signature.exchbaadshah.com Open in urlscan Pro
195.189.96.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://signature.exchbaadshah.com/
Effective URL:
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On February 15 via manual (February 15th 2023, 5:22:59 pm UTC) from TR — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 195.189.96.53, located in Lithuania and belongs to CHERRYSERVERS2-AS, LT. The main domain is signature.exchbaadshah.com.
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.

This is the only time signature.exchbaadshah.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 9	195.189.96.53 195.189.96.53		59642 (CHERRYSER...) (CHERRYSERVERS2-AS)
10	2

9 195.189.96.53 (Lithuania) 2 redirects

ASN59642 (CHERRYSERVERS2-AS, LT)

signature.exchbaadshah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wwwofc.exchbaadshah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ll.exchbaadshah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fe9c20e7-1c746431.exchbaadshah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	exchbaadshah.com 2 redirects signature.exchbaadshah.com wwwofc.exchbaadshah.com ll.exchbaadshah.com fe9c20e7-1c746431.exchbaadshah.com	394 KB
10	1

	Domain	Requested by
5	signature.exchbaadshah.com	1 redirects signature.exchbaadshah.com
2	fe9c20e7-1c746431.exchbaadshah.com	signature.exchbaadshah.com fe9c20e7-1c746431.exchbaadshah.com
1	ll.exchbaadshah.com	signature.exchbaadshah.com
1	wwwofc.exchbaadshah.com	1 redirects
10	4

This site contains no links.

Subject Issuer	Validity	Valid
exchbaadshah.com R3	`2023-02-15` - `2023-05-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Frame ID: C9E843F145FC47A51CB147EB51E3CB2A
Requests: 9 HTTP requests in this frame

Frame: https://signature.exchbaadshah.com/
Frame ID: C756AD8E181C65346A5A97915A7A416E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://signature.exchbaadshah.com/ Page URL
https://signature.exchbaadshah.com/ HTTP 302
https://wwwofc.exchbaadshah.com/login HTTP 302
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

2
IPs

1
Countries

391 kB
Transfer

1385 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://signature.exchbaadshah.com/ Page URL
https://signature.exchbaadshah.com/ HTTP 302
https://wwwofc.exchbaadshah.com/login HTTP 302
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 Page URL
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://signature.exchbaadshah.com/ HTTP 302
https://wwwofc.exchbaadshah.com/login HTTP 302
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
signature.exchbaadshah.com/ 92 KB
38 KB 341ms
246ms Document
text/html 195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://signature.exchbaadshah.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),

Reverse DNS

Software

nginx /

Resource Hash

16a5ea7feb9d00087e6a4991ae6e165b62b7b456da1e489a8c4ae792f5a5a746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 17:22:53 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 / Show response
signature.exchbaadshah.com/ Frame C756 203 B
361 B 196ms
196ms Fetch
application/json 195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://signature.exchbaadshah.com/

Requested by

Host: signature.exchbaadshah.com
URL: https://signature.exchbaadshah.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),

Reverse DNS

Software

nginx /

Resource Hash

7beb564ebac4c4d15e34c6f31c1b947fd001e702a26de2d9e38e603124bc63fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 17:22:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2

200

authorize Show response
signature.exchbaadshah.com/common/oauth2/v2.0/
Redirect Chain

https://signature.exchbaadshah.com/
https://wwwofc.exchbaadshah.com/login
https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id...

330 KB
92 KB

516ms
515ms

Document
text/html

195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0

Requested by

Host: signature.exchbaadshah.com
URL: https://signature.exchbaadshah.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),

Reverse DNS

Software

nginx /

Resource Hash

7b5a96c5091157453b116ab62b92ef26bc5051d4ba76d8d22088658757546bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signature.exchbaadshah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 17:22:56 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://12874caa-1c746431.exchbaadshah.com/api/report?catId=GW+estsfd+ams1"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-clitelem: 1,50168,0,,
x-ms-ests-server: 2.1.14601.8 - WEULR2 ProdSlices
x-ms-request-id: 49037fd5-6069-4496-9db9-383578741300

Redirect headers

access-control-allow-headers: *
access-control-allow-origin: *
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 17:22:55 GMT
location: https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
referrer-policy: strict-origin-when-cross-origin
request-context: appId=
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: AC922CF2052F43E6B425D472654F0E54 Ref B: AMS231032606007 Ref C: 2023-02-15T17:22:55Z
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 Primary Request authorize Show response
signature.exchbaadshah.com/common/oauth2/v2.0/ 383 KB
90 KB 955ms
955ms Document
text/html 195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: signature.exchbaadshah.com
URL: https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),

Reverse DNS

Software

nginx /

Resource Hash

98eda255055dea99376a67751b803b89360743307abb4349e326ae618bdd6d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 17:22:57 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://12874caa-1c746431.exchbaadshah.com/api/report?catId=GW+estsfd+ams1"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-clitelem: 1,0,0,,
x-ms-ests-server: 2.1.14601.8 - WEULR1 ProdSlices
x-ms-request-id: 235c8fe5-6d9c-4e97-91df-fe16c3fb4000

GET
H2 200 Me.htm
ll.exchbaadshah.com/ 0
0 573ms
522ms Other
text/html 195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ll.exchbaadshah.com/Me.htm?v=3
Requested by: Host: signature.exchbaadshah.com
URL: https://signature.exchbaadshah.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.exchbaadshah.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.exchbaadshah.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638120785755413009.MzQ5NjNjYWMtOGIwMy00NTYwLWI0NDAtMjcyNjNlZjdmYTA5NWNmYzViZmQtYWM0YS00ZjNjLWIzNTItM2M4Y2FjMmM4ODYw&ui_locales=de-DE&mkt=de-DE&state=xeUrPv2yOZb6mZNOqmCqLTCiYD_RcZ4wxZfq6l5JOPzmkPPJHG704vPtsRt13Ik-o2tn02SZWvd_AMWsjh0cJmYDg4G_4ZnSVp-anu1Lag3qx7q5apJmTtxXvA8hFXwuHZJ3xZV8aa5maIZ_ihasYTLDv-lMMPmIJEBU8PD6AQFTLowQ0I3m6_XcsD2VyWdOevfrnwtCMcDIXzuyzBANdk5VZxmgrcaYJ4y6K8uQhFIzHXe6Iy1b8D4pSyziH2BWryt_FYUy45VwzFckM-S2Ng&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signature.exchbaadshah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js Show response
fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/ 394 KB
111 KB 881ms
795ms Script
application/x-javascript 195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),

Reverse DNS

Software

nginx /

Resource Hash

2b9ba515b3bc628a4ebacca4470a164bde28dfb9a1b43e5b5f134ef71665b928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signature.exchbaadshah.com/
Origin: https://signature.exchbaadshah.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 17:22:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 2774767
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Tue, 10 Jan 2023 18:52:44 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 61974ea0-e01e-0018-0c25-284682000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 oneDs_641b1cf809bdc17b42ab.js Show response
fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/ 186 KB
60 KB 518ms
517ms Script
application/x-javascript 195.189.96.53
CHERRYSERVERS2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js

Requested by

Host: fe9c20e7-1c746431.exchbaadshah.com
URL: https://fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.189.96.53 , Lithuania, ASN59642 (CHERRYSERVERS2-AS, LT),

Reverse DNS

Software

nginx /

Resource Hash

9d28a780bc31791eb10ab7317c3dd1894c721ab65fcf3a636b2ebeef0d664e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signature.exchbaadshah.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Feb 2023 17:22:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 9368134
x-cache: HIT
x-ms-lease-status: unlocked
last-modified: Thu, 27 Oct 2022 14:22:48 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dd9c60d2-101e-0063-132e-ecaf16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET convergedlogin_pcustomizationloader_f226dd7c4f08045ad544.js
fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/asyncchunk/ 0
0

GET converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
fe9c20e7-1c746431.exchbaadshah.com/ests/2.1/content/cdnbundles/ 0
0

GET ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
fe9c20e7-1c746431.exchbaadshah.com/ests/2.1/content/cdnbundles/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fe9c20e7-1c746431.exchbaadshah.com
URL: https://fe9c20e7-1c746431.exchbaadshah.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f226dd7c4f08045ad544.js

Domain: fe9c20e7-1c746431.exchbaadshah.com
URL: https://fe9c20e7-1c746431.exchbaadshah.com/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

Domain: fe9c20e7-1c746431.exchbaadshah.com
URL: https://fe9c20e7-1c746431.exchbaadshah.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.exchbaadshah.com/	1970-01-20 10:02:57	Name: 05Z9Yn Value: MWM3NDY0MzEtNTg1Zi00NTk5LWFiZDItODAwZWRkNWE2NGY3OmFmMzk5NGFmLTI1NDYtNDQwYS04MTcxLWJhMTJmNjQzYjViMA==
wwwofc.exchbaadshah.com/	1970-01-20 19:17:21	Name: OH.DCAffinity Value: OH-weu
wwwofc.exchbaadshah.com/	1970-01-20 19:17:21	Name: OH.FLID Value: 95958217-79b0-4b94-b648-485f7e8f40c9
wwwofc.exchbaadshah.com/	1970-01-20 19:17:21	Name: .AspNetCore.OpenIdConnect.Nonce.OxOEg6sDOQ7nwfhJbIDxx4nplLH5vAzn0tRoVeoPLMIyVWBGGDtlOyayMYPXQNVkr0b2DRCIy-3Y69o_wzZkyAveO6vUnR4QeyOxR5q2c8SrBHQeYQJoAZO_n7WKi8SXJzoWcQmnh4RbtJYkxYv3YgfBJM57gg6lclt7tZNnKtvh3FQ4R_RFQJk5tF6uhh-a1Cwj02p5-c_KGUnjnnXShxT4seHK9tmeZblDixfFgmYOWYMr6UVFXQez--OA60Ow Value: N
wwwofc.exchbaadshah.com/	1970-01-20 19:17:21	Name: .AspNetCore.Correlation.E604sdg8ILMfw7-smKtBlCm4y3V7c6qaMolWX_jD8tE Value: N
.exchbaadshah.com/	1970-01-20 19:17:21	Name: MUID Value: 1C849894B84465AE08118A2DB99C6487
.signature.exchbaadshah.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
signature.exchbaadshah.com/	1970-01-20 09:41:21	Name: SSOCOOKIEPULLED Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fe9c20e7-1c746431.exchbaadshah.com
ll.exchbaadshah.com
signature.exchbaadshah.com
wwwofc.exchbaadshah.com
fe9c20e7-1c746431.exchbaadshah.com
195.189.96.53
16a5ea7feb9d00087e6a4991ae6e165b62b7b456da1e489a8c4ae792f5a5a746
2b9ba515b3bc628a4ebacca4470a164bde28dfb9a1b43e5b5f134ef71665b928
7b5a96c5091157453b116ab62b92ef26bc5051d4ba76d8d22088658757546bc7
7beb564ebac4c4d15e34c6f31c1b947fd001e702a26de2d9e38e603124bc63fe
98eda255055dea99376a67751b803b89360743307abb4349e326ae618bdd6d6b
9d28a780bc31791eb10ab7317c3dd1894c721ab65fcf3a636b2ebeef0d664e75

signature.exchbaadshah.com Open in urlscan Pro 195.189.96.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

70 %HTTPS

0 %IPv6

1 Domains

4 Subdomains

2 IPs

1 Countries

391 kBTransfer

1385 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

signature.exchbaadshah.com Open in urlscan Pro
195.189.96.53 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

2
IPs

1
Countries

391 kB
Transfer

1385 kB
Size

8
Cookies

10 HTTP transactions
0 data transactions