rustam.debug.okr-msteams.epm-dmtm.projects.epam.com
Open in
urlscan Pro
20.50.2.86
Public Scan
Submission Tags: @phishunt_io
Submission: On December 14 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on December 13th 2021. Valid for: 6 months.
This is the only time rustam.debug.okr-msteams.epm-dmtm.projects.epam.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 20.50.2.86 20.50.2.86 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 34.117.66.58 34.117.66.58 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 35.201.126.125 35.201.126.125 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 20.190.160.2 20.190.160.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 91.120.43.96 91.120.43.96 | 33973 (EPAM-AS) (EPAM-AS) | |
7 | 5 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com |
ASN15169 (GOOGLE, US)
PTR: 58.66.117.34.bc.googleusercontent.com
delivery.epam.com |
ASN15169 (GOOGLE, US)
PTR: 125.126.201.35.bc.googleusercontent.com
epam.luminatesec.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
epam.com
1 redirects
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com delivery.epam.com login.epam.com |
96 KB |
2 |
microsoftonline.com
1 redirects
login.microsoftonline.com |
57 KB |
1 |
luminatesec.com
1 redirects
epam.luminatesec.com |
735 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
11 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net |
27 KB |
7 | 5 |
Domain | Requested by | |
---|---|---|
3 | rustam.debug.okr-msteams.epm-dmtm.projects.epam.com |
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com
|
2 | login.microsoftonline.com |
1 redirects
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com
|
1 | login.epam.com |
login.microsoftonline.com
|
1 | epam.luminatesec.com | 1 redirects |
1 | delivery.epam.com | 1 redirects |
1 | cdnjs.cloudflare.com |
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com
|
1 | cdn.jsdelivr.net |
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com
|
7 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-13 - 2022-06-13 |
6 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2021-11-24 - 2022-11-24 |
a year | crt.sh |
login.epam.com Go Daddy Secure Certificate Authority - G2 |
2021-07-23 - 2022-08-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://rustam.debug.okr-msteams.epm-dmtm.projects.epam.com/
Frame ID: 4EEF1247A75B2AC2D75ACCE99FB3D1FA
Requests: 5 HTTP requests in this frame
Frame:
https://login.epam.com/adfs/ls/?client-request-id=5393821e-944f-4761-8a17-71e43716cdb4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAbVRvW_TQBzN4bSECESFKkAMKEOnRlf7zudPkSEfTWhjSKU0tOp2vjvHTuzacZyGBrGwgEBCSDB1ZGREDIiJEVVC6gbqzICYmBAjDRJ_AsuT3nt6-v303qqE1xR7xVQ5Jp5OoHBNCgmhFJqeiaHrEuLqyNS4QdIrxaWbj152O69o6-m10Tfj6ud3R6AgEhqtsTh6A_b8LEvGtiz_lcJJFOzTTIwFm9vyPy7HdJL5WCaqoXmGUKBglgcJPrtGPQVBLCyCuaebLtNkRsPQpWz4HoATAL4DcHrucqc6z88hToOZOJKSOg-n6tRHAT5ws10m7o5Y5Lizne1hD_PbyGtsZv1UcaBXj5mjjRqOf7izNUv1ZnvQ47FDUGuX93V14Df8jay7kQz5jHT0cXgQ8fX2drc_1ZRmi2xtVumkdlitVN5KKy5BroG5AomYf8-wDk2qW9CziOWpusEsxI-l5TgR-wEvJWnsBaEoiYgG4VcJnOTBj_xFRbILheJS7nqulPudB68Xzgr-de_hpxuPvzSfP7sFVh_UcscLMlkPnDS-0-3FzjB2whFph6I5uN-La12HlcutXn06rMlGWWikotjoxSL4uQienM99uPAfBzktLmMFI4gwRKSkqLaKbYz2Pl7K_QE1
Frame ID: 222256EB9E47A1B2171A177A07C92CA7
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://delivery.epam.com/unit/132769/planner/timeline HTTP 302
- https://epam.luminatesec.com/accezz-login?accezz_redirect=https%3A%2F%2Fdelivery.epam.com%2Funit%2F132769%2Fplanner%2Ftimeline HTTP 303
- https://login.microsoftonline.com/b41b72d0-4e9f-4c26-8a69-f949f367c91d/oauth2/v2.0/authorize?client_id=83d24f64-eb8a-44aa-8f82-bb44b6185d74&domain_hint=epam.com&redirect_uri=https%3A%2F%2Fepam.luminatesec.com%2Fluminate%2Foauth2%2F4375f7e0-ec9f-4282-af01-2e942df68bc5%2Fcallback&response_type=code&scope=openid+profile+email&state=Cdlw3wh1i2vbtXceNqcmLbzWTkU2dH1fDJtgr0L-fCocL5qDLhyWPzr6FKjUdoL41GXdg63jhDhItSIpkdz4O6slvmdEKTSgw50FG4PJAauByA%3D%3D
- https://login.microsoftonline.com/b41b72d0-4e9f-4c26-8a69-f949f367c91d/oauth2/v2.0/authorize?client_id=83d24f64-eb8a-44aa-8f82-bb44b6185d74&domain_hint=epam.com&redirect_uri=https%3A%2F%2Fepam.luminatesec.com%2Fluminate%2Foauth2%2F4375f7e0-ec9f-4282-af01-2e942df68bc5%2Fcallback&response_type=code&scope=openid+profile+email&state=Cdlw3wh1i2vbtXceNqcmLbzWTkU2dH1fDJtgr0L-fCocL5qDLhyWPzr6FKjUdoL41GXdg63jhDhItSIpkdz4O6slvmdEKTSgw50FG4PJAauByA%3D%3D&sso_reload=true HTTP 302
- https://login.epam.com/adfs/ls/?client-request-id=5393821e-944f-4761-8a17-71e43716cdb4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAbVRvW_TQBzN4bSECESFKkAMKEOnRlf7zudPkSEfTWhjSKU0tOp2vjvHTuzacZyGBrGwgEBCSDB1ZGREDIiJEVVC6gbqzICYmBAjDRJ_AsuT3nt6-v303qqE1xR7xVQ5Jp5OoHBNCgmhFJqeiaHrEuLqyNS4QdIrxaWbj152O69o6-m10Tfj6ud3R6AgEhqtsTh6A_b8LEvGtiz_lcJJFOzTTIwFm9vyPy7HdJL5WCaqoXmGUKBglgcJPrtGPQVBLCyCuaebLtNkRsPQpWz4HoATAL4DcHrucqc6z88hToOZOJKSOg-n6tRHAT5ws10m7o5Y5Lizne1hD_PbyGtsZv1UcaBXj5mjjRqOf7izNUv1ZnvQ47FDUGuX93V14Df8jay7kQz5jHT0cXgQ8fX2drc_1ZRmi2xtVumkdlitVN5KKy5BroG5AomYf8-wDk2qW9CziOWpusEsxI-l5TgR-wEvJWnsBaEoiYgG4VcJnOTBj_xFRbILheJS7nqulPudB68Xzgr-de_hpxuPvzSfP7sFVh_UcscLMlkPnDS-0-3FzjB2whFph6I5uN-La12HlcutXn06rMlGWWikotjoxSL4uQienM99uPAfBzktLmMFI4gwRKSkqLaKbYz2Pl7K_QE1
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com/ |
639 B 1021 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.0/css/ |
196 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors~app.5bfc63bf0f3b44fbdd09.js
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com/ |
196 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.5bfc63bf0f3b44fbdd09.js
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com/ |
62 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/b41b72d0-4e9f-4c26-8a69-f949f367c91d/oauth2/v2.0/ Frame 2222 Redirect Chain
|
147 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
login.epam.com/adfs/ls/ Frame 2222 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonp function| onNativeMessage10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rustam.debug.okr-msteams.epm-dmtm.projects.epam.com/ | Name: ARRAffinity Value: 37c77572be775c3da9e718e75bdd3dcd6c69246656e6f77972070ce4bfef6455 |
|
.rustam.debug.okr-msteams.epm-dmtm.projects.epam.com/ | Name: ARRAffinitySameSite Value: 37c77572be775c3da9e718e75bdd3dcd6c69246656e6f77972070ce4bfef6455 |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQkA0HIbtJ9OJkyKaflJ82fJHWRP0oOK66pEj4K7RLYYXXQJAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrYEw24jikur679TdWP_jnu_vma7oOuagVfENPep3aMcOzmSjEUkPR31eUQUk75q-aT30DSQR4YyzVPz4bPg26QuSdPbZaaijc_ndzm71ri7kgAA |
|
.login.microsoftonline.com/ | Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrqFak5Fe7CBHIE83kIGUUFMiEDnEJ-lLMIkeqQX8_MKxhPNlxjvltrGq62d8VGDXZPIOuXalwYnenMSR5WtLo29xpa1WkR2DM_tCdYlM6dpDEAO2OpUwb5pFKcMVcuSDhNyyGl3XzHyPesdx-szWbjzQHVBklHIgrtfnS_VPEcqoJaNuENrJORqLz0tE46UhR7yFfs7N1cLx47rFCIOMcMywArRE6dU8ksS5ERWztBveiqGmEJhBTgowpNAlYwwh2TDX8LEpe0yHP29sq6bdPAjzgriNWd4zrv2IiboMY30pqOOOGrmwofOygzp_A0hiTCq8AmbQM6K2t3A1ojQUI-tN_wwc7vUqh9YzjVFjiw6YFhrZPXvAsWGumB5rYnqqJF98Iy79w9sW_7PqwsL8AYkA3WJfZ8WSR_mSEQTPhPLQgmdfx_AM7bRbUvHKWNNGFGKdjYnmBwgtPvy6mA0AUow-7hVlBgxyVzg406q7kxPgEsE6R8h141bEwImAr91eOIAA |
|
login.microsoftonline.com/ | Name: fpc Value: An446L9ZkEJDnhEZrT5lK_PG01COAQAAAEUHStkOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevrr46sxphrP9pafb0HennSUDohLl3oBFyxY_u56sLvcgaYsGHO74m2-YsCjRVcMmiTksx7XOui9InmmhV01bntqRiErnq8i3wDFWqY1HvWRfZLsh_uRMUFWawYUNpy6UW1nhmaorWCMfY-aUGGiFIAS3lV50xaUIGGw-dUcjUmjFcgAA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
delivery.epam.com
epam.luminatesec.com
login.epam.com
login.microsoftonline.com
rustam.debug.okr-msteams.epm-dmtm.projects.epam.com
20.190.160.2
20.50.2.86
2606:4700::6810:135e
2606:4700::6810:5614
34.117.66.58
35.201.126.125
91.120.43.96
0e4cf59b6461adf81441a4f3ff3aa75ae3f2e0c8ee057359f1b1ecc78e1cf3ab
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
18fb8344d99f448de66417ac62f8c811143391c96f96a747c0ff86318dfa0e4d
2f89733208140c4517dce7e716f6c9763b5e1df4dd02be5583b4bbcd38dc0396
68f78afcdf081e91ecbcf0427f8f6254a31dbac7e86caa36a3117c951aee5898
add9afc618356d2e528b8d118ba2f2423079e2a1e86521c92b846280f959f5ae