login.microsoftonline.com
Open in
urlscan Pro
20.190.160.17
Public Scan
Effective URL: https://login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/saml2?sso_reload=true
Submission: On May 27 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 23rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:224... 2600:9000:2240:e400:19:9934:6a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 9 | 2600:9000:231... 2600:9000:2315:d600:14:227e:4180:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.2.217 151.101.2.217 | 54113 (FASTLY) (FASTLY) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.243.146 162.247.243.146 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.66.248.3 18.66.248.3 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:401... 2a00:1450:4014:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.14.242.28 52.14.242.28 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 52.222.214.26 52.222.214.26 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 20.190.160.17 20.190.160.17 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2620:1ec:49::45 2620:1ec:49::45 | () () | |
1 | 40.126.32.136 40.126.32.136 | () () | |
2 | 152.199.23.72 152.199.23.72 | () () | |
1 | 2603:1026:300... 2603:1026:3000:148::e | () () | |
42 | 15 |
ASN16509 (AMAZON-02, US)
itcinfotech.edcast.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-3.dus51.r.cloudfront.net
d2m321vfjedqj8.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-242-28.us-east-2.compute.amazonaws.com
edcast.okta.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-26.fra56.r.cloudfront.net
ok6static.oktacdn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
msauth.net
aadcdn.msauth.net |
222 KB |
9 |
edcast.com
1 redirects
itcinfotech.edcast.com |
1 MB |
4 |
oktacdn.com
ok6static.oktacdn.com — Cisco Umbrella Rank: 18067 |
248 KB |
2 |
msauthimages.net
aadcdn.msauthimages.net |
289 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 24 |
109 KB |
2 |
nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 346 |
2 KB |
2 |
launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1909 |
5 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42 |
2 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com |
1 KB |
1 |
live.com
login.live.com |
|
1 |
okta.com
edcast.okta.com — Cisco Umbrella Rank: 127119 |
11 KB |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
1 |
cloudfront.net
d2m321vfjedqj8.cloudfront.net |
8 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 347 |
18 KB |
1 |
app.link
1 redirects
95jo.app.link |
616 B |
42 | 15 |
Domain | Requested by | |
---|---|---|
11 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
9 | itcinfotech.edcast.com |
1 redirects
itcinfotech.edcast.com
|
4 | ok6static.oktacdn.com |
edcast.okta.com
|
2 | aadcdn.msauthimages.net | |
2 | login.microsoftonline.com |
aadcdn.msauth.net
|
2 | bam-cell.nr-data.net |
itcinfotech.edcast.com
js-agent.newrelic.com |
2 | app.launchdarkly.com |
itcinfotech.edcast.com
|
2 | fonts.googleapis.com |
itcinfotech.edcast.com
|
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | edcast.okta.com |
itcinfotech.edcast.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | d2m321vfjedqj8.cloudfront.net |
itcinfotech.edcast.com
|
1 | js-agent.newrelic.com |
itcinfotech.edcast.com
|
1 | 95jo.app.link | 1 redirects |
42 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.edcast.com Amazon |
2022-03-25 - 2023-04-23 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-12-24 - 2023-01-25 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-10-06 - 2022-11-07 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-10 - 2023-02-10 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.okta.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-07 - 2023-04-07 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-02-23 - 2023-02-23 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-04-19 - 2023-04-19 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2022-05-11 - 2023-05-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/saml2?sso_reload=true
Frame ID: CDF2EB60E2532AF8338D6E1C40AC4C83
Requests: 41 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://95jo.app.link/l52tHXZh2pb
HTTP 307
https://itcinfotech.edcast.com/insights/prevention-of-sexual?deep_link_id=9184824&deep_link_type=assignment... Page URL
-
https://itcinfotech.edcast.com/auth/lxp_oauth?current_host=eUtYSThJYncya3gzNzZzNkpIOUxFeHM4Z3JRdmhOTjFYdTdN...
HTTP 302
https://edcast.okta.com/oauth2/v1/authorize?client_id=fjuxYVBX0428%21&idp=0oaeu828yi7VprHNz2p7&nonce... Page URL
- https://login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/saml2 Page URL
- https://login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/saml2?sso_reload=true Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://95jo.app.link/l52tHXZh2pb
HTTP 307
https://itcinfotech.edcast.com/insights/prevention-of-sexual?deep_link_id=9184824&deep_link_type=assignment-card&_branch_match_id=1058671127019151820&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXtzTNytdLLCjQy8nMy9bPMTUq8YiIyjAqSAIAB4tyWCEAAAA%3D Page URL
-
https://itcinfotech.edcast.com/auth/lxp_oauth?current_host=eUtYSThJYncya3gzNzZzNkpIOUxFeHM4Z3JRdmhOTjFYdTdNUzBqemhrc3R4TzZXNFlZZmRnelN4UHRVYW1xSC0tR3hZc1hCNXdxR1ZuQlM3R1lTVFEvZz09--911ff27fd466fc4e41de428452029e1c298861c6&connector=eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjE1NDUifQ.qPcrXCTbdeS8vj6a0H1P1myw1BpHExac07JxFeTlKTM&provider=saml&origin=https://itcinfotech.edcast.com/insights/prevention-of-sexual?deep_link_id=9184824&deep_link_type=assignment-card&_branch_match_id=1058671127019151820&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXtzTNytdLLCjQy8nMy9bPMTUq8YiIyjAqSAIAB4tyWCEAAAA%3D
HTTP 302
https://edcast.okta.com/oauth2/v1/authorize?client_id=fjuxYVBX0428%21&idp=0oaeu828yi7VprHNz2p7&nonce=YsG76jo&redirect_uri=https%3A%2F%2Fitcinfotech.edcast.com%2Fauth%2Flxp_oauth%2Fcallback&response_mode=query&response_type=code&scope=openid+email+profile+offline_access&state=3884d02c78547387f244282aa55cad172afb6960615f48ac Page URL
- https://login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/saml2 Page URL
- https://login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/saml2?sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://95jo.app.link/l52tHXZh2pb HTTP 307
- https://itcinfotech.edcast.com/insights/prevention-of-sexual?deep_link_id=9184824&deep_link_type=assignment-card&_branch_match_id=1058671127019151820&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXtzTNytdLLCjQy8nMy9bPMTUq8YiIyjAqSAIAB4tyWCEAAAA%3D
- https://itcinfotech.edcast.com/auth/lxp_oauth?current_host=eUtYSThJYncya3gzNzZzNkpIOUxFeHM4Z3JRdmhOTjFYdTdNUzBqemhrc3R4TzZXNFlZZmRnelN4UHRVYW1xSC0tR3hZc1hCNXdxR1ZuQlM3R1lTVFEvZz09--911ff27fd466fc4e41de428452029e1c298861c6&connector=eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjE1NDUifQ.qPcrXCTbdeS8vj6a0H1P1myw1BpHExac07JxFeTlKTM&provider=saml&origin=https://itcinfotech.edcast.com/insights/prevention-of-sexual?deep_link_id=9184824&deep_link_type=assignment-card&_branch_match_id=1058671127019151820&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXtzTNytdLLCjQy8nMy9bPMTUq8YiIyjAqSAIAB4tyWCEAAAA%3D HTTP 302
- https://edcast.okta.com/oauth2/v1/authorize?client_id=fjuxYVBX0428%21&idp=0oaeu828yi7VprHNz2p7&nonce=YsG76jo&redirect_uri=https%3A%2F%2Fitcinfotech.edcast.com%2Fauth%2Flxp_oauth%2Fcallback&response_mode=query&response_type=code&scope=openid+email+profile+offline_access&state=3884d02c78547387f244282aa55cad172afb6960615f48ac
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
prevention-of-sexual
itcinfotech.edcast.com/insights/ Redirect Chain
|
65 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1652791999611-main.css
itcinfotech.edcast.com/ |
833 KB 125 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1652791999611-common.js
itcinfotech.edcast.com/ |
992 KB 260 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1652791999611-bootstrap.js
itcinfotech.edcast.com/ |
111 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dist-1652791999611-main.js
itcinfotech.edcast.com/ |
3 MB 823 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
itcinfotech.edcast.com/i/images/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 737 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJrZXkiOiJhbm9ueW1vdXNAaXRjaW5mb3RlY2giLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJvcmciOiJpdGNpbmZvdGVjaCJ9fQ
app.launchdarkly.com/sdk/evalx/59237632cace6509f8df21f1/users/ |
34 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info.json
itcinfotech.edcast.com/api/users/ |
61 B 509 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1216.min.js
js-agent.newrelic.com/ |
49 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
eyJrZXkiOiJhbm9ueW1vdXNAaXRjaW5mb3RlY2giLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJvcmciOiJpdGNpbmZvdGVjaCJ9fQ
app.launchdarkly.com/sdk/evalx/59237632cace6509f8df21f1/users/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
537d1e3ee8
bam-cell.nr-data.net/1/ |
49 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us_prod_default_images.json
d2m321vfjedqj8.cloudfront.net/default_images/ |
36 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
edcast.okta.com/oauth2/v1/ Redirect Chain
|
31 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edcast_translation.csv
itcinfotech.edcast.com/translations/en/ |
54 KB 18 KB |
XHR
text/csv |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
537d1e3ee8
bam-cell.nr-data.net/events/1/ |
24 B 844 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
537d1e3ee8
bam-cell.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
537d1e3ee8
bam-cell.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js
ok6static.oktacdn.com/assets/js/ |
287 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.c55ad669849cbc31330f5bb02ef76c1b.css
ok6static.oktacdn.com/assets/css/sections/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
ok6static.oktacdn.com/assets/img/ui/indicators/ |
143 KB 144 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok6static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
saml2
login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/ |
153 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
saml2
login.microsoftonline.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/ |
199 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_6J06iic7msGxWHwxS1Qglg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
378 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_6ca86789a5ca36d5de0c.js
aadcdn.msauth.net/shared/1.0/content/js/ |
81 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_dleyhmk9dgvufebxr4oyiq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 15 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_5ae001837875e6d5d706.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_1adab4c9a8227bd729f8.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/447973e2-nxiiftuefkxykgoxced0dmtbjg6vqf413yszsk860ks/logintenantbranding/0/ |
282 KB 283 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/447973e2-nxiiftuefkxykgoxced0dmtbjg6vqf413yszsk860ks/logintenantbranding/0/ |
6 KB 6 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/622f8cde-07b5-4d16-ab2a-6dc0c3a66e35/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 967 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/events/1/537d1e3ee8?a=656800752&v=1216.487a282&to=Y1VQZkFWVhUEVkUNC1offF1BWlkKDE9UADFGWR0Y&rst=4238&ck=1&ref=https://itcinfotech.edcast.com/insights/prevention-of-sexual
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/jserrors/1/537d1e3ee8?a=656800752&v=1216.487a282&to=Y1VQZkFWVhUEVkUNC1offF1BWlkKDE9UADFGWR0Y&rst=4239&ck=1&ref=https://itcinfotech.edcast.com/insights/prevention-of-sexual
- Domain
- login.microsoftonline.com
- URL
- https://login.microsoftonline.com/common/instrumentation/dssostatus
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.app.link/ | Name: _s Value: rD00ftPNw8T0rMShCUrxNJ6T7gVttTApIM7lsKntAAgvBgI5tbxktTIPD%2B6ygweX |
|
itcinfotech.edcast.com/ | Name: _d Value: VcSSFO9MDbXMkibIdywo9g |
|
.nr-data.net/ | Name: JSESSIONID Value: 94795340241f4065 |
|
itcinfotech.edcast.com/ | Name: _edcast_session Value: 557bf0f291b095fc540c75da55eff614 |
|
edcast.okta.com/ | Name: JSESSIONID Value: 6CF1AC8834BDC7E4F1BBE139B75C0D1A |
|
edcast.okta.com/ | Name: t Value: sea |
|
edcast.okta.com/ | Name: DT Value: DI0sIU4sDP4S62HvroMqk-XfQ |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AT4A3owvYrUHFk2rKm3Aw6ZuNSlcgCySZ2BGl3J2SZXYuq8-AAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevruGcORvgG-5LqKXWxFHK3HzrROJvnPICYRVSKJKZFra4Qjeyl1Ik3N6i3Rsko06NxTX7gLRHlOskXBd2bI5hJDyeyh8c_D6SC0bPaTFNk9UUgAA |
|
login.microsoftonline.com/ | Name: fpc Value: AmDzrjYBMgRLiCT5vg4fM84IoocNAQAAACmWItoOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevrc7Ub-C71UdA2VEClu9HPGBp7T07g2qav5ISqbqPBK10rSJQebGFlAzEndqWXRPbQaILE2M8Q_Z5nRAn6W58NULHrNWF1rmtpGnp_Um5QICv-a0hhtgYODdMG8gEfpMbbxIP5hgJOyLn0L3QDgvlWPP71JnAA7j1kHU1y5FQ8vaggAA |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' data: ws: blob: wss: https://*.launchdarkly.com https://*.cloudfront.net https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://bam-cell.nr-data.net/ https://api-iam.intercom.io/ https://www.edcast.me/ https://d.la2-c1cs-ord.salesforceliveagent.com/ https://*.agora.io https://*.agoraio.cn https://*.edcast.io/ https://*.edcast.com/ https://*.edcast.com/cdn/uploads/ http://*.soc.edcast.com/ https://api-europe-edcast.io/ https://cdn.filestackcontent.com/ https://*.guideme.io/ https://*.hotjar.com/ https://*.api.osano.com/ https://*.myguide.org/ https://*.s3.amazonaws.com/ https://*.s3.us-west-2.amazonaws.com/ https://*.s3-us-west-2.amazonaws.com/ https://*.filestackapi.com/ https://*.company-target.com/ https://*.6sc.co/ https://*.adnxs.com/ https://www.facebook.com https://gjtrack.ucweb.com https://plugin.ucads.ucweb.com https://example.com/ https://securepubads.g.doubleclick.net/ https://hlg.tokbox.com/ https://*.opentok.com/ https://api.go1.co/portal/properties/industry https://api.go1.co/portal/properties/country;script-src 'self' blob: data: ws: wss: 'unsafe-inline' 'unsafe-eval' https://js-agent.newrelic.com/ https://www.googletagmanager.com/ https://bam-cell.nr-data.net/ https://*.google-analytics.com/ https://snap.licdn.com/li.lms-analytics/ https://editor.unlayer.com/ https://widget.intercom.io/ https://js.intercomcdn.com https://*.guideme.io/ https://cdnjs.cloudflare.com/ https://connect.facebook.net/ https://d2r1yp2w7bby2u.cloudfront.net/js/ https://wzrkt.com/ https://*.my.salesforce.com/ https://*.salesforceliveagent.com/ https://googleads.g.doubleclick.net/ https://www.googleadservices.com/ https://*.clearbitjs.com/ https://*.clearbit.com/ https://*.company-target.com/ https://tag.demandbase.com/ https://*.6sc.co https://*.google.com/ https://cdn.jsdelivr.net/ https://*.my.salesforce.com/ https://*.filestackapi.com/ https://*.osano.com/ https://*.hotjar.com/ https://www.youtube.com/ https://*.googleapis.com/ https://gateway.zscalerthree.net https://www.pagespeed-mod.com/v1/ https://els-jbs-prod-cdn.jbs.elsevierhealth.com/ https://www.pagespeed-mod.com/ https://cdn.walkme.com/ https://*.ckeditor.com/ https://ckeditor.iframe.ly/ https://embedding.workato.com/r/;style-src 'self' blob: data: ws: wss: 'unsafe-inline' 'unsafe-eval' https://*.googleapis.com/ https://*.guideme.io/ https://*.my.salesforce.com/ https://service.force.com/ https://static.filestackapi.com/ https://*.ckeditor.com/ https://www.googletagmanager.com/ https://*.bootstrapcdn.com/ https://pwm-image.trendmicro.com/ https://*.edcast.com/;font-src 'self' blob: data: ws: wss: https://fonts.gstatic.com/s/ https://*.s3.amazonaws.com/fonts/ https://*.guideme.io/ https://static3.avast.com/ https://use.typekit.net;img-src 'self' data: blob: https: http: about: android-webview-video-poster:;frame-src 'self' atlassian-companion: data: blob: https:;report-uri /api/v2/csp_reports |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
95jo.app.link
aadcdn.msauth.net
aadcdn.msauthimages.net
app.launchdarkly.com
autologon.microsoftazuread-sso.com
bam-cell.nr-data.net
d2m321vfjedqj8.cloudfront.net
edcast.okta.com
fonts.googleapis.com
fonts.gstatic.com
itcinfotech.edcast.com
js-agent.newrelic.com
login.live.com
login.microsoftonline.com
ok6static.oktacdn.com
bam-cell.nr-data.net
login.microsoftonline.com
151.101.194.137
151.101.2.217
152.199.23.72
162.247.243.146
18.66.248.3
20.190.160.17
2600:9000:2240:e400:19:9934:6a80:93a1
2600:9000:2315:d600:14:227e:4180:93a1
2603:1026:3000:148::e
2620:1ec:49::45
2a00:1450:4001:829::200a
2a00:1450:4014:80b::2003
40.126.32.136
52.14.242.28
52.222.214.26
003c5c4bea392ff9c9b2445f99a7118decc3c0b017e253af918422469186ac29
0d3ed0e877d4eda5f71d3829655afa65d9fecaa4cce9c767ebcb047e98274b32
26cc032ea36aaa353ceeb2d96e067304dadd508647d29049e60f479945420197
2d77a72b68a0101d13dad52b84d27980a0fbeafd7cc9a32a523b493116f9badf
2f95af9d280e9db82e10e04f09a6f3e063232b0c6bc582819c0f3023165bef8d
38cbba856137e3fb0cfbacac08f9a59d94399052b3ccdcc789e548d12021e54c
39b1faba6e76e0ca2ae4f006b5e033be96ef7627e96e6333f3197cdb8846171c
3f0184e74bb627ab8e05bdc85d80f82f1a12598851e5fca2eb90e22350277ce9
4a92592a10ee14828698950e3f4ce5d0b011fca631839c64d45f25637c7e2d1a
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
83e5c40a8ddd51169da41aeb69217202f874894146412b8e282ce18b77995a03
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
902045eab5232a52d5b0ec4fe1e3c553729e3d7571d1599f490213dec0954524
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b746691179c33d55dc8737603d7bc595a91f3602415851af3d40d0c5d7b3fa8b
c2ba1621da2918ed2c1a295dc48a887d13c76dcce0dfc885bdd0e92ad50da144
c5918f1bb90431cdfedf77323324894cc63bfd8f2d2e8b8a6752a5bf908ad1c6
c7ae0ad8b71702d64e501e2e1f6f15fd8db42f03c26e450eef88db19f9d81487
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
dbd30ba4511ef68b6f481a12fd4cb48b97b42f018fa24335335b84e4786250c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f84b7fcdf155189eb36e29c796bf7edf2d5c7f7c1a98f59ad8b7cfb04a1f06
ec1419de9f918617b1d71ca74f43d5a422f5ad9f1a4af233530135499be80046