-microsoftonline-c7903bb3.knyjbio.com | |
res-1-cdn-office-c7903bb3.knyjbio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
72 |
knyjbio.com
mso-login.knyjbio.com aadcdn-msftauth-c7903bb3.knyjbio.com ll.knyjbio.com portal-microsoftonline-c7903bb3.knyjbio.com res-1-cdn-office-c7903bb3.knyjbio.com wwwofc.knyjbio.com Failed |
1 MB |
1 |
apclothing.co.za
apclothing.co.za |
614 B |
1 |
edumas.cl
ikk63a2jlh.edumas.cl |
1 KB |
1 |
onelink.me
1 redirects
walmart.onelink.me — Cisco Umbrella Rank: 175470 |
328 B |
79 | 4 |
Domain | Requested by | |
---|---|---|
51 | res-1-cdn-office-c7903bb3.knyjbio.com |
portal-microsoftonline-c7903bb3.knyjbio.com
|
14 | aadcdn-msftauth-c7903bb3.knyjbio.com |
mso-login.knyjbio.com
aadcdn-msftauth-c7903bb3.knyjbio.com |
4 | mso-login.knyjbio.com |
apclothing.co.za
mso-login.knyjbio.com |
2 | portal-microsoftonline-c7903bb3.knyjbio.com |
aadcdn-msftauth-c7903bb3.knyjbio.com
portal-microsoftonline-c7903bb3.knyjbio.com |
1 | ll.knyjbio.com |
mso-login.knyjbio.com
|
1 | apclothing.co.za |
ikk63a2jlh.edumas.cl
|
1 | ikk63a2jlh.edumas.cl | |
1 | walmart.onelink.me | 1 redirects |
0 | wwwofc.knyjbio.com Failed |
portal-microsoftonline-c7903bb3.knyjbio.com
|
79 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
go-microsoft-c7903bb3.knyjbio.com |
www-ms.knyjbio.com |
privacy-microsoft-c7903bb3.knyjbio.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.apclothing.co.za R3 |
2022-06-08 - 2022-09-06 |
3 months | crt.sh |
knyjbio.com R3 |
2022-07-29 - 2022-10-27 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true
Frame ID: 5F1A685BBF42FE4A2B4B3B3ACFB886B6
Requests: 21 HTTP requests in this frame
Frame:
https://portal-microsoftonline-c7903bb3.knyjbio.com/Prefetch/Prefetch.aspx
Frame ID: BE567E2F017ECE656A73D554176439B5
Requests: 57 HTTP requests in this frame
Frame:
https://wwwofc.knyjbio.com/prefetch/prefetch
Frame ID: 3FEDE327FF3E57D7437D27A20EB2A55F
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://walmart.onelink.me/UIev?c=Mobile%20Web%20App%20Banner&pid=Walmart.com&af_dp=walmart://&af_web_d...
HTTP 302
http://ikk63a2jlh.edumas.cl/?c=Mobile%20Web%20App%20Banner&pid=Walmart.com Page URL
- https://apclothing.co.za/cgi/ Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Benennen Sie Ihr persönliches Microsoft-Konto um.
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz & Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://walmart.onelink.me/UIev?c=Mobile%20Web%20App%20Banner&pid=Walmart.com&af_dp=walmart://&af_web_dp=http://ikk63a2jlh.edumas.cl/.
HTTP 302
http://ikk63a2jlh.edumas.cl/?c=Mobile%20Web%20App%20Banner&pid=Walmart.com Page URL
- https://apclothing.co.za/cgi/ Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l Page URL
- https://mso-login.knyjbio.com/?username=marcelle.mallais@l&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://walmart.onelink.me/UIev?c=Mobile%20Web%20App%20Banner&pid=Walmart.com&af_dp=walmart://&af_web_dp=http://ikk63a2jlh.edumas.cl/. HTTP 302
- http://ikk63a2jlh.edumas.cl/?c=Mobile%20Web%20App%20Banner&pid=Walmart.com
79 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ikk63a2jlh.edumas.cl/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
apclothing.co.za/cgi/ |
425 B 614 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mso-login.knyjbio.com/ |
56 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
mso-login.knyjbio.com/ |
184 B 355 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mso-login.knyjbio.com/ |
278 KB 83 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
mso-login.knyjbio.com/ |
326 KB 79 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/js/ |
382 KB 109 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Me.htm
ll.knyjbio.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Prefetch.aspx
portal-microsoftonline-c7903bb3.knyjbio.com/Prefetch/ Frame BE56 |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_8363475333f6d315e7ae.js
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/js/ |
81 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
aadcdn-msftauth-c7903bb3.knyjbio.com/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
aadcdn-msftauth-c7903bb3.knyjbio.com/ests/2.1/content/cdnbundles/ |
0 15 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf.js
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/js/asyncchunk/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_20ead0268c36816fd612.js
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_account_aad_f83ebff69a4a1685e4dc9650cdab8886.svg
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg
aadcdn-msftauth-c7903bb3.knyjbio.com/shared/1.0/content/images/ |
379 B 677 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddedfonts.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
3 KB 693 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/admin/css/ Frame BE56 |
1 MB 193 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o365themedefault.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masterstyles15.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
92 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masterstyles15mvc.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
website.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home15.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assistancepanel.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conciergehelper.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signup16.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/content/css/ Frame BE56 |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adoption.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonhealthdashboard.css
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/css/ Frame BE56 |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webcontrols.png
res-1-cdn-office-c7903bb3.knyjbio.com/images/ Frame BE56 |
223 B 223 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
res-1-cdn-office-c7903bb3.knyjbio.com/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_bg_signup_office.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O365SharedClusteredImage.png
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
servicestatus.png
res-1-cdn-office-c7903bb3.knyjbio.com/images/ Frame BE56 |
223 B 223 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pagelayout_white_panel.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pagelayout_mos_background_right.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pagelayout_mos_background_left.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pagelayout_nav_highlight.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_wizard_hl_mos.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/Shell/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
list_bullet_5x5.gif
res-1-cdn-office-c7903bb3.knyjbio.com/Images/ Frame BE56 |
226 B 226 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner_16x16_metro.gif
res-1-cdn-office-c7903bb3.knyjbio.com/images/ Frame BE56 |
223 B 223 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner_24x24_metro.gif
res-1-cdn-office-c7903bb3.knyjbio.com/images/ Frame BE56 |
223 B 223 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signup_ms_logo.png
res-1-cdn-office-c7903bb3.knyjbio.com/shell/images/ Frame BE56 |
223 B 223 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
o365_gallatin_logo.png
res-1-cdn-office-c7903bb3.knyjbio.com/shell/images/ Frame BE56 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
image1.jpg
res-1-cdn-office-c7903bb3.knyjbio.com/images/backgrounds/ Frame BE56 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
arrow_staticup_16.png
res-1-cdn-office-c7903bb3.knyjbio.com/images/scrollbar/ Frame BE56 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
arrow_staticdown_16.png
res-1-cdn-office-c7903bb3.knyjbio.com/images/scrollbar/ Frame BE56 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.axd
portal-microsoftonline-c7903bb3.knyjbio.com/ Frame BE56 |
23 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoftajaxcombined.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
223 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1_10_2_min.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/jquery/ Frame BE56 |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headbundle.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
81 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controlbundle.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
87 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angularlib.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
156 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angularextensions.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
1 MB 250 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adminbootstrap.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
527 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adminapp.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
679 KB 157 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mscorlib.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
listgrid.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame BE56 |
60 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
peoplepicker.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame BE56 |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
productkeycontrol.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame BE56 |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gridview.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame BE56 |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
netperf.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
searchbox.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
passwordstrengthmeter.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hipcontrol.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/jsc/ Frame BE56 |
38 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geminiwizard.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/webcontrols/js/ Frame BE56 |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webuivalidation.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrendsstream.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reporting.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assistancepanel.js
res-1-cdn-office-c7903bb3.knyjbio.com/admincenter/admin-pkg/2022.7.25.3/de/js/ Frame BE56 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
prefetch
wwwofc.knyjbio.com/prefetch/ Frame 3FED |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- res-1-cdn-office-c7903bb3.knyjbio.com
- URL
- https://res-1-cdn-office-c7903bb3.knyjbio.com/shell/images/o365_gallatin_logo.png
- Domain
- res-1-cdn-office-c7903bb3.knyjbio.com
- URL
- https://res-1-cdn-office-c7903bb3.knyjbio.com/images/backgrounds/image1.jpg
- Domain
- res-1-cdn-office-c7903bb3.knyjbio.com
- URL
- https://res-1-cdn-office-c7903bb3.knyjbio.com/images/scrollbar/arrow_staticup_16.png
- Domain
- res-1-cdn-office-c7903bb3.knyjbio.com
- URL
- https://res-1-cdn-office-c7903bb3.knyjbio.com/images/scrollbar/arrow_staticdown_16.png
- Domain
- wwwofc.knyjbio.com
- URL
- https://wwwofc.knyjbio.com/prefetch/prefetch
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pidpdisambiguation_8ce138cbbb82dae8e8bf boolean| __convergedlogin_pcustomizationloader_20ead0268c36816fd6124 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.knyjbio.com/ | Name: __hWgY Value: Yzc5MDNiYjMtMGNmMS00OTVhLTk2ZWEtM2VjYWExMTc0OTg0OmEyOTIyMGU0LTViODgtNDk5Yi05ZDM2LTU4N2ZhM2IxYmMwOA== |
|
.mso-login.knyjbio.com/ | Name: AADSSO Value: NA|NoExtension |
|
mso-login.knyjbio.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
.mso-login.knyjbio.com/ | Name: brcap Value: 0 |
31 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn-msftauth-c7903bb3.knyjbio.com
apclothing.co.za
ikk63a2jlh.edumas.cl
ll.knyjbio.com
mso-login.knyjbio.com
portal-microsoftonline-c7903bb3.knyjbio.com
res-1-cdn-office-c7903bb3.knyjbio.com
walmart.onelink.me
wwwofc.knyjbio.com
res-1-cdn-office-c7903bb3.knyjbio.com
wwwofc.knyjbio.com
165.73.80.50
18.66.97.88
201.217.243.22
209.250.253.127
038c74d89bf9626aa8844f57aeb87c1f292321ec2670e564049d570ef7a5ba32
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
07fd983535b9422bc246c2e822422b85ceaa483eed2f9aa80e456d56ba681516
09d26c7f9f89147bd9bb583994bef75411562a7fe51715f8c1dc6f1bb311d0ed
0cce8b41f7d42521c783eeb5209daa77adfbbfe2756eaa26990d809f3bfd302a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1525aa23e3543791798270554541d794c479c18e3f33ba8d9af819d2646e2cf4
2049e3e89fdb12eef3af9a23b642e846c1282c3f8deebeb1e85907359532a4bd
2589fe90b2849f35f294cb20bf433135e44ce0ca8ce98d8e4f0ca7b62fa50191
28383c7e2db70923ffdabf9ea34e3666be26ebcd37120def4f5a0234e69e1246
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
35894c299fbfdba0f2273f66f8b22141a62a22417211829bfc2c0659f5daa473
382ffa068deb747a667d355fb79785af950a1b5f27a6bee0f1c97383f4cb1996
39514df7e1e35a029d3c55e59bc97abd46316291039c7220c228fb7e43d07b69
3cbd3643eafeeb35d72cc1ad90c474aa7580f30d7e2a36ce087fb5d21a9d9f6f
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41551dc68068e774c92a9241fbefce28f7bc2745d0395b4d62c10b5bf5a55a85
48522307497e143dbb996b90f7c2e6d96fc484a9f5096f5e1a0586ac5dfc1f45
4c0c2aa4c4a35f9ac369b2537619fb2eab93398f748d9df3b297a069d0f81e0b
598315dcfbc598d7ac1df14e72bbb3a6ec9aef1dd6800cd9eea08a013f775b24
5b53c6db5abda0aead4deb08a073b3a982e4cee523a0d5fc2dc69473cd6efb36
63edf7a5a7cd01c58501d7dd679d03ba9ca22c8dea5bf6f4a33bf5d2c4024f5e
6431265e9135bfb789603776c613e8d173898521a4ac981b4128773daa220178
6798792d4900f6a754e8a9e64dc5b014b51e71ca3b9f25a6db0c74962bf1bd63
6fedae5107f342161ba5b8dc77d5d20a77feec58a4417a4cb14c8baa883d157e
71d06cb99784d0046b2a213db4ba7a2521e0a339003dca9639838a33a034f50f
78f204fb7b794aad7425f3822f1c8c0107f0fa1442369a798aef0dc6bf35b40d
7b1669da90261cdb1483950bb480ad96875f84b09bc48d1055303ce94821bf64
811e2184acac6e3dc10851b5e1ddd6f431ab4feff39a4914ee487a961f7761db
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8dc4107571ba20983d62df95a23d5cabc961418c55b75a8ceb1437a83cc7ab3f
8eb8a78905a37bde431e59271a672e32e2d9108badea52180eb115c59d653067
965993b2b2c5b69e0aaf3c76372cc5d1494e638c79af67f2fefa0aecf67572a1
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
acce9ff62ffb3e519ddcbac0d2bfad32823ea1640b9f49d3b0298bce7d9b2b75
beff48fa975ab86e0a60ea49e14a63cbe9712a2e9eea8a6460b37a25fe964bb9
c66f0867a05cfdce3be326d2b2960edeb8349e08f589c1ea491fffec6678e89a
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
d1ff4daf389490ad6dd98d8fac46070bd2b05b5de6b773d697c603a199453cff
d555a66f44e42c313db899334af9ec3a1271fefb7f83f3cf55d05326fb2a42d1
d78ade8b64893d30e6dbc6667ec393d8883abfd8c9b5228c3793268e2ab83a6c
df61425dc2d2fedd4b5652b415de95a0b838cd60bff33ae409a14cfa561f40d8
e153a3c24596ce1c3a648fc1831e87dcb42b4b97ada90f7e38872d73c9bad405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5a418433ed8bbc4e59e2e83af6eab77d00b658dd4e95e36bdd643a7be5da2
ea9b92f40051abd08706a6df8d5a7d63dc9f21f1c7852e9811dbf8467b19ece1
ec4f10e7056305a1993042243011323c2a15ff3e14d5bb1cbf1ed32205e168de
eedb0e54fe21f940efaa5028bf0eb492e4279ae4683065cc8f9d296f9c3b30e8
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
efd25e6deb6dc5aaaaa94c51635f024595a657f0d6b9ca0043cf6a96d1d44789
f01d4600135db93d4a9bc3b5432f24a20a7759ef3d23d91004f305cd6e2fc514
f4b5a2eb975b4a6f242171503922937b269be175d42d50cf0e7283b097765c63
f6aa682e1196bbeec9fa1ce5d4d9023599b7ca3eeaf971fcc6572b00f14d1120
f867aa67e3ca2f1bec98e59d10c26cbf58b28b995c83991b974ca96d11475614