![](/screenshots/1927c715-66b7-4ac8-b308-6488bc98b7d8.png)
login.microsoftonline.com
Open in
urlscan Pro
20.190.159.68
Public Scan
Effective URL: https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba14...
Submission: On June 13 via manual from IN — Scanned from GB
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 20.68.204.133 20.68.204.133 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 142.250.74.202 142.250.74.202 | 15169 (GOOGLE) (GOOGLE) | |
1 | 40.85.137.142 40.85.137.142 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 3 | 51.104.28.65 51.104.28.65 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 2 | 40.126.32.66 40.126.32.66 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 40.126.32.129 40.126.32.129 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 20.190.159.68 20.190.159.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 152.199.21.175 152.199.21.175 | 15133 (EDGECAST) (EDGECAST) | |
1 | 20.190.159.75 20.190.159.75 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
22 | 8 |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net
fonts.googleapis.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
identity.apinternal.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
myapps.microsoft.com | |
launcher.myapps.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
account.activedirectory.windowsazure.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1105 |
310 KB |
7 |
empowerbt.com
empowerbt.com |
1 MB |
3 |
apinternal.com
2 redirects
identity.apinternal.com |
3 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
29 KB |
2 |
microsoft.com
2 redirects
myapps.microsoft.com — Cisco Umbrella Rank: 6830 launcher.myapps.microsoft.com — Cisco Umbrella Rank: 7375 |
4 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 65 |
|
1 |
windowsazure.com
1 redirects
account.activedirectory.windowsazure.com — Cisco Umbrella Rank: 9374 |
390 B |
1 |
gnatta.com
chat.system.gnatta.com — Cisco Umbrella Rank: 145025 |
19 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77 |
1 KB |
0 |
msftauthimages.net
Failed
aadcdn.msftauthimages.net Failed |
|
22 | 10 |
Domain | Requested by | |
---|---|---|
7 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
7 | empowerbt.com |
empowerbt.com
|
3 | identity.apinternal.com |
2 redirects
empowerbt.com
|
2 | login.microsoftonline.com |
empowerbt.com
aadcdn.msftauth.net |
1 | login.live.com |
login.microsoftonline.com
|
1 | launcher.myapps.microsoft.com | 1 redirects |
1 | account.activedirectory.windowsazure.com | 1 redirects |
1 | myapps.microsoft.com | 1 redirects |
1 | chat.system.gnatta.com |
empowerbt.com
|
1 | fonts.googleapis.com |
empowerbt.com
|
0 | aadcdn.msftauthimages.net Failed | |
22 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.empowerbt.com Go Daddy Secure Certificate Authority - G2 |
2024-04-19 - 2025-05-18 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
chat.system.gnatta.com R3 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
*.apinternal.com Go Daddy Secure Certificate Authority - G2 |
2024-06-02 - 2025-07-04 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-27 - 2025-05-27 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-09 - 2025-05-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=klvRRE6D1RBl-RyqtmO_IzftqvCqXEJOwP67zMLSRaI&code_challenge_method=S256&response_mode=form_post&nonce=638538695127566358.ZGRjYWVlOTctZmQwNy00N2MxLWE1ZGItZDY0NjUxM2NiNDczMTEwNzgxZjktZWY1MS00NWEzLWE3NDEtNjI0ZjgwMWVhNjY3&client_info=1&x-client-brkrver=IDWeb.2.17.1.0&client-request-id=d7364b1d-1d4e-476e-a462-ada1838117ee&state=CfDJ8MTvNzUapgpAgYv3wzNRvECKgI5Ds_qYnG6Uy6VUzorFQqurmXzFNShpN_-7LSxpgXCdDVhybO0Popqusj18d_CxP_eBlUH9vmvMWHQoBNYFQK57UHa0e_uV2UZR_pYUDr--TdSCwmg49ikjlrqfazR3Ac27O0BG-ieOlDbNxh4vi6WHR5fr58_TcCUiIpYx2QL-JmlAwIg8TGcI0GlgtY9CdXuqdCXHCDuRBDtJsIKHZL6TTgaSPy3dyR5tlV-6XUwRfVTGZoUcQQR3fX7JMjMfgl-rg9uSYibWBorqvQCJ9J6qAtoPDGS8v_mwsut3dRqWt3BGnFSx6mt1d-RHCigGZBaCBOtGCK4OA8scuVkYJEiy4_DkeOrwI-7EuHVrUREcF1hD7tjuALQxoEXe5zlZpmZY1kfUA9UV2OYqxELJalebrUXuUHebCSRSyGrRVhz2DePArglzWF5lCbtrHjfMwlx4KK46Ac3qwO9hHI6muuJnLMWOAwyyoVBosZDNhcP2t3MpQJiu3yo_YUoU5SMd3LjBpZ_wPCeCTJ7K-fekq8NCucOifbjAPEz6Slf05qy_ZB0dwDfiWkels-MpjwUsPp8z8nWKCaSfLVI0GiL_&x-client-SKU=ID_NET6_0&x-client-ver=7.4.0.0&sso_reload=true
Frame ID: 209D4CDD908A0C58558A854E0909FEEE
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/1927c715-66b7-4ac8-b308-6488bc98b7d8.png)
Page Title
Sign in to your accountPage URL History Show full URLs
- https://empowerbt.com/notifications/open/756674/ Page URL
-
https://identity.apinternal.com/connect/authorize?client_id=processengine.dashboard&redirect_uri=https%3A%2F...
HTTP 302
https://identity.apinternal.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dproc... HTTP 302
https://myapps.microsoft.com/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41... HTTP 302
https://account.activedirectory.windowsazure.com/applications/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9... HTTP 301
https://launcher.myapps.microsoft.com/api/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-... HTTP 302
https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7... Page URL
- https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://empowerbt.com/notifications/open/756674/ Page URL
-
https://identity.apinternal.com/connect/authorize?client_id=processengine.dashboard&redirect_uri=https%3A%2F%2Fempowerbt.com%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20processengineuserapiaccess%20processengineserviceapiaccess%20searchapiaccess%20appapiaccess%20caseapiaccess%20configurationapiaccess%20workflowtrackingapiaccess%20processenginedocumentserviceapiaccess%20processengineknowledgeportalapiaccess&state=59fd989ef6dd492c940816bc7fc5d961&nonce=c41c8296446c461290617a4d0952dbce
HTTP 302
https://identity.apinternal.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dprocessengine.dashboard%26redirect_uri%3Dhttps%253A%252F%252Fempowerbt.com%252Fsignin%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520processengineuserapiaccess%2520processengineserviceapiaccess%2520searchapiaccess%2520appapiaccess%2520caseapiaccess%2520configurationapiaccess%2520workflowtrackingapiaccess%2520processenginedocumentserviceapiaccess%2520processengineknowledgeportalapiaccess%26state%3D59fd989ef6dd492c940816bc7fc5d961%26nonce%3Dc41c8296446c461290617a4d0952dbce HTTP 302
https://myapps.microsoft.com/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f756674%2f HTTP 302
https://account.activedirectory.windowsazure.com/applications/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f756674%2f HTTP 301
https://launcher.myapps.microsoft.com/api/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f756674%2f HTTP 302
https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=klvRRE6D1RBl-RyqtmO_IzftqvCqXEJOwP67zMLSRaI&code_challenge_method=S256&response_mode=form_post&nonce=638538695127566358.ZGRjYWVlOTctZmQwNy00N2MxLWE1ZGItZDY0NjUxM2NiNDczMTEwNzgxZjktZWY1MS00NWEzLWE3NDEtNjI0ZjgwMWVhNjY3&client_info=1&x-client-brkrver=IDWeb.2.17.1.0&client-request-id=d7364b1d-1d4e-476e-a462-ada1838117ee&state=CfDJ8MTvNzUapgpAgYv3wzNRvECKgI5Ds_qYnG6Uy6VUzorFQqurmXzFNShpN_-7LSxpgXCdDVhybO0Popqusj18d_CxP_eBlUH9vmvMWHQoBNYFQK57UHa0e_uV2UZR_pYUDr--TdSCwmg49ikjlrqfazR3Ac27O0BG-ieOlDbNxh4vi6WHR5fr58_TcCUiIpYx2QL-JmlAwIg8TGcI0GlgtY9CdXuqdCXHCDuRBDtJsIKHZL6TTgaSPy3dyR5tlV-6XUwRfVTGZoUcQQR3fX7JMjMfgl-rg9uSYibWBorqvQCJ9J6qAtoPDGS8v_mwsut3dRqWt3BGnFSx6mt1d-RHCigGZBaCBOtGCK4OA8scuVkYJEiy4_DkeOrwI-7EuHVrUREcF1hD7tjuALQxoEXe5zlZpmZY1kfUA9UV2OYqxELJalebrUXuUHebCSRSyGrRVhz2DePArglzWF5lCbtrHjfMwlx4KK46Ac3qwO9hHI6muuJnLMWOAwyyoVBosZDNhcP2t3MpQJiu3yo_YUoU5SMd3LjBpZ_wPCeCTJ7K-fekq8NCucOifbjAPEz6Slf05qy_ZB0dwDfiWkels-MpjwUsPp8z8nWKCaSfLVI0GiL_&x-client-SKU=ID_NET6_0&x-client-ver=7.4.0.0 Page URL
- https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=klvRRE6D1RBl-RyqtmO_IzftqvCqXEJOwP67zMLSRaI&code_challenge_method=S256&response_mode=form_post&nonce=638538695127566358.ZGRjYWVlOTctZmQwNy00N2MxLWE1ZGItZDY0NjUxM2NiNDczMTEwNzgxZjktZWY1MS00NWEzLWE3NDEtNjI0ZjgwMWVhNjY3&client_info=1&x-client-brkrver=IDWeb.2.17.1.0&client-request-id=d7364b1d-1d4e-476e-a462-ada1838117ee&state=CfDJ8MTvNzUapgpAgYv3wzNRvECKgI5Ds_qYnG6Uy6VUzorFQqurmXzFNShpN_-7LSxpgXCdDVhybO0Popqusj18d_CxP_eBlUH9vmvMWHQoBNYFQK57UHa0e_uV2UZR_pYUDr--TdSCwmg49ikjlrqfazR3Ac27O0BG-ieOlDbNxh4vi6WHR5fr58_TcCUiIpYx2QL-JmlAwIg8TGcI0GlgtY9CdXuqdCXHCDuRBDtJsIKHZL6TTgaSPy3dyR5tlV-6XUwRfVTGZoUcQQR3fX7JMjMfgl-rg9uSYibWBorqvQCJ9J6qAtoPDGS8v_mwsut3dRqWt3BGnFSx6mt1d-RHCigGZBaCBOtGCK4OA8scuVkYJEiy4_DkeOrwI-7EuHVrUREcF1hD7tjuALQxoEXe5zlZpmZY1kfUA9UV2OYqxELJalebrUXuUHebCSRSyGrRVhz2DePArglzWF5lCbtrHjfMwlx4KK46Ac3qwO9hHI6muuJnLMWOAwyyoVBosZDNhcP2t3MpQJiu3yo_YUoU5SMd3LjBpZ_wPCeCTJ7K-fekq8NCucOifbjAPEz6Slf05qy_ZB0dwDfiWkels-MpjwUsPp8z8nWKCaSfLVI0GiL_&x-client-SKU=ID_NET6_0&x-client-ver=7.4.0.0&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://identity.apinternal.com/connect/authorize?client_id=processengine.dashboard&redirect_uri=https%3A%2F%2Fempowerbt.com%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20processengineuserapiaccess%20processengineserviceapiaccess%20searchapiaccess%20appapiaccess%20caseapiaccess%20configurationapiaccess%20workflowtrackingapiaccess%20processenginedocumentserviceapiaccess%20processengineknowledgeportalapiaccess&state=59fd989ef6dd492c940816bc7fc5d961&nonce=c41c8296446c461290617a4d0952dbce HTTP 302
- https://identity.apinternal.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dprocessengine.dashboard%26redirect_uri%3Dhttps%253A%252F%252Fempowerbt.com%252Fsignin%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520processengineuserapiaccess%2520processengineserviceapiaccess%2520searchapiaccess%2520appapiaccess%2520caseapiaccess%2520configurationapiaccess%2520workflowtrackingapiaccess%2520processenginedocumentserviceapiaccess%2520processengineknowledgeportalapiaccess%26state%3D59fd989ef6dd492c940816bc7fc5d961%26nonce%3Dc41c8296446c461290617a4d0952dbce HTTP 302
- https://myapps.microsoft.com/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f756674%2f HTTP 302
- https://account.activedirectory.windowsazure.com/applications/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f756674%2f HTTP 301
- https://launcher.myapps.microsoft.com/api/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f756674%2f HTTP 302
- https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=klvRRE6D1RBl-RyqtmO_IzftqvCqXEJOwP67zMLSRaI&code_challenge_method=S256&response_mode=form_post&nonce=638538695127566358.ZGRjYWVlOTctZmQwNy00N2MxLWE1ZGItZDY0NjUxM2NiNDczMTEwNzgxZjktZWY1MS00NWEzLWE3NDEtNjI0ZjgwMWVhNjY3&client_info=1&x-client-brkrver=IDWeb.2.17.1.0&client-request-id=d7364b1d-1d4e-476e-a462-ada1838117ee&state=CfDJ8MTvNzUapgpAgYv3wzNRvECKgI5Ds_qYnG6Uy6VUzorFQqurmXzFNShpN_-7LSxpgXCdDVhybO0Popqusj18d_CxP_eBlUH9vmvMWHQoBNYFQK57UHa0e_uV2UZR_pYUDr--TdSCwmg49ikjlrqfazR3Ac27O0BG-ieOlDbNxh4vi6WHR5fr58_TcCUiIpYx2QL-JmlAwIg8TGcI0GlgtY9CdXuqdCXHCDuRBDtJsIKHZL6TTgaSPy3dyR5tlV-6XUwRfVTGZoUcQQR3fX7JMjMfgl-rg9uSYibWBorqvQCJ9J6qAtoPDGS8v_mwsut3dRqWt3BGnFSx6mt1d-RHCigGZBaCBOtGCK4OA8scuVkYJEiy4_DkeOrwI-7EuHVrUREcF1hD7tjuALQxoEXe5zlZpmZY1kfUA9UV2OYqxELJalebrUXuUHebCSRSyGrRVhz2DePArglzWF5lCbtrHjfMwlx4KK46Ac3qwO9hHI6muuJnLMWOAwyyoVBosZDNhcP2t3MpQJiu3yo_YUoU5SMd3LjBpZ_wPCeCTJ7K-fekq8NCucOifbjAPEz6Slf05qy_ZB0dwDfiWkels-MpjwUsPp8z8nWKCaSfLVI0GiL_&x-client-SKU=ID_NET6_0&x-client-ver=7.4.0.0
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
empowerbt.com/notifications/open/756674/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
empowerbt.com/ |
1 KB 1012 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
chat.system.gnatta.com/script/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.1da6b0cf.chunk.css
empowerbt.com/static/css/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.026e43d5.chunk.css
empowerbt.com/static/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.1c351de3.chunk.js
empowerbt.com/static/js/ |
3 MB 842 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.83115490.chunk.js
empowerbt.com/static/js/ |
3 MB 388 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
identity.apinternal.com/.well-known/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
empowerbt.com/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/ Redirect Chain
|
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/ |
50 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_ICLzoUsGpmKj428t2HizvA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
437 KB 119 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en-gb.min_vhxcsjrljmgembwyanzs0a2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
54 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-0k0wnld7xt1xgmba8a3eh-r87nnzsewzxha2rfq1bxo/logintenantbranding/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-0k0wnld7xt1xgmba8a3eh-r87nnzsewzxha2rfq1bxo/logintenantbranding/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aadcdn.msftauthimages.net
- URL
- https://aadcdn.msftauthimages.net/c1c6b6c8-0k0wnld7xt1xgmba8a3eh-r87nnzsewzxha2rfq1bxo/logintenantbranding/0/illustration?ts=638059562865299625
- Domain
- aadcdn.msftauthimages.net
- URL
- https://aadcdn.msftauthimages.net/c1c6b6c8-0k0wnld7xt1xgmba8a3eh-r87nnzsewzxha2rfq1bxo/logintenantbranding/0/bannerlogo?ts=638059562844205909
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
launcher.myapps.microsoft.com/api/signin-oidc | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8MTvNzUapgpAgYv3wzNRvEAZhRoIbkReQh4BD5cXXt8IJex7hzt2pvP8mE6YRlldzdTpvF3J9or5XH00FEZfAh-S2efjV3fYIqiawSB6BRDdX4if3O_CEcpiuTbY81z2hZwGTTz-vmsyib4JEnsuKHley4I8hDGo4GoI6u9SvLsOwykQUDF4WjU57786b6ObeZ2UxY-mDB6o8gJHj5Z9KycMGMBxBquozWhNdviTqz5FMuqk7Z0B_qwqoxjcqW5V9EpQyzxk3E8zcYqjzPK9v8M Value: N |
|
launcher.myapps.microsoft.com/api/signin-oidc | Name: .AspNetCore.Correlation.HjULuqiWr0ELcFxeWUtKuSVcBKg3qXMuKdN3JzClW3g Value: N |
|
.identity.apinternal.com/ | Name: ARRAffinity Value: c9d145a56c71fe3233b05d3665368fb08fa9189fd6ca829947f70c295e06affc |
|
.identity.apinternal.com/ | Name: ARRAffinitySameSite Value: c9d145a56c71fe3233b05d3665368fb08fa9189fd6ca829947f70c295e06affc |
|
identity.apinternal.com/ | Name: .AspNetCore.Session Value: CfDJ8NI1ErjgccBFnczuiMsLU9QuX5zwD%2FpisdFPEzypF74LvrKFEEhIT7%2B76mFQFlhY7Sq7o4tMjIEpHQiCH833Kg6zBn7FVtUPaa%2FwMdXI%2FdUS%2BS29bpQMCK%2F%2F0OzlTss0Z5mdUt9sFUNRuCsm5D5eha671Vm%2BXyuDMmt2xgfasslE |
|
myapps.microsoft.com/ | Name: BOX.SessionCacheKey.SessID Value: 52be2c81-fec6-4af9-872e-5362e2d8857a |
|
launcher.myapps.microsoft.com/ | Name: SessionCacheKey.CurrentTenantIdKey Value: a7f35688-9c00-4d5e-ba41-29f146377ab0 |
|
launcher.myapps.microsoft.com/ | Name: SessionCacheKey.AppIdCookieKey Value: 624c294c-aa84-4c25-8374-fe79ed236713 |
|
launcher.myapps.microsoft.com/ | Name: x-ms-oidc-correlation-id Value: d7364b1d-1d4e-476e-a462-ada1838117ee |
|
.login.microsoftonline.com/ | Name: esctx-ZPMFOoknWnE Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYHvT_KeSYuyk5BFggjqi_34RnpHKY5VGWbHz_808bCpUqUJpYFn19Udp4rz8QzY3oK9sQJzO6nMTW3bN8y4gQTMnMNeA2Gd1vvcfK6Drchxxd0KyZzc4U--P9FBzsDDRtIZBZXVaIv4MakXi0j3wXaiAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQsAiFbzpwCcXk26QSnxRjd6sF6Zkyd9CtdAvTVpaLoUIZcLAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY-CgsqVKZXmYfPM7uJZKuV-NTRhf5RhHD3Qn8XmslNtJSd2XdlsVRAYp-mgEjGdBi86h-WN4P03ef9_OM0IXhE6OYKOu2kJL1gzjvVYrM3MUgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY2g3YNVWeYwwHk_y7bPQ8PN5y-l-pj0CpDIK5eE8wV2a6bQTiuNtGgYbR1HKC-By9pYJD5-E5gq0Pe8IHzrw7DzDG993NsGydbHkv3RTh8EQqRGdxehz40wmo6R4875uF_TlB5VhTk3p5qcFA0JRztxlcF2dayoMytCaNQ4ZcqyggAA |
|
.login.microsoftonline.com/ | Name: esctx-Mq7rAGAXfHs Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYOfhBZWQgyzMXeYFpKol_2y8ZWHBTMq-8l2vmNEcGFU5CFltXQZeuWV83hr8Q4a49KJow2gNIZ1fowAshyv0Sim0-KP5xJDhdM69dDIog4kI0owQZjWcSauRCcukgCrrLTaoDXrhC30wNNLxbW1hmiyAA |
|
login.microsoftonline.com/ | Name: fpc Value: AqR-3DMfZNBDlFBbQdJ_5Eq5xzZdAQAAAMm5_N0OAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: 1bfeb7147dac4104b636c1107b4a5012 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1718272714&co=1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
account.activedirectory.windowsazure.com
chat.system.gnatta.com
empowerbt.com
fonts.googleapis.com
identity.apinternal.com
launcher.myapps.microsoft.com
login.live.com
login.microsoftonline.com
myapps.microsoft.com
aadcdn.msftauthimages.net
142.250.74.202
152.199.21.175
20.190.159.68
20.190.159.75
20.68.204.133
40.126.32.129
40.126.32.66
40.85.137.142
51.104.28.65
07c697cc1590188a9f817bd4ae1b73c12b67f0eca1a8500a92fb8cfb77d8d052
0c18244ec9c641de71c8ed1639f194893297c941e2ae4e19c19ea50d9ae13cc4
13b81e0b88df901779d4602a418bef8e9ae3a8dd60e0428219d3698f2b974395
1efa544add23512d80db191ca7981e325184c1ec16b230d76a01f3ea3904322a
20b9003e042577d8e8855e817ea07fedeedd1be8f78e4d1a42562ab261583eb9
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
6f4a036e53a6427d1670760860e4f1230e3541efca288f54936f1ea67ce01397
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9ca5b11b4466b016905507e4fe1004d8c7e55130d87d355536bd106cc9b9c632
9e244eec1078ef173e67155206ab145e97cecc2f3e052a84b9a8ffaf7401fa77
a4be1a28380984a80474146e09f796344e0606dd72a86f94811f05f9f398a184
b92bbb01a5eb806231c34f8abf3d92688bfda24aa3c1a8dc7a0bb17b1a7adad9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec879d5b960778240265fea32ea57f866c5e05ba66b6cc196324db6a9dfe8f8e
f091c0b7f7d6c2b708b0d793cea6b1d0608c0c1ae88795c7966c3bcb014c78f3