signup.live.com.office.flagstarbancorp.myshn.net
Open in
urlscan Pro
52.52.9.238
Malicious Activity!
Public Scan
Effective URL: https://signup.live.com.office.flagstarbancorp.myshn.net/?lic=1
Submission: On September 03 via api from PH
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on January 16th 2020. Valid for: a year.
This is the only time signup.live.com.office.flagstarbancorp.myshn.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 26 | 52.52.9.238 52.52.9.238 | 16509 (AMAZON-02) (AMAZON-02) | |
23 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-9-238.us-west-1.compute.amazonaws.com
Domain | Requested by | |
---|---|---|
10 | acctcdn.msauth.net.office.flagstarbancorp.myshn.net |
signup.live.com.office.flagstarbancorp.myshn.net
|
10 | signup.live.com.office.flagstarbancorp.myshn.net |
2 redirects
signup.live.com.office.flagstarbancorp.myshn.net
|
3 | uhf.microsoft.com.office.flagstarbancorp.myshn.net |
signup.live.com.office.flagstarbancorp.myshn.net
|
1 | acctcdnmsftuswe2.azureedge.net.office.flagstarbancorp.myshn.net |
signup.live.com.office.flagstarbancorp.myshn.net
|
1 | acctcdn.msftauth.net.office.flagstarbancorp.myshn.net |
signup.live.com.office.flagstarbancorp.myshn.net
|
1 | login.live.com.office.flagstarbancorp.myshn.net | 1 redirects |
23 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com.office.flagstarbancorp.myshn.net |
login.live.com.office.flagstarbancorp.myshn.net |
www.microsoft.com.office.flagstarbancorp.myshn.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
office.flagstarbancorp.myshn.net GlobalSign RSA OV SSL CA 2018 |
2020-01-16 - 2021-01-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://signup.live.com.office.flagstarbancorp.myshn.net/?lic=1
Frame ID: D5FECC1D00A90A1BC104F796A8B614EE
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://signup.live.com.office.flagstarbancorp.myshn.net/
HTTP 302
https://signup.live.com.office.flagstarbancorp.myshn.net/ HTTP 302
https://login.live.com.office.flagstarbancorp.myshn.net/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1599138280&rver=7.3.6960.0&wp=... HTTP 302
https://signup.live.com.office.flagstarbancorp.myshn.net/?lic=1 Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title: Use another account
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://signup.live.com.office.flagstarbancorp.myshn.net/
HTTP 302
https://signup.live.com.office.flagstarbancorp.myshn.net/ HTTP 302
https://login.live.com.office.flagstarbancorp.myshn.net/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1599138280&rver=7.3.6960.0&wp=MBI_SSL&wreply=https%3A%2F%2Fsignup.live.com.office.flagstarbancorp.myshn.net%2F%3Flic%3D1&lc=1033&id=68692&mkt=en-US&uaid=0d62bc5a94c748a89bb61b46a3f5fa91 HTTP 302
https://signup.live.com.office.flagstarbancorp.myshn.net/?lic=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
signup.live.com.office.flagstarbancorp.myshn.net/ Redirect Chain
|
185 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
converged_ux_v2_Gx5TWhTYaJikwTHRJrsZug2.css
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
93 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
knockout_3.3.0_dEa3k0VBCPkhFZG_zjQkHw2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
78 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lwsignupstringscountrybirthdate_en-us_pVtahKS9WUIZdNqg1DDhHg2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lightweightsignuppackage_1Y8wPNKeEapTjnRyWvf8yg2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
180 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mscc-0.4.2.min.js
uhf.microsoft.com.office.flagstarbancorp.myshn.net/mscc/statics/ |
5 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mscc-0.4.2.min.css
uhf.microsoft.com.office.flagstarbancorp.myshn.net/mscc/statics/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lwsignupstringscountrybirthdate_en-us_pVtahKS9WUIZdNqg1DDhHg2.js
acctcdn.msftauth.net.office.flagstarbancorp.myshn.net/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datarequestpackage_dT3VZJ_4lD5UykUFoE8W2w2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_log
uhf.microsoft.com.office.flagstarbancorp.myshn.net/ |
0 367 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lwsignupstringscountrybirthdate_en-us_pVtahKS9WUIZdNqg1DDhHg2.js
acctcdnmsftuswe2.azureedge.net.office.flagstarbancorp.myshn.net/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watson_rjZS-jaNNRyqe9ESKNv5iw2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2_vD0yppaJX3jBnfbHF1hqXQ2.svg
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Watson
signup.live.com.office.flagstarbancorp.myshn.net/handlers/ |
67 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
signup.live.com.office.flagstarbancorp.myshn.net/Resources/images/ |
0 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
signup.live.com.office.flagstarbancorp.myshn.net/Resources/images/ |
0 18 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2_vD0yppaJX3jBnfbHF1hqXQ2.svg
signup.live.com.office.flagstarbancorp.myshn.net/Resources/images/ |
0 3 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datarequestpackage_dT3VZJ_4lD5UykUFoE8W2w2.js
acctcdn.msauth.net.office.flagstarbancorp.myshn.net/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
signup.live.com.office.flagstarbancorp.myshn.net/Resources/images/ |
4 KB 2 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
signup.live.com.office.flagstarbancorp.myshn.net/Resources/images/ |
17 KB 18 KB |
Fetch
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2_vD0yppaJX3jBnfbHF1hqXQ2.svg
signup.live.com.office.flagstarbancorp.myshn.net/Resources/images/ |
2 KB 3 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)83 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| $Debug object| $Do function| $Loader object| $WebWatson object| Debug function| $setVar function| registerNamespace object| wLive object| $ClientTelemetry object| $Api object| $PltHelper object| $PltTransferBucket function| $AccountEventApi object| $ClientEvents object| $DataRequest object| $B object| $Config object| $ReportEvent function| $ function| jQuery object| jQuery110202572784027273127 function| getId function| getKey function| defineNamespace function| defineClass function| defineSubClass function| appendFunction function| mix function| bind function| WizardExternalHelper object| ExternalHelper object| KnockoutExtensions object| ko function| Encrypt function| PackageSAData function| PackagePwdOnly function| PackagePinOnly function| PackageLoginIntData function| PackageSADataForProof function| PackageNewPwdOnly function| PackageNewAndOldPwd function| mapByteToBase64 function| base64Encode function| byteArrayToBase64 function| parseRSAKeyFromString function| RSAEncrypt function| RSAEncryptBlock function| JSMPnumber function| duplicateMP function| byteArrayToMP function| mpToByteArray function| modularExp function| modularMultiply function| multiplyMP function| normalizeJSMP function| removeLeadingZeroes function| divideMP function| multiplyAndSubtract function| applyPKCSv2Padding function| MGF function| XORarrays function| SHA1 function| wordToBytes function| PadSHA1Input function| SHA1RoundFunction function| rotateLeft function| hexStringToMP object| _d function| _ce function| _ge function| _get object| _dh object| $Utility object| $Beacon object| $Cookie object| $f object| mscc function| evt_master_onload string| Key string| randomNum string| SKI object| requests0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acctcdn.msauth.net.office.flagstarbancorp.myshn.net
acctcdn.msftauth.net.office.flagstarbancorp.myshn.net
acctcdnmsftuswe2.azureedge.net.office.flagstarbancorp.myshn.net
login.live.com.office.flagstarbancorp.myshn.net
signup.live.com.office.flagstarbancorp.myshn.net
uhf.microsoft.com.office.flagstarbancorp.myshn.net
52.52.9.238
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
3f3e8187a23a7b50d1ee0f80b0b38066ba19b7ecc0d259c371c9509136575bc3
472dfc48f395d19f14e31850671eb612b414debd07e92ac1b5acf287947b4ec9
480bc3c8ca5055e5a01a873ad15484078d114f348ed8986c27b8d31f4f03ff14
5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c
5cb315faaa70ba7f5381b0169607057449f06d4cb639c0f210a4ede0e0ea7fa2
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
ba4fa484aad7a2916c4245f071a7d521227026b6b6b52d1e9e317569d5cf0329
cac29a13e578b22061b8e54c317329b885b97b9ef0634bcb6d39af742049f182
cdcca5e9ead4e4f414eb6bfa75ab7c4d01fd73beb98e1e4d2d05e3088efe1bf8
d25704e8dceb95a38ba3db6c093a9c266763f628c36b2404f5b5a411945c652d
d8247e626369a2efdb7b81b3ae69f5ff5770436418d2b5dd036fbfdd49b5f962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855