urlscan.io logo urlscan.io
SecurityTrails logo

sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net Open in urlscan Pro
40.90.23.63  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Submission: On August 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 40.90.23.63, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 13th 2023. Valid for: a year.
This is the only time sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 40.90.23.63 8075 (MICROSOFT...)
8 2620:1ec:29:1... 8075 (MICROSOFT...)
9 2
Apex Domain
Subdomains		 Transfer
8 msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 4345
207 KB
1 trafficmanager.net
sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
12 KB
9 2
Domain Requested by
8 logincdn.msftauth.net sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
logincdn.msftauth.net
1 sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
9 2

This site contains links to these domains. Also see Links.

Domain
signup.live.com
Subject Issuer Validity Valid
login.live.com
DigiCert SHA2 Secure Server CA		 2023-08-13 -
2024-08-13		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 02		 2023-06-24 -
2024-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Frame ID: FF3175B47467F521472AB83379497698
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your Microsoft account

Page Statistics

9
Requests

89 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

219 kB
Transfer

766 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/ 		25 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.90.23.63 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4f55a9880c763a36aa2b061b8281d9f919223b4a76fe148e5d2c5e497d6c1337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-store
content-encoding
gzip
content-length
10803
content-type
text/html; charset=utf-8
date
Mon, 21 Aug 2023 08:38:51 GMT
expires
Mon, 21 Aug 2023 08:37:52 GMT
link
<https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
ppserver
PPV: 30 H: SJ1PPF4A5F4C827 V: 0
referrer-policy
strict-origin-when-cross-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
deny
x-ms-request-id
e9d4f397-0015-4ead-a9e5-3fdf580ae91a
x-ms-responsehealth
TargetId=SJ1PPF4A5F4C827 TargetId=SJ1PPF4A5F4C827
x-ms-route-info
C105_BAY
x-xss-protection
1; mode=block
Converged_v21033_4HqSCTf5FFStBMz0_eIqyA2.css
logincdn.msftauth.net/16.000/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/16.000/Converged_v21033_4HqSCTf5FFStBMz0_eIqyA2.css
Requested by
Host: sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
URL: https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56a7f73800764a1268a1dfd8fd890bb03b1e9861fcdb9342c753be94015e7c0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0z8fcZAAAAABJ12CPVs+vQY/jxPR423biRE0yQUExMDkxMjA3MDIzAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
ekL95Ay5olu2gCaosB9yiA==
x-cache
TCP_HIT
content-length
20161
x-ms-lease-status
unlocked
last-modified
Sun, 04 Jun 2023 05:09:20 GMT
etag
0x8DB64B9DA8A59D7
x-azure-ref
0nSLjZAAAAABmhS7aqyNlQoS7KfJztTvcQ0gxQUEyMDIwNjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ef402fe3-501e-000e-6689-ce956e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ConvergedLoginPaginatedStrings.en_kq2COALXhRIlLGrgSC4fyw2.js
logincdn.msftauth.net/16.000/content/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/16.000/content/js/ConvergedLoginPaginatedStrings.en_kq2COALXhRIlLGrgSC4fyw2.js
Requested by
Host: sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
URL: https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea4e6bf705bda992f9a8ec7dd149e789cc6e7c8fa1b97eb7498f6ce9e4504782

Request headers

Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Origin
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0Fc3eZAAAAABnLZHc4IvOQKxvZ3wmg833RE0yQUExMDkxMjA4MDQ3AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
txxoifD90g9wC67c0Y7ReQ==
x-cache
TCP_HIT
content-length
9423
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jun 2023 05:24:39 GMT
etag
0x8DB6C97A6F2D256
x-azure-ref
0nSLjZAAAAADGq5lLP739RpopP/+hMBNRQ0gxQUEyMDIwNjA2MDM1AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
18b3a23a-101e-004e-04ce-d0467f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ConvergedLogin_PCore_twThz3DcOYAKKPpqI2VyKA2.js
logincdn.msftauth.net/shared/1.0/content/js/ 		404 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_twThz3DcOYAKKPpqI2VyKA2.js
Requested by
Host: sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
URL: https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89302a2fd83e7c119c12ae2dc1b1bad1dd5ed75b133a8cdca87043543489e342

Request headers

Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
Origin
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0iiTeZAAAAAC+22vH6pKmRYPlUGq9sCtlRE0yQUExMDkxMjA3MDQ5AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
5hONED/c4cS+XNUtrBdu/Q==
x-cache
TCP_HIT
content-length
114770
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jun 2023 17:33:20 GMT
etag
0x8DB6C3448064605
x-azure-ref
0nSLjZAAAAADSUjMR17CJSLq0kFq27AJIQ0gxQUEyMDIwNjA2MDM1AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4665e193-401e-0053-3fc8-d02946000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
oneDs_f2e0f4a029670f10d892.js
logincdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: logincdn.msftauth.net
URL: https://logincdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_twThz3DcOYAKKPpqI2VyKA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0033cZAAAAACzEQZ7lM85SbdDbCOvd+56RE0yQUExMDkxMjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
wegr9xrdYirQ87+FcvY0/A==
x-cache
TCP_HIT
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:33:39 GMT
etag
0x8DB5D462D49A834
x-azure-ref
0nSLjZAAAAAC4aWKlPbquRIrFIBFnuc40Q0gxQUEyMDIwNjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2175b238-301e-0018-1094-cedf40000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
logincdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0prjcZAAAAABo5nJaIVrYTqvq8DE8VM5hRE0yQUExMDkxMjA4MDI3AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:22:46 GMT
etag
0x8DB5C40D14F1C27
x-azure-ref
0nSLjZAAAAAAbAXLtWGgNQ6XOCJPiVWA1Q0gxQUEyMDIwNjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a1d6beef-601e-0091-3192-cefb06000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
logincdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0Z2bcZAAAAABxgXQ3Ht37RI+4mXVVGmECRE0yQUExMDkxMjA4MDI3AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:22:50 GMT
etag
0x8DB5C40D3A66EC0
x-azure-ref
0nSLjZAAAAACBIt3KGd95Sqhp6Og+1yEdQ0gxQUEyMDIwNjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
47768b06-101e-001a-0168-ce8944000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
documentation_dae218aac2d25462ae286ceba8d80ce2.svg
logincdn.msftauth.net/shared/1.0/content/images/ 		2 KB
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/1.0/content/images/documentation_dae218aac2d25462ae286ceba8d80ce2.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:52 GMT
content-encoding
gzip
x-azure-ref-originshield
0vdXiZAAAAAA4HmarZJlZT4vZfcg+zxGHRE0yQUExMDkxMjA4MDMxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
6dTbAT1RVL9d6geobv3IJg==
x-cache
TCP_HIT
content-length
606
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:22:49 GMT
etag
0x8DB5C40D380253B
x-azure-ref
0nSLjZAAAAABYXdArs5oJQZruDY9w2hLxQ0gxQUEyMDIwNjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f5bf9ee2-301e-0060-0f34-d37551000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
logincdn.msftauth.net/shared/1.0/content/images/ 		2 KB
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 21 Aug 2023 08:38:53 GMT
content-encoding
gzip
x-azure-ref-originshield
0km3cZAAAAADvEN6iLeRMSaSBFyPeK3bERE0yQUExMDkxMjA3MDQ3AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:22:53 GMT
etag
0x8DB5C40D59FCA96
x-azure-ref
0nSLjZAAAAACxcuiGTsulQbDe6iRf4IfUQ0gxQUEyMDIwNjA3MDUxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
02e45686-a01e-0061-700a-d05e53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| PROOF function| $Loader object| $Do function| $DepLoader object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| ServerData object| UXResourceDependencies function| WhenAllLoaded object| StringRepository boolean| __ConvergedLoginPaginatedStrings object| webpackJsonp object| ko object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore

1 Cookies

Domain/Path Name / Value
sjc-main-ips.a.lg.prod.aadmsa.trafficmanager.net/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 0a881c20-937b-4309-8649-31caddf269bd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block