login-microsoftonline-com.395033.xyz
Open in
urlscan Pro
46.21.153.236
Public Scan
Submission: On August 16 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 15th 2022. Valid for: 3 months.
This is the only time login-microsoftonline-com.395033.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 5 | 46.21.153.236 46.21.153.236 | 29802 (HVC-AS) (HVC-AS) | |
3 | 1 |
ASN29802 (HVC-AS, US)
PTR: 236.153.21.46.static.swiftway.net
login-microsoftonline-com.395033.xyz | |
wwwofc.395033.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
395033.xyz
2 redirects
login-microsoftonline-com.395033.xyz wwwofc.395033.xyz |
24 KB |
3 | 1 |
Domain | Requested by | |
---|---|---|
4 | login-microsoftonline-com.395033.xyz |
1 redirects
login-microsoftonline-com.395033.xyz
|
1 | wwwofc.395033.xyz | 1 redirects |
3 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
395033.xyz R3 |
2022-08-15 - 2022-11-13 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://login-microsoftonline-com.395033.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.395033.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.395033.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637962084418736609.ZTAyMTJkMjMtNGQ4Mi00MmNkLWEwMWItZjE2ZmIxZGFlYTJmOWYzOWZlYjgtN2EyMi00NjAwLTllNmMtMWNkZmJiNjA1Yjky&ui_locales=de-DE&mkt=de-DE&state=LE5jgymFn6IfQfNg-P040UCcHKTEUJ2JAH4YU7p4jS4uJeLptW9HPMjzI80tp21Xi4AUydYU805D1jsQisbUVQesh0aD5qcxkEm010htQwPENi1Xvv9xtfM5a2E1y8gt7OcogOrYBzWw81sRMcyFoqPvVqeza0_1w3p6oy69CfpV_P1CTpZu_vbgaUwUSiH1zJ42LS-NJ4ForA6ZDKFgUKamLzUpw9IKQz3K1xShv5tefH3hq2nHqWzcsHlsZNyyIn-HxrL3jNOLkkY-Kv2BlQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Frame ID: C4639A72C0BDB7B136C52B39C6B85C57
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://login-microsoftonline-com.395033.xyz/ HTTP 302
- https://wwwofc.395033.xyz/login HTTP 302
- https://login-microsoftonline-com.395033.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.395033.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.395033.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637962084418736609.ZTAyMTJkMjMtNGQ4Mi00MmNkLWEwMWItZjE2ZmIxZGFlYTJmOWYzOWZlYjgtN2EyMi00NjAwLTllNmMtMWNkZmJiNjA1Yjky&ui_locales=de-DE&mkt=de-DE&state=LE5jgymFn6IfQfNg-P040UCcHKTEUJ2JAH4YU7p4jS4uJeLptW9HPMjzI80tp21Xi4AUydYU805D1jsQisbUVQesh0aD5qcxkEm010htQwPENi1Xvv9xtfM5a2E1y8gt7OcogOrYBzWw81sRMcyFoqPvVqeza0_1w3p6oy69CfpV_P1CTpZu_vbgaUwUSiH1zJ42LS-NJ4ForA6ZDKFgUKamLzUpw9IKQz3K1xShv5tefH3hq2nHqWzcsHlsZNyyIn-HxrL3jNOLkkY-Kv2BlQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
login-microsoftonline-com.395033.xyz/ |
56 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
login-microsoftonline-com.395033.xyz/ |
183 B 347 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
login-microsoftonline-com.395033.xyz/common/oauth2/v2.0/ Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.395033.xyz/ | Name: __ptcj Value: YTkzYTk1NzEtOWQzNi00MGVkLWI2MzctMWI5NjJlYzVmYzFkOjFlNDM4YzI4LWVlMzQtNDU1YS1hODE5LTE1YjgxODMzNjliMg== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login-microsoftonline-com.395033.xyz
wwwofc.395033.xyz
46.21.153.236
07558e301f1d48880b565ac9cd7f909d034e644e368657db2b4176a137fe777a
cf6d0aded845249829a4022afb7c0643e8de29d6d771dff7d04900af1ca23d80