Report - outlok.office-on-the.net/com/com/

Report Overview

Visited public
2025-04-21 11:01:00
Tags
microsoft phishing
URL
outlok.office-on-the.net/com/com/
Finishing URL
outlok.office-on-the.net/com/com/
IP / ASN
54.89.220.219
#14618 AMAZON-AES
Title
Sign in to your account
Phishing - Microsoft

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2025-04-17	3.6 kB	684 kB	13.107.246.53
outlok.office-on-the.net	unknown	2005-07-11	2025-04-21	2025-04-21	948 B	45 kB	54.89.220.219

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-04-20	medium	outlok.office-on-the.net/com/com/	Outlook

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js	ScriptElement	110 kB	2023-03-12	2025-05-23
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js IP 13.107.246.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:51 Last Seen2025-05-23 05:21 Times Seen66 Hash 19fc5310fdb9795f5569eb904a86447a df36f79089d87f9a1f757e76e14e0fb10f85783d 0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe Loading...

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js	ScriptElement	48 kB	2023-06-22	2025-05-23
Pretty URL aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js IP 13.107.246.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-22 02:21 Last Seen2025-05-23 05:21 Times Seen66 Hash 37595932ae3df4d5dff9766cc31003c6 4e691f33ebc6ef5a24bbc83b527d616e622f741d 44baad03f4a45f96a002deb4f911b31d8b754956d4cae17a6ebfc2701efe03e7 Loading...

	aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js	ScriptElement	403 kB	2023-03-12	2025-05-23
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js IP 13.107.246.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:51 Last Seen2025-05-23 05:21 Times Seen66 Hash 367157e12f17eaf6fe3a01a70fcd9634 77f4e1c8c9b300e7952815a0e053970165011712 c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490 Loading...

	outlok.office-on-the.net/com/com/	ScriptElement	537 B	2023-09-12	2025-05-10
Pretty URL outlok.office-on-the.net/com/com/ IP 54.89.220.219 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-12 01:53 Last Seen2025-05-10 20:35 Times Seen59 Hash 04f6c322b41421d42c9c79793ab42209 541620cd965558763311d985a2cc98fdaf9aa472 85bcaa0b718a52829a617a6e314c1784f889c9fc7e0af9c2985ca2f8947eb637 Loading...

HTTP Transactions (9)

URL IP Response Size

aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

13.107.246.53

200 OK

1.9 kB

URL GET
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1864 bytes)
Hash
bc3d32a696895f78c19df6c717586a5d
9191cb156a30a3ed79c44c0a16c95159e8ff689d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:40 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
x-ms-request-id: 5bece38f-d01e-0044-586c-af76c4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110040Z-16cdb7448bf8g7w8hC1SVGtd1w0000000p90000000005mgt
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
x-cache-info: L1_T2
accept-ranges: bytes
X-Firefox-Spdy: h2

outlok.office-on-the.net/com/com/favicon.ico

54.89.220.219

200 OK

17 kB

URL GET
outlok.office-on-the.net/com/com/favicon.ico
IP
54.89.220.219:443
ASN
#14618 AMAZON-AES

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerLet's Encrypt
Subjectoutlok.office-on-the.net
Fingerprint08:D4:7F:33:9C:E1:47:AA:C2:D7:06:9D:CF:E3:4E:48:81:3B:5E:D4
ValidityTue, 08 Apr 2025 12:04:03 GMT - Mon, 07 Jul 2025 12:04:02 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /com/com/favicon.ico HTTP/1.1
Host: outlok.office-on-the.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/com/com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 21 Apr 2025 11:00:40 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2024 05:52:26 GMT
Accept-Ranges: bytes
Content-Length: 17174
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon

aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

13.107.246.53

200 OK

111 kB

URL GET
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
ASCII text, with very long lines (61177)
Size
111 kB (110586 bytes)
Hash
f0e5964f8bbedf73d2d3001623bb663b
aadf3504d5e5a93e678487eeb4a63398f2699341
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlok.office-on-the.net
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:39 GMT
content-type: text/css
content-length: 19970
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
x-ms-request-id: ecf3e9ed-901e-0069-3f0f-b2fa1a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110039Z-16cdb7448bfwwksfhC1SVGh4c80000000gw0000000008207
x-fd-int-roxy-purgeid: 0
x-cache-info: L2_T2
x-cache: TCP_REMOTE_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js

13.107.246.53

200 OK

403 kB

URL GET
aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (64616)
Size
403 kB (402757 bytes)
Hash
367157e12f17eaf6fe3a01a70fcd9634
77f4e1c8c9b300e7952815a0e053970165011712
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490

HTTP Headers

GET /shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlok.office-on-the.net
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:39 GMT
content-type: application/x-javascript
content-length: 112847
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 22:42:00 GMT
etag: 0x8DADFB6BF0B914F
x-ms-request-id: 004ae4ad-801e-0065-29c0-b16d12000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110039Z-16cdb7448bfwwksfhC1SVGh4c80000000gw0000000008208
x-fd-int-roxy-purgeid: 0
x-cache-info: L2_T2
x-cache: TCP_REMOTE_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js

13.107.246.53

200 OK

48 kB

URL GET
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (31996)
Size
48 kB (47722 bytes)
Hash
37595932ae3df4d5dff9766cc31003c6
4e691f33ebc6ef5a24bbc83b527d616e622f741d
44baad03f4a45f96a002deb4f911b31d8b754956d4cae17a6ebfc2701efe03e7

HTTP Headers

GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlok.office-on-the.net
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:39 GMT
content-type: application/x-javascript
content-length: 13882
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Sat, 17 Dec 2022 08:38:03 GMT
etag: 0x8DAE00A033630F3
x-ms-request-id: d038e6f7-e01e-003d-062a-af8ae0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110039Z-16cdb7448bfwwksfhC1SVGh4c80000000gw0000000008209
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js

13.107.246.53

200 OK

110 kB

URL GET
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32960)
Size
110 kB (109863 bytes)
Hash
19fc5310fdb9795f5569eb904a86447a
df36f79089d87f9a1f757e76e14e0fb10f85783d
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe

HTTP Headers

GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:40 GMT
content-type: application/x-javascript
content-length: 32186
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 05:02:34 GMT
etag: 0x8DAD81040AAC077
x-ms-request-id: de31da36-e01e-0060-75ac-b28064000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110039Z-16cdb7448bf8g7w8hC1SVGtd1w0000000p90000000005meh
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

13.107.246.53

200 OK

3.7 kB

URL GET
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3651 bytes)
Hash
ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:39 GMT
content-type: image/svg+xml
content-length: 1435
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373CB2849
x-ms-request-id: a315c49e-c01e-0039-20a5-b2384a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110039Z-16cdb7448bf8g7w8hC1SVGtd1w0000000p90000000005mek
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
x-cache-info: L1_T2
accept-ranges: bytes
X-Firefox-Spdy: h2

outlok.office-on-the.net/com/com/

54.89.220.219

200 OK

27 kB

URL User Request GET
outlok.office-on-the.net/com/com/
IP
54.89.220.219:443
ASN
#14618 AMAZON-AES

Certificate
IssuerLet's Encrypt
Subjectoutlok.office-on-the.net
Fingerprint08:D4:7F:33:9C:E1:47:AA:C2:D7:06:9D:CF:E3:4E:48:81:3B:5E:D4
ValidityTue, 08 Apr 2025 12:04:03 GMT - Mon, 07 Jul 2025 12:04:02 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (526), with CRLF line terminators
Size
27 kB (27362 bytes)
Hash
3386e6b9c0877d98dfa88d336cb9eb60
daf7229c69d27083b4543af0bf94f75d91c7680c
251cb9ba9e0192eb2ed622d9b1a7a949e41631c9183b14def1e745043cf2f2ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
OpenPhish	phishing	Outlook

HTTP Headers

GET /com/com/ HTTP/1.1
Host: outlok.office-on-the.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 21 Apr 2025 11:00:39 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2024 05:52:26 GMT
Accept-Ranges: bytes
Content-Length: 27362
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

13.107.246.53

200 OK

1.6 kB

URL GET
aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://outlok.office-on-the.net/com/com/
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1592 bytes)
Hash
4e48046ce74f4b89d45037c90576bfac
4a41b3b51ed787f7b33294202da72220c7cd2c32
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

HTTP Headers

GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlok.office-on-the.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Apr 2025 11:00:39 GMT
content-type: image/svg+xml
content-length: 621
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
x-ms-request-id: 59bd4a45-d01e-000a-3d32-b167e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250421T110039Z-16cdb7448bf8g7w8hC1SVGtd1w0000000p90000000005mem
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
x-cache-info: L1_T2
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP