Report - m00aos.z1.web.core.windows.net/

Report Overview

Visited public
2023-08-10 09:27:15
Tags
URL
m00aos.z1.web.core.windows.net/
Finishing URL
m00aos.z1.web.core.windows.net/
IP / ASN
20.150.30.65
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Sharepoint

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
m00aos.z1.web.core.windows.net	unknown	unknown	No data	No data	942 B	1.1 MB	20.150.30.65
www.w3schools.com	17487	2000-03-21	2014-02-05 21:15:46	2023-08-09 14:52:52	437 B	5.8 kB	192.229.133.221
logincdn.msauth.net	2330	2018-10-25	2019-04-23 03:13:28	2023-08-09 13:45:15	1.0 kB	2.2 kB	192.229.221.185

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-08-09	medium	m00aos.z1.web.core.windows.net/	Office365
2023-08-09	medium	m00aos.z1.web.core.windows.net/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	m00aos.z1.web.core.windows.net/	ScriptElement	1.1 MB	2023-08-10	2024-08-21
Pretty URL m00aos.z1.web.core.windows.net/ IP 20.150.30.65 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-10 11:27 Last Seen2024-08-21 09:36 Times Seen2 Hash b90982250e18bb6c5ddf4c50dfe2eeff 6704b69c64cb546678c0efb715034d2837fb4314 ba9fbd75470e980960abe1b29a1d8bbf817e25bba9174e094b7880cbca4443fa Loading...

HTTP Transactions (5)

URL IP Response Size

m00aos.z1.web.core.windows.net/

20.150.30.65

200 OK

1.1 MB

URL User Request GET HTTP/1.1
m00aos.z1.web.core.windows.net/
IP
20.150.30.65:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint7F:59:13:00:29:A3:6E:5E:B3:38:B2:01:2B:83:28:92:B5:2E:67:F4
ValidityWed, 24 May 2023 22:15:26 GMT - Sat, 18 May 2024 22:15:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64493), with CRLF line terminators
Size
1.1 MB (1113672 bytes)
Hash
b5ee3d564f4c0183827b375e3ad8879a
f69cb9a66e89a8f55a5908cc174fe571dd5c2df6
182cdb5a6659bb536d695ee98e7ad1f8695408cce9d7beec8df2413171f87127

Detections

Analyzer	Verdict	Alert
openphish	phishing	Office365

HTTP Headers

GET / HTTP/1.1
Host: m00aos.z1.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1113672
Content-Type: text/html
Content-MD5: te49Vk9MAYOCezdeOtiHmg==
Last-Modified: Tue, 08 Aug 2023 15:57:26 GMT
Accept-Ranges: bytes
ETag: "0x8DB982829AC13B7"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 80e96440-801e-008c-5e6c-cbc964000000
x-ms-version: 2018-03-28
Date: Thu, 10 Aug 2023 09:26:57 GMT

www.w3schools.com/w3css/4/w3.css

192.229.133.221

200 OK

5.3 kB

URL GET HTTP/2
www.w3schools.com/w3css/4/w3.css
IP
192.229.133.221:443
ASN
#15133 EDGECAST

Requested by
https://m00aos.z1.web.core.windows.net/
Certificate
IssuerDigiCert Inc
Subject*.w3schools.com
FingerprintC1:D8:A1:39:6A:5E:03:D0:6B:53:1B:C0:E7:E0:84:EB:D2:44:AE:A2
ValiditySun, 05 Mar 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
5.3 kB (5250 bytes)
Hash
ba0537e9574725096af97c27d7e54f76
bd46b47d74d344f435b5805114559d45979762d5
4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f

HTTP Headers

GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m00aos.z1.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 10834
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 10 Aug 2023 09:26:59 GMT
etag: "0eecbde4ccbd91:0"
last-modified: Thu, 10 Aug 2023 05:38:20 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5250
X-Firefox-Spdy: h2

logincdn.msauth.net/shared/1.0/content/images/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg

192.229.221.185

200 OK

606 B

URL GET HTTP/2
logincdn.msauth.net/shared/1.0/content/images/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
IP
192.229.221.185:443
ASN
#15133 EDGECAST

Requested by
https://m00aos.z1.web.core.windows.net/
Certificate
IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
FingerprintEE:40:2D:5A:6D:D7:45:A2:7B:73:AC:5A:A3:0A:9C:D7:D5:BB:5A:E4
ValidityTue, 23 Aug 2022 22:36:46 GMT - Fri, 18 Aug 2023 22:36:46 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1555), with no line terminators
Size
606 B (606 bytes)
Hash
bcb4d1dc4eae64f0b2b2538209d8435a
4f10568bc1b70bc98d5297b85812c33b3e636766
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

HTTP Headers

GET /shared/1.0/content/images/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m00aos.z1.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 6159093
cache-control: public, max-age=31536000
content-md5: 6dTbAT1RVL9d6geobv3IJg==
content-type: image/svg+xml
date: Thu, 10 Aug 2023 09:26:59 GMT
etag: 0x8D79ED29BA5E089
last-modified: Wed, 22 Jan 2020 00:32:48 GMT
server: ECAcc (ska/F738)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5790df27-301e-0056-0968-937bce000000
x-ms-version: 2009-09-19
content-length: 606
X-Firefox-Spdy: h2

logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg

192.229.221.185

200 OK

276 B

URL GET HTTP/2
logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
IP
192.229.221.185:443
ASN
#15133 EDGECAST

Requested by
https://m00aos.z1.web.core.windows.net/
Certificate
IssuerMicrosoft Corporation
Subjectidentitycdn.msauth.net
FingerprintEE:40:2D:5A:6D:D7:45:A2:7B:73:AC:5A:A3:0A:9C:D7:D5:BB:5A:E4
ValidityTue, 23 Aug 2022 22:36:46 GMT - Fri, 18 Aug 2023 22:36:46 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (513), with no line terminators
Size
276 B (276 bytes)
Hash
a9cc2824ef3517b6c4160dcf8ff7d410
8db9aebad84ca6e4225bfdd2458ff3821cc4f064
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

HTTP Headers

GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m00aos.z1.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 4345061
cache-control: public, max-age=31536000
content-md5: TjUQkZ0p0Y7rbj6LJofS9Q==
content-type: image/svg+xml
date: Thu, 10 Aug 2023 09:26:59 GMT
etag: 0x8D79ED2994A7074
last-modified: Wed, 22 Jan 2020 00:32:44 GMT
server: ECAcc (ska/F7A3)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e8748c66-a01e-007e-0fe8-a322b0000000
x-ms-version: 2009-09-19
content-length: 276
X-Firefox-Spdy: h2

m00aos.z1.web.core.windows.net/favicon.ico

20.150.30.65

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
m00aos.z1.web.core.windows.net/favicon.ico
IP
20.150.30.65:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://m00aos.z1.web.core.windows.net/
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint7F:59:13:00:29:A3:6E:5E:B3:38:B2:01:2B:83:28:92:B5:2E:67:F4
ValidityWed, 24 May 2023 22:15:26 GMT - Sat, 18 May 2024 22:15:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
dbfab69d3016dd1525d705965fe4c3f7
93d8794be07cff6278f2a4a6916321a77eca2389
d08150fcc844f55888959d9e66d6012c91586e6708aae0ba81b4a8bfad70bceb

Detections

Analyzer	Verdict	Alert
openphish	phishing	Office365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: m00aos.z1.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m00aos.z1.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 80e9655a-801e-008c-4b6c-cbc964000000
x-ms-version: 2018-03-28
Date: Thu, 10 Aug 2023 09:26:59 GMT

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers