urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net Open in urlscan Pro
3.7.26.82  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://manage.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Effective URL: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjiv...
Submission: On January 31 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 3.7.26.82, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on January 31st 2023. Valid for: a year.
This is the only time login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 9 3.7.26.82 16509 (AMAZON-02)
3 65.0.112.2 16509 (AMAZON-02)
1 13.127.252.30 ()
14 4
Domain Requested by
5 aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net
3 intune.microsoft.com.office.ujjivanrp.usfb.myshn.net intune.microsoft.com.office.ujjivanrp.usfb.myshn.net
2 login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net intune.microsoft.com.office.ujjivanrp.usfb.myshn.net
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
1 portal.azure.com.office.ujjivanrp.usfb.myshn.net aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net
1 login.live.com.office.ujjivanrp.usfb.myshn.net login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
1 manage.microsoft.com.office.ujjivanrp.usfb.myshn.net 1 redirects
14 6

This site contains no links.

Subject Issuer Validity Valid
office.ujjivanrp.usfb.myshn.net
GlobalSign RSA OV SSL CA 2018		 2023-01-31 -
2024-03-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true
Frame ID: 554595C4A69F35451DC5F540C87DBA3A
Requests: 13 HTTP requests in this frame

Frame: https://portal.azure.com.office.ujjivanrp.usfb.myshn.net/cobrand/
Frame ID: 86A25722C397BE27DE8B082179BFACE9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Microsoft Azure

Page URL History Show full URLs

  1. https://manage.microsoft.com.office.ujjivanrp.usfb.myshn.net/ HTTP 302
    https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/ Page URL
  2. https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.micros... Page URL
  3. https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.micros... Page URL

Page Statistics

14
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

6
Subdomains

4
IPs

1
Countries

336 kB
Transfer

983 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://manage.microsoft.com.office.ujjivanrp.usfb.myshn.net/ HTTP 302
    https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/ Page URL
  2. https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0 Page URL
  3. https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://manage.microsoft.com.office.ujjivanrp.usfb.myshn.net/ HTTP 302
  • https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Redirect Chain
  • https://manage.microsoft.com.office.ujjivanrp.usfb.myshn.net/
  • https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
40 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.0.112.2 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-65-0-112-2.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6c2d64fa1f6851da17fde9943a498d5204b6e745c64583e783d9571afcd37336
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
16191
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Jan 2023 07:02:23 GMT
ETag
"67cLqCwEsCWA"
Expires
-1
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
X-Azure-Ref
0/7zYYwAAAACd0xwv22vhQrxX64DauiO/Qk9NMDJFREdFMDkxNQAzNWI2MzYwYi1iNjFiLTRjNzYtYmY3ZC1mNTgzZjg4NDE5Zjk=
X-Cache
CONFIG_NOCACHE
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-content-type-options
nosniff
x-ms-content-source
DiskPersistentContentCache
x-ms-version
11.48.4.1 (v11.48.0.1#4bc178f448.230128-0616) Signed

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Tue, 31 Jan 2023 07:02:22 GMT
Expires
-1
Location
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
/
intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/signin/idpRedirect.js/ 		25 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/signin/idpRedirect.js/?sessionId=54ed461defc84221999291b75f2a080f&feature.settingsportalinstance=devicemanagement&feature.showservicehealthalerts=false&feature.internalgraphapiversion=true&feature.globalresourcefilter=true&feature.testcrosscloudpuid=true&idpc=0
Requested by
Host: intune.microsoft.com.office.ujjivanrp.usfb.myshn.net
URL: https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.0.112.2 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-65-0-112-2.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
597efbb0332f5f71d70c94556c3f251f54d7366c32e5dd0358ed320d0312994f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 07:02:23 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cache
CONFIG_NOCACHE
Connection
keep-alive
Content-Length
10296
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
nginx
Vary
Accept-Encoding
X-Azure-Ref
0/7zYYwAAAAAJp/Gb6p0ORKlNpCpsdZdDQk9NMDJFREdFMDkxNQAzNWI2MzYwYi1iNjFiLTRjNzYtYmY3ZC1mNTgzZjg4NDE5Zjk=
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, max-age=0
x-ms-version
11.48.4.1 (v11.48.0.1#4bc178f448.230128-0616) Signed
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-Robots-Tag
none
/
intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/ 		56 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/?bundlingKind=DefaultPartitioner&configHash=JDH2OhQtkqSo&env=intune&l=en.en-us&pageVersion=11.48.4.111.48.0.14178448.230128-0616
Requested by
Host: intune.microsoft.com.office.ujjivanrp.usfb.myshn.net
URL: https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.0.112.2 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-65-0-112-2.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 07:02:23 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
Content-Security-Policy
frame-ancestors 'self'
X-Azure-Ref-OriginShield
0/7zYYwAAAAAoTPPu/x3mTKeiMCY0SlUhTUFBMjAxMDYwNTE3MDM1ADM1YjYzNjBiLWI2MWItNGM3Ni1iZjdkLWY1ODNmODg0MTlmOQ==
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cache
TCP_REMOTE_HIT
Connection
keep-alive
Content-Length
18004
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Fri, 01 Jul 2022 00:00:00 GMT
Server
nginx
ETag
"RS_GuW29z_2W"
Vary
Accept-Encoding
X-Azure-Ref
0/7zYYwAAAADvGk2k5e6XQo8hR6ABdecKQk9NMDJFREdFMDkxNQAzNWI2MzYwYi1iNjFiLTRjNzYtYmY3ZC1mNTgzZjg4NDE5Zjk=
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, immutable, stale-while-revalidate=31104000, max-age=31104000
x-ms-version
10.227.0.1 (production#669ed02851.221205-2257) Signed
X-Frame-Options
SAMEORIGIN
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
Timing-Allow-Origin
*
x-ms-content-source
AzureDocumentsBackedContentCacheV2
X-Robots-Tag
none
Expires
Mon, 01 Jan 2024 00:00:00 GMT
authorize
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/ 		152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0
Requested by
Host: intune.microsoft.com.office.ujjivanrp.usfb.myshn.net
URL: https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/signin/idpRedirect.js/?sessionId=54ed461defc84221999291b75f2a080f&feature.settingsportalinstance=devicemanagement&feature.showservicehealthalerts=false&feature.internalgraphapiversion=true&feature.globalresourcefilter=true&feature.testcrosscloudpuid=true&idpc=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b5132f2a8a6ae084032741b95deec650ce91a71bea16e77c9d20e2da76f047d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
55556
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Jan 2023 07:02:24 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+pnq"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14357.8 - KRC ProdSlices
x-ms-request-id
a84d2128-a3d5-45ba-80ef-5db0f129ca00
Primary Request authorize
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/ 		206 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true
Requested by
Host: login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
URL: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
223cf65813e8c5eb1eb36d431ec94f243a3cb442bad827e079d5ac688586990e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
51593
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Jan 2023 07:02:25 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+pnq"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14526.6 - KRC ProdSlices
x-ms-request-id
a88b9932-4b16-4285-bcbe-923ecd4b6f00
Me.htm
login.live.com.office.ujjivanrp.usfb.myshn.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com.office.ujjivanrp.usfb.myshn.net/Me.htm?v=3
Requested by
Host: login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
URL: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/ 		393 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Requested by
Host: login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
URL: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3b625584ab5bf4af98814aef62bae8d4573492dc679944c4e3a098da02a6992

Request headers

Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
Origin
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 31 Jan 2023 07:02:26 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0VKDYYwAAAAD6zcoeTFghT5x0E2Ie7yfkTUFBMjAxMDYwNTE4MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
2lcEQ5vglpXqxT8YZRDC3A==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
112876
x-ms-lease-status
unlocked
Last-Modified
Fri, 16 Dec 2022 22:42:00 GMT
Server
nginx
ETag
0x8DADFB6BF0B914F
X-Azure-Ref
0mLfYYwAAAABD1IZkM+CVQZp47PKRYYPMQk9NMDJFREdFMDkwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
2bf215d7-901e-0096-207d-2f2a08000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-Robots-Tag
none
convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
Requested by
Host: aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net
URL: https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 31 Jan 2023 07:02:27 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0nxzYYwAAAADdyD9w9mjcTp5XsgObA5IBTUFBMjAxMDYwNTE4MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
e/EZAgcGdIaZjab5+bzwzw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
32186
x-ms-lease-status
unlocked
Last-Modified
Wed, 07 Dec 2022 05:02:34 GMT
Server
nginx
ETag
0x8DAD81040AAC077
X-Azure-Ref
0G7rYYwAAAAAKnAO+BP9bTpP57KVyYPDDQk9NMDJFREdFMDkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
1d00a83e-701e-0058-3b82-300c51000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-Robots-Tag
none
/
portal.azure.com.office.ujjivanrp.usfb.myshn.net/cobrand/ Frame 86A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.azure.com.office.ujjivanrp.usfb.myshn.net/cobrand/
Requested by
Host: aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net
URL: https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.127.252.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=86400, max-age=82287
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8142
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Jan 2023 07:02:27 GMT
Expires
Thu, 02 Feb 2023 00:00:00 GMT
Last-Modified
Mon, 30 Jan 2023 00:00:00 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Azure-Ref
0A73YYwAAAAANOQjTNXWVQYAqkTW56z+lQk9NMDJFREdFMDkxMAAzNWI2MzYwYi1iNjFiLTRjNzYtYmY3ZC1mNTgzZjg4NDE5Zjk=
X-Cache
CONFIG_NOCACHE
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://eafc.nelreports.net/api/report?cat=aportal"}]}
x-content-type-options
nosniff
x-ms-version
11.48.4.1 (v11.48.0.1#4bc178f448.230128-0616) Signed
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/ests/2.1/content/cdnbundles/ 		0
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
URL: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 31 Jan 2023 07:02:27 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0GFzYYwAAAAApdiVSTW19QJpFRGnRed9rTUFBMjAxMDYwNTE4MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
9K2/nGCj75WAmmAI9nZNCA==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
19970
x-ms-lease-status
unlocked
Last-Modified
Thu, 04 Aug 2022 19:37:00 GMT
Server
nginx
ETag
0x8DA7650B37ACC3D
X-Azure-Ref
0/7bYYwAAAAAlfQXA0w1tTKgdMu9TmeS2Qk9NMDJFREdFMDkxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
ada96e24-401e-0093-7b80-2fad02000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-Robots-Tag
none
ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js
Requested by
Host: login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net
URL: https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/organizations/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2Fintune.microsoft.com.office.ujjivanrp.usfb.myshn.net%2Fsignin%2Findex%2F&response_type=code%20id_token&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2Fuser_impersonation%20openid%20email%20profile&state=OpenIdConnect.AuthenticationProperties%3DzqP38th4_gmt9gSyXjJAD6EK2ilWcUTV-x9noIQ-OymXLeaOGiJeDhugoiOHkTdgEZRBxS9pYm94DtcXglA7q0j1y7uoU1Q03IoNVsvpN_vwla_cxw5RAJYAJeiAAdECS6loyf0nVmAFg0SjBJWBhMJn20k0E9Ju-6mG7sU0hdo5pUhYgpawq-5rdKpqt71hwIV1CQYrTFlz2senF7foDHJukXD-nMSlRsbiams5jHmx57iBvP-82c6HNzdJdZmlR4Kxly-6mKfDCTjx28ixH2GY99MxuELzjswzgR0xr2YVOCXUztX5HW1STsijM6h57LIoY97k3rQnjOfe4gFi8X-otbfBKv95gqTngn4kNU8S1una8KYlcKvLLPQ3tay-QRLAGey2e8FBiOj9i6rSxQ&response_mode=form_post&nonce=638107453436255302.NzMzODBjOWEtN2IxOC00NDdkLTlhYzYtOWVmMmIzMTc4NTJkNzI3ZGQ0Y2EtYjY5Mi00N2U5LThjNzEtZmRmMTM2ZDBlYTJh&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&site_id=501430&client-request-id=f8563609-f532-49dd-816e-4d5a6d1ccb50&x-client-SKU=ID_NET472&x-client-ver=6.22.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 31 Jan 2023 07:02:27 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0AZXYYwAAAADhqfPGSkdNRLyCmRpTYlIJTUFBMjAxMDYwNTE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
tqbkP+PhqXwMAMOVpaJEcg==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
13882
x-ms-lease-status
unlocked
Last-Modified
Sat, 17 Dec 2022 08:38:03 GMT
Server
nginx
ETag
0x8DAE00A033630F3
X-Azure-Ref
0V7vYYwAAAAB9K3/FID8URr36eHHAMRE+Qk9NMDJFREdFMDgxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
6d531f17-d01e-0006-0a1d-35cd7f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-Robots-Tag
none
17_37e4ecbf38b26bf96a8e1265dd15375b.png
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/images/applogos/ 		0
0
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.7.26.82 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-26-82.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 31 Jan 2023 07:02:28 GMT
Content-Encoding
gzip
X-Azure-Ref-OriginShield
0x9/JYwAAAAAm4YkBihPZSqA12NQe1g1sTUFBMjAxMDYwNTE4MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
X-Cache
TCP_HIT
Connection
keep-alive
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
Server
nginx
ETag
0x8D79B8373CB2849
X-Azure-Ref
0BL3YYwAAAADBpvPSoDZlS60CEGHjVfI5Qk9NMDJFREdFMDkyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
60ecd87a-a01e-0019-6b65-2cf442000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
X-SkyHigh-Version
BuildNumber=36, BuildDate=2023-01-11 07:37
X-Robots-Tag
none
convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/asyncchunk/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net
URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/images/applogos/17_37e4ecbf38b26bf96a8e1265dd15375b.png
Domain
aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net
URL
https://aadcdn.msauth.net.office.ujjivanrp.usfb.myshn.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __

13 Cookies

Domain/Path Name / Value
.intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/ Name: browserId
Value: f8563609-f532-49dd-816e-4d5a6d1ccb50
intune.microsoft.com.office.ujjivanrp.usfb.myshn.net/ Name: OpenIdConnect.nonce.VMMsoD1VPCZnwBrgdTpgqHNkhX4GL7vyPe495TY34LU%3D
Value: V2dZRzgyUjBsNVNZejlhZnZpei10TXFCcjRLaXJTdHNzT1dReEtXZzZTcFRrMVhmX2lEYU9hUzdpazEzQ0NvZkl3alF2QXNKSEVwRVlHYjNiaEhTS0xza3hlVkhMcHVhVDdMTzA1SWoxTkxvbU1tenV4ZFdsZm5FVFpVbkdlSG95S0xpM3pxYTh4T1ZPa3NsTDJiTmU1UHFmQkdwa3QzVFlkbGw1QjFMMFdSemFMYUNyRU0zTGNLeFAyZlo5MGhEM1VpNldwUzJQYlpQdi1nc0xUbUpaNzlla2MwcnVWY05ya2xPUi1xZ2RsS213c2hBWEdVMlNpcVF1ZHhLeHRTUzNMeHowWTZjNmcxUFh3QjBBVzU3RWc%3D
.office.ujjivanrp.usfb.myshn.net/ Name: SHN-VH-session
Value: 05c42208-d83d-47f8-8d63-fca876b77c5b|1675150343744
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: buid
Value: 0.AT0AMe_N-B6jSkuT5F9XHpElWoNAS8SwO8FJtH2XTlPL3zwBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr5et0E0hCT6pkPnbaxir-zowVgTyszZ7ZkbKtXHQVcIKpnBWph5WIUlKMoPZf-rG1jCTDefFO4JMsJM2tH8d7eJhsoiw9VePJat4nIqxYvecgAA
login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: fpc
Value: Aud2CTQXowtNiZgKbTqJjnY9igOXAQAAAAC0atsOAAAA
.login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevriXMEzN9sGtJZNQKWJmF8w8flHMGTzZusKeL39Jupt9L7Z8SfmJs-6aCzPNa4LR6sx5eIcZAdsD2DgdGTFa5CqVKMa_oapkl2a_qVDyX_2pfcrBbRSoczsVxoSYDtRrFjvQxTX4RspmUqiJPSES8_4O6e7aiqJ8R_w_kmnMkpUgogAA
.login.live.com.office.ujjivanrp.usfb.myshn.net/ Name: uaid
Value: 0b8ad9b2443f4f17a7603b73727ba455
.login.live.com.office.ujjivanrp.usfb.myshn.net/ Name: MSPRequ
Value: id=N&lt=1675148546&co=1
.login.microsoftonline.com.office.ujjivanrp.usfb.myshn.net/ Name: brcap
Value: 0

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://portal.azure.com.office.ujjivanrp.usfb.myshn.net/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block