login.microsoftonline.com
Open in
urlscan Pro
2603:1047:1:198::6
Public Scan
Effective URL: https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKmXJRGyAbdGUQNpa8RuF93...
Submission: On October 09 via manual from SG — Scanned from SG
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 23.52.114.20 23.52.114.20 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 3 | 23.52.112.27 23.52.112.27 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 1 | 52.221.66.111 52.221.66.111 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2603:1047:1:1... 2603:1047:1:198::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
12 | 2606:2800:247... 2606:2800:247:8f3c:39fe:2753:7a35:e3da | 15133 (EDGECAST) (EDGECAST) | |
1 | 20.190.144.166 20.190.144.166 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2620:1ec:bdf::59 2620:1ec:bdf::59 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2603:1036:300... 2603:1036:3000:f0::1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
22 | 7 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-52-114-20.deploy.static.akamaitechnologies.com
pacificint.lms.sapsf.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-27.deploy.static.akamaitechnologies.com
hcm44.sapsf.com |
ASN16509 (AMAZON-02, US)
PTR: aws-sgp-b.accounts.ondemand.com
ac5z5e7vy.accounts.ondemand.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1205 |
287 KB |
6 |
sapsf.com
3 redirects
pacificint.lms.sapsf.com hcm44.sapsf.com — Cisco Umbrella Rank: 203122 |
16 KB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 15 |
28 KB |
2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 4161 |
300 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1331 |
1 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 100 |
|
1 |
ondemand.com
1 redirects
ac5z5e7vy.accounts.ondemand.com |
2 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
12 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
3 | login.microsoftonline.com |
aadcdn.msftauth.net
|
3 | hcm44.sapsf.com |
1 redirects
hcm44.sapsf.com
|
3 | pacificint.lms.sapsf.com | 2 redirects |
2 | aadcdn.msftauthimages.net | |
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | ac5z5e7vy.accounts.ondemand.com | 1 redirects |
22 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.lms.sapsf.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-09 - 2024-08-09 |
a year | crt.sh |
*.sapsf.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-26 - 2024-02-28 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-08-17 - 2024-08-17 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2023-07-03 - 2024-07-03 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-02 - 2024-08-27 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2023-07-03 - 2024-07-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKmXJRGyAbdGUQNpa8RuF93RJOUQkIYuh4qbfn0ZO4GzSdoNF8S5wLkz0y2ncA935tdkMCRLROODdfDRAU6j8VvjH6wy3%2B9u5%2BQ%2BhCMKxqSq%2FlSmfnhMpVJugoCpA21GCTpVbmQoxyFnVh8jif%2BiSbLxLjjlhg8WtIXDnEwehJNoUYAcDYqgxHb55VbkKRf7C4Ti8263oZtv2x1JVtHcgnzSvkoO7mAhHa3yDl0fHAwWzFlP6qbQbZXTqikNLWXW0MbEZ5YXrdRaVnmmLx1Isl7NyZZrVc%2BqWUlbua9jYN%2FQfdUXVOq6b7NMV3kvI4o4mTVgkBDmJOd5QTNOebvjteCZqIqUz5qfJPlhPJ5NYx2S%2FB4HwPcrH5%2Fn8wwLwPz9gHxZ4jVRXgYT53I6ndJTkTp%2FYDnnGeMli5ABdXOlizdoznj7RGu0hxuy6KKJONf2i%2F%2B8jY69ynRfo%2Fp6tXGDVY%2FJJ%2BdHGd5ulqXZ%2Bcdq2p9RMQEejbK9NZqwRcdeX%2FLiLw%3D%3D&RelayState=arc1e59d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Af2OKBsLsZBEtUQjtio8ZEFFjDRxi%2BRyoGspLnd5faChV%2F%2BEk7hXejUUAyZhFU8SoiFdPJCce7Y%2Bdoupdii%2FV7OEQw3lFFQFxhA%2B34I2806YGNLEXepL6LpH%2BTOLJNo%2BWtq9MSgmdfwrf0IJbS9KcxC91tDM7a%2FNt4YcBGwt0Qbj7g4QRFE%2F1TH5OTdbkGnMplhmb5e946B03Jx4%2BcqtKQnUvW1YHDUCrOakUL1wjTo9knhvMuInpYulxl58ulDYdoDVlHrTaKAGlFTeG2jmtwrU0LadN39V6bWkyIrF6hQ4wCrkFYrXZjti%2BXMGbjUDHmydM0wPZ9DNR7qHhipxWA%3D%3D&sso_reload=true
Frame ID: 4DC15AD91550AFD77D782ACE1844A7D9
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
登录到您的帐户Page URL History Show full URLs
-
http://pacificint.lms.sapsf.com/
HTTP 302
https://pacificint.lms.sapsf.com/ Page URL
-
https://pacificint.lms.sapsf.com/learning/user/login.jsp
HTTP 302
https://hcm44.sapsf.com/login?company=PILSFPROD HTTP 302
https://hcm44.sapsf.com/saml2/Login?company=PILSFPROD&RelayState=%2Flogin%3Fcompany%3DPILSFPROD&_s.c... Page URL
-
https://ac5z5e7vy.accounts.ondemand.com/saml2/idp/sso/ac5z5e7vy.accounts.ondemand.com?SAMLRequest=hZJNT%2BMwEIb%2Fij...
HTTP 302
https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKm... Page URL
- https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKm... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: 使用条款
Search URL Search Domain Scan URL
Title: 隐私与 Cookie
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pacificint.lms.sapsf.com/
HTTP 302
https://pacificint.lms.sapsf.com/ Page URL
-
https://pacificint.lms.sapsf.com/learning/user/login.jsp
HTTP 302
https://hcm44.sapsf.com/login?company=PILSFPROD HTTP 302
https://hcm44.sapsf.com/saml2/Login?company=PILSFPROD&RelayState=%2Flogin%3Fcompany%3DPILSFPROD&_s.crb=eGfsmjUtafnlnWIyMdH%252fRB%252bXgelUniM5l3KkHJTZSXw%253d Page URL
-
https://ac5z5e7vy.accounts.ondemand.com/saml2/idp/sso/ac5z5e7vy.accounts.ondemand.com?SAMLRequest=hZJNT%2BMwEIb%2FijV358NL0q3VFHWpKirxEdHAYS8r15mCpcQOHocu%2FHqyaVnBAbja78wz89iz079tw57Qk3G2gDRKgKHVrjb2voDbasV%2Fwul8RqptRCcXfXiwN%2FjYIwU2FFqSh5sCem%2BlU2RIWtUiyaDlZnF5IUWUyM674LRrgC2HQmNVGGEPIXQk41jp7CXDydNzpLR2vQ0UOVtjq2wdadfGIyI2dRcTue%2FSwFbOaxwnLWCnGkJg62UBf3KcZPlJlnJM85yfKFR8i1PkYrvVIldaqGk%2BRIl6XFsKyoYCRCJ%2B8DThybRKJjJJZSaiSSJ%2BAyuPO%2F0y9uDqKwHbQ4jkeVWVvLzeVMDu3pwPATgaliPdv1f7dWNFhP6fTZi%2F2dzv9xH1WiPRTungPI0Sy%2FXFZlXeXC9n8XvU%2F6e9Gnqvl6VrjH5mi6Zx%2BzOPKmABwfc4Wm1V%2BHyaNErHE1Pz3RiVvaUOtdkZrCGeH7Ef%2F9D8FQ%3D%3D&RelayState=%2Flogin%3Fcompany%3DPILSFPROD&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=XmcORDe2AEAPGaRxncXYPlvYGw3rmJZHyeaLxyovTncANKFmckNRxzO2kthQO%2FC6KtM233tmCFxDan6uBOt5tfPmxDpF5xpf42kP9KWP3RXeEugqPHZHH83ro9IVlGlNwPNGGQhON3p8FQ4BHvWJnLZ6FuN4svS6VWWHcpn3TO0%3D
HTTP 302
https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKmXJRGyAbdGUQNpa8RuF93RJOUQkIYuh4qbfn0ZO4GzSdoNF8S5wLkz0y2ncA935tdkMCRLROODdfDRAU6j8VvjH6wy3%2B9u5%2BQ%2BhCMKxqSq%2FlSmfnhMpVJugoCpA21GCTpVbmQoxyFnVh8jif%2BiSbLxLjjlhg8WtIXDnEwehJNoUYAcDYqgxHb55VbkKRf7C4Ti8263oZtv2x1JVtHcgnzSvkoO7mAhHa3yDl0fHAwWzFlP6qbQbZXTqikNLWXW0MbEZ5YXrdRaVnmmLx1Isl7NyZZrVc%2BqWUlbua9jYN%2FQfdUXVOq6b7NMV3kvI4o4mTVgkBDmJOd5QTNOebvjteCZqIqUz5qfJPlhPJ5NYx2S%2FB4HwPcrH5%2Fn8wwLwPz9gHxZ4jVRXgYT53I6ndJTkTp%2FYDnnGeMli5ABdXOlizdoznj7RGu0hxuy6KKJONf2i%2F%2B8jY69ynRfo%2Fp6tXGDVY%2FJJ%2BdHGd5ulqXZ%2Bcdq2p9RMQEejbK9NZqwRcdeX%2FLiLw%3D%3D&RelayState=arc1e59d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Af2OKBsLsZBEtUQjtio8ZEFFjDRxi%2BRyoGspLnd5faChV%2F%2BEk7hXejUUAyZhFU8SoiFdPJCce7Y%2Bdoupdii%2FV7OEQw3lFFQFxhA%2B34I2806YGNLEXepL6LpH%2BTOLJNo%2BWtq9MSgmdfwrf0IJbS9KcxC91tDM7a%2FNt4YcBGwt0Qbj7g4QRFE%2F1TH5OTdbkGnMplhmb5e946B03Jx4%2BcqtKQnUvW1YHDUCrOakUL1wjTo9knhvMuInpYulxl58ulDYdoDVlHrTaKAGlFTeG2jmtwrU0LadN39V6bWkyIrF6hQ4wCrkFYrXZjti%2BXMGbjUDHmydM0wPZ9DNR7qHhipxWA%3D%3D Page URL
- https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKmXJRGyAbdGUQNpa8RuF93RJOUQkIYuh4qbfn0ZO4GzSdoNF8S5wLkz0y2ncA935tdkMCRLROODdfDRAU6j8VvjH6wy3%2B9u5%2BQ%2BhCMKxqSq%2FlSmfnhMpVJugoCpA21GCTpVbmQoxyFnVh8jif%2BiSbLxLjjlhg8WtIXDnEwehJNoUYAcDYqgxHb55VbkKRf7C4Ti8263oZtv2x1JVtHcgnzSvkoO7mAhHa3yDl0fHAwWzFlP6qbQbZXTqikNLWXW0MbEZ5YXrdRaVnmmLx1Isl7NyZZrVc%2BqWUlbua9jYN%2FQfdUXVOq6b7NMV3kvI4o4mTVgkBDmJOd5QTNOebvjteCZqIqUz5qfJPlhPJ5NYx2S%2FB4HwPcrH5%2Fn8wwLwPz9gHxZ4jVRXgYT53I6ndJTkTp%2FYDnnGeMli5ABdXOlizdoznj7RGu0hxuy6KKJONf2i%2F%2B8jY69ynRfo%2Fp6tXGDVY%2FJJ%2BdHGd5ulqXZ%2Bcdq2p9RMQEejbK9NZqwRcdeX%2FLiLw%3D%3D&RelayState=arc1e59d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Af2OKBsLsZBEtUQjtio8ZEFFjDRxi%2BRyoGspLnd5faChV%2F%2BEk7hXejUUAyZhFU8SoiFdPJCce7Y%2Bdoupdii%2FV7OEQw3lFFQFxhA%2B34I2806YGNLEXepL6LpH%2BTOLJNo%2BWtq9MSgmdfwrf0IJbS9KcxC91tDM7a%2FNt4YcBGwt0Qbj7g4QRFE%2F1TH5OTdbkGnMplhmb5e946B03Jx4%2BcqtKQnUvW1YHDUCrOakUL1wjTo9knhvMuInpYulxl58ulDYdoDVlHrTaKAGlFTeG2jmtwrU0LadN39V6bWkyIrF6hQ4wCrkFYrXZjti%2BXMGbjUDHmydM0wPZ9DNR7qHhipxWA%3D%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://pacificint.lms.sapsf.com/ HTTP 302
- https://pacificint.lms.sapsf.com/
- https://pacificint.lms.sapsf.com/learning/user/login.jsp HTTP 302
- https://hcm44.sapsf.com/login?company=PILSFPROD HTTP 302
- https://hcm44.sapsf.com/saml2/Login?company=PILSFPROD&RelayState=%2Flogin%3Fcompany%3DPILSFPROD&_s.crb=eGfsmjUtafnlnWIyMdH%252fRB%252bXgelUniM5l3KkHJTZSXw%253d
- https://ac5z5e7vy.accounts.ondemand.com/saml2/idp/sso/ac5z5e7vy.accounts.ondemand.com?SAMLRequest=hZJNT%2BMwEIb%2FijV358NL0q3VFHWpKirxEdHAYS8r15mCpcQOHocu%2FHqyaVnBAbja78wz89iz079tw57Qk3G2gDRKgKHVrjb2voDbasV%2Fwul8RqptRCcXfXiwN%2FjYIwU2FFqSh5sCem%2BlU2RIWtUiyaDlZnF5IUWUyM674LRrgC2HQmNVGGEPIXQk41jp7CXDydNzpLR2vQ0UOVtjq2wdadfGIyI2dRcTue%2FSwFbOaxwnLWCnGkJg62UBf3KcZPlJlnJM85yfKFR8i1PkYrvVIldaqGk%2BRIl6XFsKyoYCRCJ%2B8DThybRKJjJJZSaiSSJ%2BAyuPO%2F0y9uDqKwHbQ4jkeVWVvLzeVMDu3pwPATgaliPdv1f7dWNFhP6fTZi%2F2dzv9xH1WiPRTungPI0Sy%2FXFZlXeXC9n8XvU%2F6e9Gnqvl6VrjH5mi6Zx%2BzOPKmABwfc4Wm1V%2BHyaNErHE1Pz3RiVvaUOtdkZrCGeH7Ef%2F9D8FQ%3D%3D&RelayState=%2Flogin%3Fcompany%3DPILSFPROD&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=XmcORDe2AEAPGaRxncXYPlvYGw3rmJZHyeaLxyovTncANKFmckNRxzO2kthQO%2FC6KtM233tmCFxDan6uBOt5tfPmxDpF5xpf42kP9KWP3RXeEugqPHZHH83ro9IVlGlNwPNGGQhON3p8FQ4BHvWJnLZ6FuN4svS6VWWHcpn3TO0%3D HTTP 302
- https://login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/saml2?SAMLRequest=jZLLbtswEEV%2FRWDWFKmXJRGyAbdGUQNpa8RuF93RJOUQkIYuh4qbfn0ZO4GzSdoNF8S5wLkz0y2ncA935tdkMCRLROODdfDRAU6j8VvjH6wy3%2B9u5%2BQ%2BhCMKxqSq%2FlSmfnhMpVJugoCpA21GCTpVbmQoxyFnVh8jif%2BiSbLxLjjlhg8WtIXDnEwehJNoUYAcDYqgxHb55VbkKRf7C4Ti8263oZtv2x1JVtHcgnzSvkoO7mAhHa3yDl0fHAwWzFlP6qbQbZXTqikNLWXW0MbEZ5YXrdRaVnmmLx1Isl7NyZZrVc%2BqWUlbua9jYN%2FQfdUXVOq6b7NMV3kvI4o4mTVgkBDmJOd5QTNOebvjteCZqIqUz5qfJPlhPJ5NYx2S%2FB4HwPcrH5%2Fn8wwLwPz9gHxZ4jVRXgYT53I6ndJTkTp%2FYDnnGeMli5ABdXOlizdoznj7RGu0hxuy6KKJONf2i%2F%2B8jY69ynRfo%2Fp6tXGDVY%2FJJ%2BdHGd5ulqXZ%2Bcdq2p9RMQEejbK9NZqwRcdeX%2FLiLw%3D%3D&RelayState=arc1e59d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Af2OKBsLsZBEtUQjtio8ZEFFjDRxi%2BRyoGspLnd5faChV%2F%2BEk7hXejUUAyZhFU8SoiFdPJCce7Y%2Bdoupdii%2FV7OEQw3lFFQFxhA%2B34I2806YGNLEXepL6LpH%2BTOLJNo%2BWtq9MSgmdfwrf0IJbS9KcxC91tDM7a%2FNt4YcBGwt0Qbj7g4QRFE%2F1TH5OTdbkGnMplhmb5e946B03Jx4%2BcqtKQnUvW1YHDUCrOakUL1wjTo9knhvMuInpYulxl58ulDYdoDVlHrTaKAGlFTeG2jmtwrU0LadN39V6bWkyIrF6hQ4wCrkFYrXZjti%2BXMGbjUDHmydM0wPZ9DNR7qHhipxWA%3D%3D
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
pacificint.lms.sapsf.com/ Redirect Chain
|
68 B 475 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login
hcm44.sapsf.com/saml2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
perflog-lib.min.js
hcm44.sapsf.com/verp/vmod_v1/ui/perflog-lib/resources_1.0.18/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/ad83d952-584e-4a18-8e18-6239adda521d/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_jwgqf3nc9rqvzqsw0tyvVA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
417 KB 115 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-zh-hans.min_9bku3gua9wexunanynw7hq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
49 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_ddc6955191c1ed8e0957.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_af6a7e05798bc1589a37.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/447973e2-qg2b94h8c4xhmutpim2rn9nomts-tvvvi4cq8a-dwla/logintenantbranding/0/ |
290 KB 290 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/447973e2-qg2b94h8c4xhmutpim2rn9nomts-tvvvi4cq8a-dwla/logintenantbranding/0/ |
9 KB 10 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/ad83d952-584e-4a18-8e18-6239adda521d/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_8903e12702d30ba97d2f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 786 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_ddc6955191c1ed8e0957 boolean| __convergedlogin_pfetchsessionsprogress_af6a7e05798bc1589a3723 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pacificint.lms.sapsf.com/learning | Name: JSESSIONID Value: 2023EF794603DCE65DBC2AA965781430 |
|
pacificint.lms.sapsf.com/ | Name: BIGipServerP_lms_sapsf_com_80 Value: !YJLhQ/IVK3zn3Da935R4UtrcMTmjuWaELtCR8Y7ZeS3lxvAwmf19Agbf6+m0GK0/0nHjQ9ErhsAp |
|
pacificint.lms.sapsf.com/ | Name: route Value: cc853b061978af9e406d7d8187c7e68dd5907a6d |
|
pacificint.lms.sapsf.com/ | Name: JSESSIONID Value: 2023EF794603DCE65DBC2AA965781430 |
|
hcm44.sapsf.com/ | Name: bizxCompanyId Value: PILSFPROD |
|
hcm44.sapsf.com/ | Name: JSESSIONID Value: 2E0C1883809EEBB22CA94DE1B71D44EA.pc52bcf16 |
|
hcm44.sapsf.com/ | Name: route Value: 88b56289f0cf525d2850c54739e0335375844a41 |
|
hcm44.sapsf.com/ | Name: PRF_COOKIE_DEFAULT Value: 126366730.20480.0000 |
|
hcm44.sapsf.com/ | Name: oiosaml-fragment Value: |
|
ac5z5e7vy.accounts.ondemand.com/ | Name: arc1e59d9 Value: AAAADFjzO6ESG4jU16as7Vq0VU6AUN6DrXp7LgIBujH%2F3RzO3578iRQaN4aRMWOZKAqlka8s%2FwOA9qWVpKFmhRx6lJ9thTJOJbR4A1UUTf2e9n1VfvcsAGwMKwCYSc28DK2p5WfcZ4wJ8iCXaLZXez8B4ffe4NjHOPFAdyYe5myaUym9aTAvDcv3WKGQ9gzJxKNoBuWbKNL%2FHk1pedRTaFiGXOLkAAmBimLKnXN5y0sn%2FcCnZ3xVmfaLFNNFavpW0klk0NV5Hr49nPk7MNkMgFz9%2BWb2p0HBIqLcgsIue6aiA1sVoS2vZqdszubrDE63P7%2F4Pehnltdb0ij%2FIcMYhCPoGEf0JmMDg9hClF91lRlrmCKvxpAeRGq%2BWrL%2FXsvfELC1b6agJ6RlAH%2Bus518mEh6pfFe%2BR5jffbrzusxCdFRPNg2a4dVomKjGJxZ6zrSiMzNwQG7eej20NihRoZ6uSpQrRyDSaJ806nGkP%2B22%2F7qV2XQGrLtsuxZ%2FOcDK9dNDCjsD6JwCo4bZ0DZFbOh%2FcPNMvPZAkG%2FSCzjHYRVKkB2q8MK3ICnIfmBVEZGfkNnwPTe5D4FotNt54VqGD5s56U%2FXw7dTvHj5kZxco4OFw7YrriFxO5C4Y9996XbqsZq3ZhHukkP4RG2R0Lr |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AXEAUtmDrU5YGEqOGGI5rdpSHRo0MQdugvlIlFYAO8QbEH5xAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPMNkZzbxXayx47py8m0KWjr8Bgn030vM1hKke6NSLg_FY1En4bLBdDHxwJXnhLPJaqkSdeWeyQSzgqOr5K87J_FLWBHoEZokLUE8WID4Od8UgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPPHANSvmGashT1Hn6_ZT0FFWdSnbnkg0DxdbHNQc60dSgkjSSu9oeZTUV8GMzI64abFXE4yXV0GRycdTgDAo0gCSwVKrkR6ZyGb_0lbRfWa3sJtzlnYUd7J2wSxgN65UJ3ne6OiTxxeyNQY4wnRrmXZQWqoB7M2n0iYe_7nmRpp_HnzCjZuG_6dyxCCnzqRk1Bh18f4lEflHZsWPD8fdNk1XkoaX5N2zmFI2tRU4NY8EgAA |
|
login.microsoftonline.com/ | Name: fpc Value: Ah8-PP421kNEhC2Yd9DEe12szh-0AQAAAGGctdwOAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: e7d5e40d80d24981995b3f21c2c07875 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1696834914&co=1 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: An98pc_abRlDkJxexyoI468 |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
ac5z5e7vy.accounts.ondemand.com
autologon.microsoftazuread-sso.com
hcm44.sapsf.com
login.live.com
login.microsoftonline.com
pacificint.lms.sapsf.com
20.190.144.166
23.52.112.27
23.52.114.20
2603:1036:3000:f0::1
2603:1047:1:198::6
2606:2800:247:8f3c:39fe:2753:7a35:e3da
2620:1ec:bdf::59
52.221.66.111
002c2c1163e76cbf2e84d56cf869b76235038529893ebf30757cfe24b817cf03
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99
1ab01c91b04b38ae58f6f871ac34d7f1c9050cc60278121d13a5f3f744a91d94
1efc15789fa0e2c953062969f7720b1e0f11122ad91d5b02319e104f7aa11613
2a6979b8680fa928224cd64a30c35c3e58c0a611a9ffce34a71ee8cd8517095f
3ce7902a09890fddd2f54f76a6d96abd37c2401151bea208d02f89254131c9f2
40280b8b1243ceeb3bd1c49f0268c0975276d13c42c8c08ba873e46ad9a5d9a8
4818517b6d77798f76d2b5de51c4d4548ef4837bac1ff84c5065c8ea53417a5f
4ac672a4d4da618c9887141f3c6003e59004acb3ef36280738a98714c821248e
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8d3d8c3171703c43166941477854053f219527ba63c0ff8e817def0a9ecbba6a
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e94a7eccad54e3e43b451600bdb9c6cf5c7b06a442cfca9aab77c994c982d9d6
f0a443e7ac848e93865766c2efbae8d242e992daf5865d1254dcefe096289db1
f54fc8729bf824e0c448ece7a95ea026e5da8abc39fcb2de95ee5587aebd7ca2
fabf8bec8883bf57975e4458ad2fb0d7a9c3b9a3b59c2f03c359fc0051dfb6c8
fc22bdb8c229027abb84eb72a7e6ac992ab61bccce60b94ee7a04bf0f9986f79