office.activeportalview.com Open in urlscan Pro
172.67.193.156 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq==
Effective URL:
https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On March 30 via api (March 30th 2024, 9:50:27 pm UTC) from US — Scanned from US

Summary HTTP 23 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 172.67.193.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is office.activeportalview.com.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.

This is the only time office.activeportalview.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2	177.53.140.76 177.53.140.76	53243 (Brasil Si...) (Brasil Site Informatica LTDA)
3 9	172.67.193.156 172.67.193.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2620:1ec:46::40 2620:1ec:46::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	3

2 177.53.140.76 (Brazil)

ASN53243 (Brasil Site Informatica LTDA, BR)
PTR: node01.cloudo.com.br

solutionscomputer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.193.156 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

office.activeportalview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
react.activeportalview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ywnjb.activeportalview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 931	335 KB
9	activeportalview.com 3 redirects office.activeportalview.com react.activeportalview.com ywnjb.activeportalview.com	33 KB
2	solutionscomputer.com.br solutionscomputer.com.br	1 KB
23	3

	Domain	Requested by
15	aadcdn.msauth.net	office.activeportalview.com aadcdn.msauth.net
6	office.activeportalview.com	2 redirects aadcdn.msauth.net
2	ywnjb.activeportalview.com	office.activeportalview.com aadcdn.msauth.net
2	solutionscomputer.com.br
1	react.activeportalview.com	1 redirects
23	5

This site contains links to these domains. Also see Links.

Domain
ywnjb.activeportalview.com
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.solutionscomputer.com.br R3	`2024-02-29` - `2024-05-29`	3 months	crt.sh
activeportalview.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-01-29` - `2025-01-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true
Frame ID: 695DDAB1787DBC4A012BF575DDECD3A5
Requests: 22 HTTP requests in this frame

Frame: https://ywnjb.activeportalview.com/Me.htm?v=3
Frame ID: ED72C2E8F13A0805E7F7BCA54AF94476
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://office.activeportalview.com/yfPlDdgA HTTP 302
https://office.activeportalview.com/ HTTP 302
https://react.activeportalview.com/login HTTP 302
https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

366 kB
Transfer

1184 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ywnjb.activeportalview.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2freact.activeportalview.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2freact.activeportalview.com%2flandingv2&response_type=code+id_token&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&x-client-SKU=ID_NET6_0&x-client-Ver=7.3.1.0&uaid=f4ab30d68dc740f2a5f9c99fd7be3cae&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&signup=1&lw=1&fl=easi2&epct=PAQABDgEAAADnfolhJpSnRYB1SVj-Hgd8ZMlwt_vMTwOffJ3ve2Tfmc16qzw6EsZGiDJkB_ENjQe3-vC7R5P_H6QM-TPpkvnn0CYxsVdBcSkackfTEtqyXbbyULTTj7E91dG8b0g43Wxbd5C0uHsHaii1Xu0cfbyPA9zJG1i2TJ6pQrqjWdeLlKx0DkYZ7IKhagCvf-vwKWXO3BhR3zHrFNik1Sp7KcYmHbgTFWvZlb_rgf7c_PjtzSAA&jshs=0
Title: Create one!

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://office.activeportalview.com/yfPlDdgA HTTP 302
https://office.activeportalview.com/ HTTP 302
https://react.activeportalview.com/login HTTP 302
https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 Page URL
https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== HTTP 307
https://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq==

Request Chain 1

https://office.activeportalview.com/yfPlDdgA HTTP 302
https://office.activeportalview.com/ HTTP 302
https://react.activeportalview.com/login HTTP 302
https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== solutionscomputer.com.br/24/bauensolutions/ Redirect Chain http://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== https://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq==	0 295 B	1207ms 148ms	Document text/html	177.53.140.76 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.53.140.76 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS node01.cloudo.com.br Software / PHP/7.4.33 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 0 content-type text/html; charset=UTF-8 date Sat, 30 Mar 2024 21:50:17 GMT refresh 0;url=https://office.activeportalview.com/yfPlDdgA#d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== x-powered-by PHP/7.4.33 Redirect headers Location https://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== Non-Authoritative-Reason HttpsUpgrades
GET H3	200	authorize Show response office.activeportalview.com/common/oauth2/v2.0/ Redirect Chain https://office.activeportalview.com/yfPlDdgA https://office.activeportalview.com/ https://react.activeportalview.com/login https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&s...	21 KB 10 KB	275ms 258ms	Document text/html	172.67.193.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8774dd32c7177f7c45df8c0aa2e9fb700a402340d550620ef0576a3504a84023` Request headers Referer https://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 86cb50860b695c81-MIA content-encoding br content-type text/html; charset=utf-8 date Sat, 30 Mar 2024 21:50:18 GMT expires -1 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} server cloudflare vary Accept-Encoding x-ms-clitelem 1,50168,0,, x-ms-ests-server 2.1.17750.5 - WUS3 ProdSlices x-ms-request-id 69203dc2-4f84-405b-b0f8-be2c95152100 x-ms-srs 1.P Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86cb5083a8305c81-MIA content-type text/html; charset=utf-8 date Sat, 30 Mar 2024 21:50:18 GMT location https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N125nDWDxE34xzvfUVNC3bou3IvUlGCbMkBGBBp4gWkhGrM72JruwzX9lyAooBKlR5pZna%2B4IxGu564IR8%2BTjUwyP4iGq0g05YkzIBwqR1CfExJbtr53o4h0oz0S7w82af7OjEPo2tB4ET%2F9RQ%3D%3D"}],"group":"cf-nel","max_age":604800} request-context appId= server cloudflare vary Accept-Encoding x-cache CONFIG_NOCACHE x-msedge-ref Ref A: 731755455AEA45AB98BED45C2206F937 Ref B: EWR311000108033 Ref C: 2024-03-30T21:50:18Z x-ua-compatible IE=edge,chrome=1
GET H2	404	favicon.ico solutionscomputer.com.br/	708 B 798 B	146ms 141ms	Other text/html	177.53.140.76 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://solutionscomputer.com.br/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.53.140.76 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS node01.cloudo.com.br Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://solutionscomputer.com.br/24/bauensolutions/d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 30 Mar 2024 21:50:17 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 708 content-type text/html
GET H2	200	BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js aadcdn.msauth.net/shared/1.0/content/js/	138 KB 49 KB	371ms 68ms	Script application/x-javascript	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js Requested by Host: office.activeportalview.com URL: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ Origin https://office.activeportalview.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:19 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 49617 x-ms-lease-status unlocked last-modified Thu, 14 Mar 2024 23:04:09 GMT etag 0x8DC447B0E3A90D2 x-azure-ref 20240330T215019Z-ruazmax8ft18721qm9792v2ceg000000039g00000000r59s content-type application/x-javascript access-control-allow-origin * x-ms-request-id 6a3e1842-101e-0043-25fb-7f4b89000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
POST H3	200	reportbssotelemetry office.activeportalview.com/common/instrumentation/	265 B 896 B	237ms 217ms	Ping application/json	172.67.193.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office.activeportalview.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1800&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&hpgrequestid=69203dc2-4f84-405b-b0f8-be2c95152100 Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 30 Mar 2024 21:50:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" alt-svc h3=":443"; ma=86400 pragma no-cache referrer-policy strict-origin-when-cross-origin x-ms-srs 1.P server cloudflare report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} content-type application/json; charset=utf-8 x-ms-request-id 3845da99-69ab-4cfb-8e15-ffe8e93a6700 cache-control no-store, no-cache cf-ray 86cb508bdbf65c81-MIA x-ms-ests-server 2.1.17615.13 - SCUS ProdSlices expires -1
GET H3	200	Primary Request authorize Show response office.activeportalview.com/common/oauth2/v2.0/	44 KB 17 KB	309ms 299ms	Document text/html	172.67.193.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `24b824340d614eca56f3c16cc0093cb41dd5a68e27e1006b88bbe913e0963210` Request headers Referer https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache cf-cache-status DYNAMIC cf-ray 86cb508bec045c81-MIA content-encoding br content-type text/html; charset=utf-8 date Sat, 30 Mar 2024 21:50:19 GMT expires -1 link <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} server cloudflare vary Accept-Encoding x-dns-prefetch-control on x-ms-clitelem 1,0,0,, x-ms-ests-server 2.1.17615.13 - EUS ProdSlices x-ms-request-id 18d501c6-dcf9-4b90-87bd-d4db46473900 x-ms-srs 1.P
GET H3	404	favicon.ico office.activeportalview.com/	0 537 B	275ms 263ms	Other text/plain	172.67.193.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office.activeportalview.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 21:50:19 GMT referrer-policy strict-origin-when-cross-origin x-ms-srs 1.P nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} server cloudflare cf-cache-status BYPASS vary Accept-Encoding report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id e7ec8efe-86a8-44bd-9e93-9d2df3f40600 cache-control private cf-ray 86cb508bec005c81-MIA alt-svc h3=":443"; ma=86400 x-ms-ests-server 2.1.17615.11 - SCUS ProdSlices
GET H3	200	Me.htm ywnjb.activeportalview.com/	0 0	1302ms 1275ms	Other text/html	172.67.193.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ywnjb.activeportalview.com/Me.htm?v=3 Requested by Host: office.activeportalview.com URL: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers
GET H2	200	converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css aadcdn.msauth.net/ests/2.1/content/cdnbundles/	110 KB 20 KB	75ms 75ms	Stylesheet text/css	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css Requested by Host: office.activeportalview.com URL: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ Origin https://office.activeportalview.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:19 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 20314 x-ms-lease-status unlocked last-modified Wed, 27 Dec 2023 18:18:12 GMT etag 0x8DC07082FBB8D2B x-azure-ref 20240330T215019Z-ruazmax8ft18721qm9792v2ceg000000039g00000000r5c4 content-type text/css access-control-allow-origin * x-ms-request-id 0ad11524-201e-0020-581a-8174ad000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Show response aadcdn.msauth.net/shared/1.0/content/js/	433 KB 119 KB	75ms 74ms	Script application/x-javascript	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Requested by Host: office.activeportalview.com URL: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `1a593c25442e0b30d379ee4a9c5c8772c70e097c4f92bfefe07baf8c168e79ee` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ Origin https://office.activeportalview.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:19 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 120844 x-ms-lease-status unlocked last-modified Sat, 02 Mar 2024 00:12:09 GMT etag 0x8DC3A4D6725B632 x-azure-ref 20240330T215019Z-ruazmax8ft18721qm9792v2ceg000000039g00000000r5c5 content-type application/x-javascript access-control-allow-origin * x-ms-request-id 220eade3-b01e-0049-16ee-80459c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js Show response aadcdn.msauth.net/ests/2.1/content/cdnbundles/	54 KB 16 KB	131ms 130ms	Script application/x-javascript	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js Requested by Host: office.activeportalview.com URL: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ Origin https://office.activeportalview.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:19 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 15778 x-ms-lease-status unlocked last-modified Sat, 17 Feb 2024 05:09:10 GMT etag 0x8DC2F7693532D17 x-azure-ref 20240330T215019Z-ruazmax8ft18721qm9792v2ceg000000039g00000000r5c7 content-type application/x-javascript access-control-allow-origin * x-ms-request-id 24aa54c9-101e-0017-0546-8184b2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	219 KB 54 KB	175ms 71ms	Script application/x-javascript	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 54325 x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 19:13:15 GMT etag 0x8DC2E5A2998EB1D x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004pr2 content-type application/x-javascript access-control-allow-origin * x-ms-request-id cf8ef9eb-d01e-005f-7872-780fb2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	favicon_a_eupayfgghqiai7k9sol6lg2.ico aadcdn.msauth.net/shared/1.0/content/images/	17 KB 17 KB	81ms 81ms	Other image/x-icon	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 17174 x-ms-lease-status unlocked last-modified Sun, 18 Oct 2020 03:02:03 GMT etag 0x8D8731230C851A6 x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004pr5 content-type image/x-icon access-control-allow-origin * x-ms-request-id fd503fd6-801e-003a-6073-78ca9a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	convergedlogin_pfetchsessionsprogress_4d4b76a02ae121e3b20c.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	15 KB 6 KB	53ms 42ms	Script application/x-javascript	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4d4b76a02ae121e3b20c.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `49bd3382f2d2c171947474fc65b701ded717bf69a6e88505b84da1d69b3c2f1e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 5512 x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 19:13:16 GMT etag 0x8DC2E5A29A25668 x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004prn content-type application/x-javascript access-control-allow-origin * x-ms-request-id 5bb638dc-d01e-0027-6672-78a5a3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif aadcdn.msauth.net/shared/1.0/content/images/	3 KB 3 KB	53ms 43ms	Image image/gif	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 2672 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:47 GMT etag 0x8DB5C3F48EC4154 x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004prp content-type image/gif access-control-allow-origin * x-ms-request-id 0897ff4c-b01e-0065-441d-7820b6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif aadcdn.msauth.net/shared/1.0/content/images/	4 KB 4 KB	60ms 52ms	Image image/gif	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT x-cache TCP_HIT x-fd-int-roxy-purgeid 0 content-length 3620 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT etag 0x8DB5C3F4904824B x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004prq content-type image/gif access-control-allow-origin * x-ms-request-id df9a423d-b01e-000d-1d72-783a85000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg aadcdn.msauth.net/shared/1.0/content/images/backgrounds/	2 KB 1 KB	38ms 36ms	Image image/svg+xml	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 673 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:46 GMT etag 0x8DB5C3F47E260FD x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004ps1 content-type image/svg+xml access-control-allow-origin * x-ms-request-id 93e33d8a-801e-0042-6080-78608b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg aadcdn.msauth.net/shared/1.0/content/images/	4 KB 2 KB	40ms 39ms	Image image/svg+xml	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 1435 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT etag 0x8DB5C3F4911527F x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004ps2 content-type image/svg+xml access-control-allow-origin * x-ms-request-id 5376b981-501e-006b-1f81-7882ab000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif aadcdn.msauth.net/shared/1.0/content/images/	3 KB 3 KB	49ms 36ms	Image image/gif	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 2672 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:47 GMT etag 0x8DB5C3F48EC4154 x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004ps6 content-type image/gif access-control-allow-origin * x-ms-request-id 0897ff4c-b01e-0065-441d-7820b6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif aadcdn.msauth.net/shared/1.0/content/images/	4 KB 4 KB	52ms 39ms	Image image/gif	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:20 GMT x-cache TCP_HIT x-fd-int-roxy-purgeid 0 content-length 3620 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT etag 0x8DB5C3F4904824B x-azure-ref 20240330T215020Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004ps7 content-type image/gif access-control-allow-origin * x-ms-request-id df9a423d-b01e-000d-1d72-783a85000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H3	200	Me.htm Show response ywnjb.activeportalview.com/ Frame ED72	2 KB 2 KB	358ms 357ms	Document text/html	172.67.193.156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ywnjb.activeportalview.com/Me.htm?v=3 Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da6de4d28446c314c23270afe2f603b9e77ba08a48d6b5cc83449fd470f2f4b9` Request headers Referer https://office.activeportalview.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=315360000 cf-cache-status DYNAMIC cf-ray 86cb5094c9f05c81-MIA content-encoding br content-type text/html; charset=utf-8 date Sat, 30 Mar 2024 21:50:21 GMT expires Tue, 28 Mar 2034 21:50:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" ppserver PPV: 30 H: SN1PEPF0002F021 V: 0 referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FqB05Fp3BKrZ6DPGu3QW5klReHcLL1oo9b26D%2BZJIcsKtiHq8wNaFQ0ay2QieblmEwiVXCq9S1K5lFaVZHawjcush2P%2FPCKtGK2wWRpHyBcGQwtXcvF03mD40%2FeWG1KTb30gQy7npx14NeVTw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-ms-request-id 90f0835b-e7e9-42bd-a5d8-11ee92084bea x-ms-route-info C503_SN1
GET H2	200	convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js Show response aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/	111 KB 36 KB	76ms 75ms	Script application/x-javascript	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js Requested by Host: aadcdn.msauth.net URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:21 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 35813 x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 19:13:16 GMT etag 0x8DC2E5A29EDB0A1 x-azure-ref 20240330T215021Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004pxn content-type application/x-javascript access-control-allow-origin * x-ms-request-id a866e66e-601e-0070-6e80-78179e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg aadcdn.msauth.net/shared/1.0/content/images/	2 KB 1 KB	42ms 39ms	Image image/svg+xml	2620:1ec:46::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://office.activeportalview.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sat, 30 Mar 2024 21:50:21 GMT content-encoding gzip x-cache TCP_HIT x-fd-int-roxy-purgeid 4554691 content-length 621 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:49 GMT etag 0x8DB5C3F49ED96E0 x-azure-ref 20240330T215021Z-fypqxgmenh56v2wucu5x2kdre80000000n2g000000004pxx content-type image/svg+xml access-control-allow-origin * x-ms-request-id fc6eebdc-c01e-0002-7672-78b39a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.activeportalview.com/	1970-01-20 19:30:39	Name: 154b-e7f0 Value: dd3268e165c53f2194f0115fbf6cfe0684ddd1f3b1808d088430008d976c50e4
office.activeportalview.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
office.activeportalview.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
react.activeportalview.com/	1970-01-20 19:31:04	Name: OH.DCAffinity Value: OH-eus
react.activeportalview.com/	1970-01-21 04:16:11	Name: OH.FLID Value: 138fa3dc-72f3-4c83-a9ee-72c3f1948d03
react.activeportalview.com/	1970-01-20 19:30:36	Name: .AspNetCore.OpenIdConnect.Nonce.r4ZuXPQWEAKuwN7zp4GcbZzqvM59X6Tnjat_vBZ0Rzn9BgSHrZHmFFew_Z-tuOkj29xZKf8agKqcTnjklAzbnwVPH41aQumPxaxQTosnNSop3JqkExzxp0KCrxL5TZ7X0URtI4irXdb40VK0W3BSKF6XdJ1dDg1VtftUADnZwVKP8X9GWwNooDG0M820oh9vtg379y-pSPTrk5D0xMX_L5Hx-Fgb119LDMHRHeGzTmaPWXQwiR6_urp3nURwEZhP Value: N
react.activeportalview.com/	1970-01-20 19:30:36	Name: .AspNetCore.Correlation.hb55kfdK_qGLiJAa8iOvswbtrCF5eozk5h4Q27n8X6A Value: N
.activeportalview.com/	1970-01-21 04:52:11	Name: MUID Value: 2E4A50F23C0865A60D9C44A03D0F64D7
.office.activeportalview.com/	1969-12-31 23:59:59	Name: esctx-bLcgG5y0A8 Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8mFiZHVlCeDI-92sUHw5g-M44kxa_P8o-n7_JbtxgH9CyX2bYmqsg3GEBi6BeY2k4RmtZ2gmYN7gGUdOhi317eRxV1mmlEEw_02-De6ooMU4vpGCcipEinydhjkGnfchY9TFWDUDYoVmjfjGXcMKJFyAA
.office.activeportalview.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
office.activeportalview.com/	1970-01-20 19:30:35	Name: SSOCOOKIEPULLED Value: 1
office.activeportalview.com/	1970-01-20 20:13:47	Name: buid Value: 0.AVEAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8Hh18JIMh_0rEieUOcBclnyCbL7yZC_d7SU5mn8FIdNyFH5bIrdC-YeQBqXYxuDlFYMPvfzpc0IVaKHXXw6DMMDcKInUbTr4vkxzq0ZQMGiggAA
.office.activeportalview.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8pc220gC14l1Ig56EBADK6XnNOlO-PmnLrmt4v7mN0EQ4ZIb8umjJcHkpyB8blWyCSJliNQFEUJqGOM2pzW77PzxSrnVeeo6f-rhvqx192r6elxhtE4AirP2NBIyxKMDYC2jRgwDDKmIw7oCiJwtnL9XJj6Je278e4AHWg5fMNgUgAA
.office.activeportalview.com/	1969-12-31 23:59:59	Name: esctx-sFlZxf1NCAU Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8bum7NpvV9KM5zvASzQgveTLkiHyJxfBWELweu9DqzBXyBuG-x45aNcW2oJ2DcMmVucN3mJnQsE1JF8eAUxZEZdJRlLwbSYh3q8OPgCtjkp-6mybVnsiXBFlzX8oTspc39OOQxXq2AM1qaITgtacyiyAA
office.activeportalview.com/	1970-01-20 20:13:47	Name: fpc Value: AuLkXv_SypxIh3foPS_tlFW8Ae7AAQAAABuAmt0OAAAA
.office.activeportalview.com/	1970-01-21 04:52:11	Name: brcap Value: 0
.ywnjb.activeportalview.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1711835421&co=1
.ywnjb.activeportalview.com/	1969-12-31 23:59:59	Name: uaid Value: 0b35760202a643328568d78886c245d6

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://solutionscomputer.com.br/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://office.activeportalview.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://office.activeportalview.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638474322183813251.M2JlODc3OTYtODU4MS00MGU4LTk3Y2UtMzZiZmRmYTllODhjYjBkMmNlYWYtMjc4YS00MGFiLTg1NDYtYzY5MzllY2FkMThl&ui_locales=en-US&mkt=en-US&client-request-id=f4ab30d6-8dc7-40f2-a5f9-c99fd7be3cae&state=qiU-BrZNsHfNmhRznSg-Yjfr1VJn6bY8ZfKwfZYYIQMB2GHFeSl3j30KxTh0My0sZ1mWHjn6l130dD7FNSBjvCkKsbnhkoJMA3VSYeqkbTJaafVbtelX1BZ7x6kmfkiClqHKQ43HY_LEiNJRCHOseIuIHluOplzi7h1uFG-5MQOQJVRxf3KEEyn2lp8wVRPfdRi08SclLZQLjXaImWP1QSkwUiE8eQW72ME2LaGVV4k8zDOUSNO0MGp97Rf3-6QmkF1bHHOGdxr5-oHKY_itoA&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true#d3npbgluqgjhdwvuc29sdxrpb25zlmnvbq== Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
office.activeportalview.com
react.activeportalview.com
solutionscomputer.com.br
ywnjb.activeportalview.com
172.67.193.156
177.53.140.76
2620:1ec:46::40
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1a593c25442e0b30d379ee4a9c5c8772c70e097c4f92bfefe07baf8c168e79ee
24b824340d614eca56f3c16cc0093cb41dd5a68e27e1006b88bbe913e0963210
30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c
49bd3382f2d2c171947474fc65b701ded717bf69a6e88505b84da1d69b3c2f1e
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8774dd32c7177f7c45df8c0aa2e9fb700a402340d550620ef0576a3504a84023
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
da6de4d28446c314c23270afe2f603b9e77ba08a48d6b5cc83449fd470f2f4b9
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

office.activeportalview.com Open in urlscan Pro 172.67.193.156 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

23 Requests

100 %HTTPS

33 %IPv6

3 Domains

5 Subdomains

3 IPs

2 Countries

366 kBTransfer

1184 kBSize

18 Cookies

3 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

18 Cookies

3 Console Messages

Indicators

office.activeportalview.com Open in urlscan Pro
172.67.193.156 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

366 kB
Transfer

1184 kB
Size

18
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!