login.microsoftonline.com
Open in
urlscan Pro
20.190.159.69
Public Scan
Effective URL: https://login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/authorize?client_id=088b5ae3-77c6-40e8-9010-ad3...
Submission: On February 08 via automatic, source certstream-suspicious — Scanned from FI
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 13.32.99.13 13.32.99.13 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
10 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
4 | 20.190.159.69 20.190.159.69 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:400d:80d::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 185.221.87.23 185.221.87.23 | 54113 (FASTLY) (FASTLY) | |
7 | 2620:1ec:4e:1... 2620:1ec:4e:1::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.159.74 20.190.159.74 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 152.199.23.72 152.199.23.72 | 15133 (EDGECAST) (EDGECAST) | |
37 | 10 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-13.fra60.r.cloudfront.net
prd.asis.posticloud.fi |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 314 |
26 KB |
7 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1150 |
274 KB |
4 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 20 |
113 KB |
4 |
posticloud.fi
prd.asis.posticloud.fi |
946 KB |
3 |
nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 8401 |
2 KB |
2 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3330 |
210 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 93 |
|
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
937 B |
37 | 9 |
Domain | Requested by | |
---|---|---|
10 | js-agent.newrelic.com |
prd.asis.posticloud.fi
|
7 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
4 | login.microsoftonline.com |
prd.asis.posticloud.fi
login.microsoftonline.com |
4 | prd.asis.posticloud.fi |
prd.asis.posticloud.fi
|
3 | bam.eu01.nr-data.net |
prd.asis.posticloud.fi
js-agent.newrelic.com |
2 | aadcdn.msauthimages.net | |
1 | login.live.com |
login.microsoftonline.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
prd.asis.posticloud.fi
|
37 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
prd.asis.posticloud.fi Amazon RSA 2048 M01 |
2022-12-09 - 2023-04-08 |
4 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-12-01 - 2023-12-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-01-27 - 2024-01-27 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2022-05-11 - 2023-05-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/authorize?client_id=088b5ae3-77c6-40e8-9010-ad3ce72eae1c&scope=User.Read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fprd.asis.posticloud.fi&client-request-id=f2875fc4-cc8e-4a6c-a0ac-d8e419576166&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.15.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kzSv9HvseEtrPzyIYDy8MgAokQOtyt52sZZdhXRyNpA&code_challenge_method=S256&nonce=6512cffa-d9b9-4c92-b7a6-435eff02d786&state=eyJpZCI6ImYzZjdmN2EzLThiYzAtNDc3Yi1iNjdiLWFhMjUyMDM4NTQxZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: 645775CAAC54C4019855D14416638C75
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Kirjaudu sisään tiliisiPage URL History Show full URLs
- https://prd.asis.posticloud.fi/ Page URL
- https://login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/authorize?client_id=088b5ae... Page URL
- https://login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/authorize?client_id=088b5ae... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Käyttöehdot
Search URL Search Domain Scan URL
Title: Tietosuoja ja evästeet
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://prd.asis.posticloud.fi/ Page URL
- https://login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/authorize?client_id=088b5ae3-77c6-40e8-9010-ad3ce72eae1c&scope=User.Read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fprd.asis.posticloud.fi&client-request-id=f2875fc4-cc8e-4a6c-a0ac-d8e419576166&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.15.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kzSv9HvseEtrPzyIYDy8MgAokQOtyt52sZZdhXRyNpA&code_challenge_method=S256&nonce=6512cffa-d9b9-4c92-b7a6-435eff02d786&state=eyJpZCI6ImYzZjdmN2EzLThiYzAtNDc3Yi1iNjdiLWFhMjUyMDM4NTQxZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
- https://login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/authorize?client_id=088b5ae3-77c6-40e8-9010-ad3ce72eae1c&scope=User.Read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fprd.asis.posticloud.fi&client-request-id=f2875fc4-cc8e-4a6c-a0ac-d8e419576166&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.15.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=kzSv9HvseEtrPzyIYDy8MgAokQOtyt52sZZdhXRyNpA&code_challenge_method=S256&nonce=6512cffa-d9b9-4c92-b7a6-435eff02d786&state=eyJpZCI6ImYzZjdmN2EzLThiYzAtNDc3Yi1iNjdiLWFhMjUyMDM4NTQxZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
prd.asis.posticloud.fi/ |
755 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 937 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weba-ui-prd.js
prd.asis.posticloud.fi/newrelic-agents/ |
50 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b337f4ff.js
prd.asis.posticloud.fi/static/js/ |
2 MB 902 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.eeb90408.css
prd.asis.posticloud.fi/static/css/ |
229 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
859.95d4308d-1222.js
js-agent.newrelic.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instance
login.microsoftonline.com/common/discovery/ |
980 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
569.95d4308d-1222.js
js-agent.newrelic.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
620.95d4308d-1222.js
js-agent.newrelic.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
457.95d4308d-1222.js
js-agent.newrelic.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41.95d4308d-1222.js
js-agent.newrelic.com/ |
828 B 844 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
244.95d4308d-1222.js
js-agent.newrelic.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
736.95d4308d-1222.js
js-agent.newrelic.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
142.95d4308d-1222.js
js-agent.newrelic.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
466.95d4308d-1222.js
js-agent.newrelic.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
885.95d4308d-1222.js
js-agent.newrelic.com/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/1/ |
49 B 561 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/v2.0/.well-known/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/ |
152 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/resources/1/ |
36 B 528 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/events/1/ |
24 B 515 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
NRJS-f377ad08faa8f85a975
bam.eu01.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/88d417d8-95eb-427b-8828-c46c9129de97/oauth2/v2.0/ |
201 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
393 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_641b1cf809bdc17b42ab.js
aadcdn.msauth.net/shared/1.0/content/js/ |
186 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-fi.min_tzfzhe8ii6szznjirjal2g2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 15 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/c1c6b6c8-pkqd8-fvfogvrgenv3l27jbqz11vezyipfd3afnbrha/logintenantbranding/0/ |
203 KB 204 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-pkqd8-fvfogvrgenv3l27jbqz11vezyipfd3afnbrha/logintenantbranding/0/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 958 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bam.eu01.nr-data.net
- URL
- https://bam.eu01.nr-data.net/events/1/NRJS-f377ad08faa8f85a975?a=535905829&sa=1&v=1222.PROD&t=Unnamed%20Transaction&rst=2230&ck=0&s=952675e74be1529c&ref=https://prd.asis.posticloud.fi/&ptid=b70d63fa-0001-b5e9-194a-01862f6b66c2
- Domain
- bam.eu01.nr-data.net
- URL
- https://bam.eu01.nr-data.net/jserrors/1/NRJS-f377ad08faa8f85a975?a=535905829&sa=1&v=1222.PROD&t=Unnamed%20Transaction&rst=2230&ck=0&s=952675e74be1529c&ref=https://prd.asis.posticloud.fi/&ptid=b70d63fa-0001-b5e9-194a-01862f6b66c2
- Domain
- bam.eu01.nr-data.net
- URL
- https://bam.eu01.nr-data.net/jserrors/1/NRJS-f377ad08faa8f85a975?a=535905829&sa=1&v=1222.PROD&t=Unnamed%20Transaction&rst=2231&ck=0&s=952675e74be1529c&ref=https://prd.asis.posticloud.fi/&ptid=b70d63fa-0001-b5e9-194a-01862f6b66c2
- Domain
- bam.eu01.nr-data.net
- URL
- https://bam.eu01.nr-data.net/events/1/NRJS-f377ad08faa8f85a975?a=535905829&sa=1&v=1222.PROD&t=Unnamed%20Transaction&rst=2232&ck=0&s=952675e74be1529c&ref=https://prd.asis.posticloud.fi/&ptid=b70d63fa-0001-b5e9-194a-01862f6b66c2
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f3782014f3739160dbfd boolean| __convergedlogin_pstringcustomizationhelper_44ba818dfa55d874950310 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQUA2BfUiOuVe0KIKMRskSnel-NaiwjGd-hAkBCtPOcurhwFAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrHzfjvy6lWyUAWHz5kidxLrpOJe2G0T5dotl154Qeq7W-rInGTSP8U6ZBNse9DGVa20fTgXdgwjdoXln2Wd4BnWhv7JzFw_KFCOKyf3-xpJcgAA |
|
login.microsoftonline.com/ | Name: fpc Value: AlrZw383IvBLhvLekX0ToucH2mn5AQAAAO0kddsOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevrn-b6FTKWdPmusxxS5ja2UzvuiDEquY_SgWohiqIbh9jA6BBbrKoVGozueXZxLNOiEqGdavRlTD_I-MB3UNpnX3EKtYb_1uQy-ikDfYp23OU3BgN8ywPDtQX8NvSZ0ecGJB45L6sHFfId_6eSsSRUH7_UHIX9Yiym6gwr9he7sRkgAA |
|
.login.live.com/ | Name: uaid Value: ffd892307ab14c9f9659f67691b2ce05 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1675832814&co=1 |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
bam.eu01.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
login.live.com
login.microsoftonline.com
prd.asis.posticloud.fi
bam.eu01.nr-data.net
13.32.99.13
151.101.2.137
152.199.23.72
185.221.87.23
20.190.159.69
20.190.159.74
2620:1ec:4e:1::45
2a00:1450:4001:82a::200a
2a00:1450:400d:80d::2003
021c75d8d17c22c0a16beb8c6d40b4b67c2e161a827cbb16fb866c218deeb6af
02923c45c93c938223c0c5cd7784f484584b616b58a33ba0c12a9729f1ee4615
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe
1de1594a678d9dcbd8d9367a11fef1812376de4f23105c2a480609caeb88efec
221b0e5f79285115e0fbcec94120508a341186223526a9553048046530818612
334dc34df8944a7cec9a7f00e250fac46113625e9a8c5dd176caf8bcef5bb676
40e0b3d6cf7dd8e0ce6101b66da82c33adf2fe5d4d4152ada53a755e85812dbb
4f1c6499f6a30c6286a56fdf68659e09c40a44ca315ca91fe6a46bc953998dd2
5442d1b4e5503e7bf898d26807bda51d7bdbc22dd34f545d3c3cc91688f98021
5ff9df32ec24b2977b4af45847710c82f39c493e0cfcd27c2e989139d1e6b911
65d385b4c059f3ff75a6c54cc09fe0fd32ea3a2487a11589285627684b7f7211
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2
8acbf7720aeb85241bacad799fbfa54854553f373c9dc284a1560a9cf90cb466
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
93c7daa7232fea589edaf300f5ee521efa219138e047a7ae870dd74d9487f9ea
94d7e0d89806dad5b38503db570b3154cdfc886a6fca65cc0897bb4c2c18e648
9f76793be806e17f075ff26721ce19c2eb1195e1a118a025e205406f11f8b603
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141
a2805a478f7d77f54bdd8a984fe62ccbbf7fbd7ce238de8587b35241dc9200e5
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
b658136fadc6fc8c259f717c518f3b5c14fbdf90ea299d36387f9681e772b6ea
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490
d99a6390f0dbda948bb3545bc0798c4bdcc37d4d79caa9cda2f4151bf74d421b
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f30303e41262ed1ae693c03b4ebd0b8ef04eee3e46163bc5ae376e019905524b
fee9b81d3a5fa5b29d1edda3cb8eca1f004785d842a4cf212a616e92620a3cd8