urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
40.126.32.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://utas.eblib.com/
Effective URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Submission: On August 05 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 6 countries across 9 domains to perform 22 HTTP transactions. The main IP is 40.126.32.67, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 23.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 25th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 104.19.242.3 13335 (CLOUDFLAR...)
3 3 162.159.153.8 13335 (CLOUDFLAR...)
1 131.217.10.58 7573 (UTAS The ...)
3 40.126.32.67 8075 (MICROSOFT...)
13 2620:1ec:46::44 8068 (MICROSOFT...)
1 20.190.159.19 8075 (MICROSOFT...)
2 152.199.23.72 15133 (EDGECAST)
1 2603:1037:1:1... 8075 (MICROSOFT...)
1 51.11.192.49 8075 (MICROSOFT...)
22 7
3    104.19.242.3 (None, )

ASN13335 (CLOUDFLARENET, US)
utas.eblib.com
3    162.159.153.8 (None, )

ASN13335 (CLOUDFLARENET, US)
ebookcentral.proquest.com
1    131.217.10.58 (Australia)

ASN7573 (UTAS The University of Tasmania, AU)
PTR: ezproxy.its.utas.edu.au
ezproxy.utas.edu.au
3    40.126.32.67 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
13    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.159.19 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    152.199.23.72 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
1    2603:1037:1:130::6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
1    51.11.192.49 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
13 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1071
258 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
108 KB
3 proquest.com
ebookcentral.proquest.com — Cisco Umbrella Rank: 148537
3 KB
3 eblib.com
utas.eblib.com
2 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3918
256 KB
1 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 196
1 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1413
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 72
1 utas.edu.au
ezproxy.utas.edu.au
2 KB
22 9
Domain Requested by
13 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
3 login.microsoftonline.com aadcdn.msauth.net
3 ebookcentral.proquest.com 3 redirects
3 utas.eblib.com 3 redirects
2 aadcdn.msauthimages.net
1 browser.events.data.microsoft.com aadcdn.msauth.net
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
1 ezproxy.utas.edu.au
22 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-05-25 -
2023-05-25		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2022-06-27 -
2023-06-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Frame ID: AAD28554794BF999E06D3553ABE382A5
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. http://utas.eblib.com/ HTTP 302
    http://utas.eblib.com/patron/Default.aspx HTTP 302
    http://ebookcentral.proquest.com/lib/utas/home.action HTTP 302
    https://ebookcentral.proquest.com/lib/utas/home.action HTTP 302
    https://ebookcentral.proquest.com/auth/lib/utas/login.action?returnURL=https%3A%2F%2Febookcentral.proquest.com... HTTP 302
    http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e HTTP 302
    http://ezproxy.utas.edu.au/login?url=http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274... Page URL
  2. https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2 Page URL
  3. https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true Page URL

Page Statistics

22
Requests

95 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

7
IPs

6
Countries

626 kB
Transfer

1365 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://utas.eblib.com/ HTTP 302
    http://utas.eblib.com/patron/Default.aspx HTTP 302
    http://ebookcentral.proquest.com/lib/utas/home.action HTTP 302
    https://ebookcentral.proquest.com/lib/utas/home.action HTTP 302
    https://ebookcentral.proquest.com/auth/lib/utas/login.action?returnURL=https%3A%2F%2Febookcentral.proquest.com%2Flib%2Futas%2Fhome.action HTTP 302
    http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e HTTP 302
    http://ezproxy.utas.edu.au/login?url=http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e&echo=1&userid=^u Page URL
  2. https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2 Page URL
  3. https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://utas.eblib.com/ HTTP 302
  • http://utas.eblib.com/patron/Default.aspx HTTP 302
  • http://ebookcentral.proquest.com/lib/utas/home.action HTTP 302
  • https://ebookcentral.proquest.com/lib/utas/home.action HTTP 302
  • https://ebookcentral.proquest.com/auth/lib/utas/login.action?returnURL=https%3A%2F%2Febookcentral.proquest.com%2Flib%2Futas%2Fhome.action HTTP 302
  • http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e HTTP 302
  • http://ezproxy.utas.edu.au/login?url=http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e&echo=1&userid=^u

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
ezproxy.utas.edu.au/
Redirect Chain
  • http://utas.eblib.com/
  • http://utas.eblib.com/patron/Default.aspx
  • http://ebookcentral.proquest.com/lib/utas/home.action
  • https://ebookcentral.proquest.com/lib/utas/home.action
  • https://ebookcentral.proquest.com/auth/lib/utas/login.action?returnURL=https%3A%2F%2Febookcentral.proquest.com%2Flib%2Futas%2Fhome.action
  • http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e
  • http://ezproxy.utas.edu.au/login?url=http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e&echo=1&userid=^u
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ezproxy.utas.edu.au/login?url=http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e&echo=1&userid=^u
Protocol
HTTP/1.1
Server
131.217.10.58 , Australia, ASN7573 (UTAS The University of Tasmania, AU),
Reverse DNS
ezproxy.its.utas.edu.au
Software
EZproxy /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Type
text/html
Date
Fri, 05 Aug 2022 04:54:43 GMT
Server
EZproxy

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
735cefadbe476983-FRA
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Aug 2022 04:54:41 GMT
Location
http://ezproxy.utas.edu.au/login?url=http://utas.eblib.com/patron/Authentication.aspx?ebcid=1ea125d5274a4e8dacc2af969d2c863e&echo=1&userid=^u
Server
cloudflare
Transfer-Encoding
chunked
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
saml2
login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/ 		151 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26ca12ec08929399b4622683ebdb915b7d47e1adc95c2a013a70c059cf4f5b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://ezproxy.utas.edu.au
Referer
http://ezproxy.utas.edu.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55132
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Aug 2022 04:54:42 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.13418.9 - WEULR1 ProdSlices
x-ms-request-id
e7a152c0-c3d6-454d-b888-11d98e721300
Primary Request saml2
login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/ 		199 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9455cc1814babdc224cfe873b712d89e0ad834171b1badc628556f2e1bcfb2d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
51150
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Aug 2022 04:54:42 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.13418.9 - WEULR1 ProdSlices
x-ms-request-id
e7a152c0-c3d6-454d-b888-11d993721300
ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		382 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e6b9a2d534d82859cc6f7e9d95542e79c67392f03c817388ffce0f0aba8f194f

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0oQPsYgAAAADKhD+OAq1WTqUQYaYfmhvjQU1TMDRFREdFMTgwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
8txwD9PU2GqG09hRL8sQxQ==
x-cache
TCP_HIT
content-length
111016
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 02:22:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA647689C3764B
x-azure-ref
0k6LsYgAAAABWwa+4iyAPQaY3BkUrStt4QlJVMzBFREdFMDQxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9aa5c55d-c01e-0033-5139-a66b64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
oneDs_8363475333f6d315e7ae.js
aadcdn.msauth.net/shared/1.0/content/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_8363475333f6d315e7ae.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4cc1914204beca4a34eac1ed055f49f42ad77f143d97271fafa00e4810383fef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
content-encoding
gzip
x-azure-ref-originshield
02AfsYgAAAABcyerOokrxSqZ0nMcT60w1QU1TMDRFREdFMTgxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
UwrgfpGF/r6JSUQzMXfC0A==
x-cache
TCP_HIT
content-length
27455
x-ms-lease-status
unlocked
last-modified
Sat, 04 Jun 2022 01:22:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA45C8A25CE0E2
x-azure-ref
0lKLsYgAAAAAjmY0AeJcrQ6UXVQHCngLPQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
81044e00-201e-0079-6950-a6b660000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0hFLrYgAAAAD0EzjSUGkKTKJ7wI7b89PgQU1TMDRFREdFMTkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
yLy9KrgwEFvhl8VRcX97UA==
x-cache
TCP_HIT
content-length
19982
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 20:26:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA59448A4EA9D3
x-azure-ref
0lKLsYgAAAACl6AlLNVtVRKCF08zLmx8fQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2f168974-501e-0032-6e41-a64066000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0j/LrYgAAAADa1BPv0FAjR4O79OHTG6C1QU1TMDRFREdFMTgwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
R6rMEFXxgOhzlstP4byWrQ==
x-cache
TCP_HIT
content-length
14696
x-ms-lease-status
unlocked
last-modified
Fri, 24 Jun 2022 22:43:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA5632E9DFB509
x-azure-ref
0lKLsYgAAAABkQBeT3UefS457IrQ7pL8zQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b7ddc8d9-901e-0056-6e1e-a7ae4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_d72fec552fd7ebea069f.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d72fec552fd7ebea069f.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
716af232e4796ecd3607274c51320e3e797f0b669ec15813ac4b53caac362b6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0oAzsYgAAAABF6lJCXsQvQKNC2zYfwVCpRlJBMjMxMDUwNDE3MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
b8fY195X2RaATPSZzaPNLQ==
x-cache
TCP_HIT
content-length
5528
x-ms-lease-status
unlocked
last-modified
Fri, 08 Jul 2022 17:31:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6107BBF43F03
x-azure-ref
0lKLsYgAAAACC7yaO10tiSIIZQx0bg/u1QlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
13aab4da-a01e-005d-1d94-a08b5b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
x-azure-ref-originshield
0igzsYgAAAAByFbWTXkZRSqvodgpd06o2RlJBMjMxMDUwNDE4MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0lKLsYgAAAAASluBQ0T/ERb87jmgIE2Q2QlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
4ad6902d-d01e-003a-3399-9f1877000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
x-azure-ref-originshield
0OpTrYgAAAACN7dAH7hovT6c3OawvqxfNQU1TMDRFREdFMTgwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0lKLsYgAAAAB9e+4X3V69RrgMHrQlsJuaQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
1dabf8d8-201e-0069-3c06-a70642000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_20ead0268c36816fd612.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_20ead0268c36816fd612.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
25f5265955426811bb79ece323eca40c41e4d9ba61f859f5f63f93a3ad123c00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0fxboYgAAAABnWjzqWi7UQ6181fSAHiWsQU1TMDRFREdFMTgwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
ms5WUhCZgqEubbzhPtrinA==
x-cache
TCP_HIT
content-length
32132
x-ms-lease-status
unlocked
last-modified
Fri, 24 Jun 2022 03:42:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA559384BA0001
x-azure-ref
0lKLsYgAAAABTWKqimY2NQIVAQ1iQPTjfQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8dc378c8-101e-0062-1fb5-a42355000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/ 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/illustration?ts=637492415727798532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E8F) /
Resource Hash
c76a22a062b9d855f2e680c6556c59bd06967aeeddaf4faacc10f478508ba068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:44 GMT
content-md5
BzY7BKbbxeXXGwdWlIfhoA==
age
83342
x-cache
HIT
content-length
253116
x-ms-lease-status
unlocked
last-modified
Thu, 18 Feb 2021 10:39:35 GMT
server
ECAcc (frc/8E8F)
etag
0x8D8D3F97BF40844
content-type
image/*
access-control-allow-origin
https://login.microsoftonline.com
x-ms-request-id
cb9ea276-901e-0020-31c5-a7ec95000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/bannerlogo?ts=637491334753528234
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E8B) /
Resource Hash
4008131ffd594fae344a106a6b54bc35ba496eb47d604a2a88558b945c173e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:44 GMT
last-modified
Wed, 17 Feb 2021 04:37:57 GMT
server
ECAcc (frc/8E8B)
content-md5
DPiWF4pUK4uPz1ul6cbc3A==
age
41575
etag
0x8D8D2FDCC6115DA
x-cache
HIT
content-type
image/*
x-ms-request-id
b56c4b01-901e-0106-3426-a83174000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
8821
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
x-azure-ref-originshield
0igzsYgAAAAByFbWTXkZRSqvodgpd06o2RlJBMjMxMDUwNDE4MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0lKLsYgAAAAAzMVP+OSO0S7+Em9XdaAONQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
4ad6902d-d01e-003a-3399-9f1877000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:43 GMT
x-azure-ref-originshield
0OpTrYgAAAACN7dAH7hovT6c3OawvqxfNQU1TMDRFREdFMTgwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0lKLsYgAAAACRo75q/96NR7VE3R4NAWZaQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
1dabf8d8-201e-0069-3c06-a70642000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ssoprobe
autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ssoprobe?client-request-id=836c3060-5036-4e8d-94b3-da709fdcb7ef&_=1659675284225
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1037:1:130::6 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 04:54:43 GMT
Access-Control-Allow-Methods
GET, OPTIONS
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
5a07b849-e74f-4b8b-86e2-229a95a22100
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
x-ms-ests-server
2.1.13418.9 - WUS2 ProdSlices
X-Content-Type-Options
nosniff
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Iv7XMeuZVl-aYT0h4Oq7Gg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc0e66e2b6b4b68a3c29fd2eeabd35e34467b8f21a18644f0fc17390a4a58870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
e7a152c0-c3d6-454d-b888-11d993721300
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
client-request-id
836c3060-5036-4e8d-94b3-da709fdcb7ef
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevraP8Eq767g28_eh315aJP4yFIMNjQvHDGMGYLDahkW-S0_o7rmwy5y9h-6kFLIk9AGmgHpPMmSyZGDzyHl3ImbHw1neRl1siEt8MC4SDl2cXN4-LMBIwWFXBJ_S9AOqadndSTEa_vOdVjZ6DwFl3otIoowKzMx1GfbZC64DlAeygHRKLiQiJ6vj2U6MvcFSxLcBYATR41SIbpApdS-zLjvCAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
POST, OPTIONS
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
836c3060-5036-4e8d-94b3-da709fdcb7ef
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Fri, 05 Aug 2022 04:54:43 GMT
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
252c2568-bf3d-4847-8233-1ccc0ecd7a01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
x-ms-ests-server
2.1.13355.6 - NEULR2 ProdSlices
Expires
-1
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:44 GMT
content-encoding
gzip
x-azure-ref-originshield
0fuTnYgAAAAAveXIzfvTGR7nQ/Fjc2PbyQU1TMDRFREdFMTgwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0laLsYgAAAACcbAGGOtCMQYeRHOFU7eepQlJVMzBFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
84eeacb5-e01e-0065-739b-a5f25b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293&upload-time=1659675286742&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_8363475333f6d315e7ae.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
70656474f2d1ee3ba78192603ca0556506ed0863904ab1befdccf5cba5d2a4b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://login.microsoftonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Fri, 05 Aug 2022 04:54:46 GMT
time-delta-millis
101
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://login.microsoftonline.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_il46_7m1dp2y07llib10fw2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
145be1bd4b718eb0b192566523e81f5f88b2b19126a92709f99044b33ac47828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0hFLrYgAAAAD0EzjSUGkKTKJ7wI7b89PgQU1TMDRFREdFMTkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
yLy9KrgwEFvhl8VRcX97UA==
x-cache
TCP_HIT
content-length
19982
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 20:26:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA59448A4EA9D3
x-azure-ref
0maLsYgAAAACDrehgMG+QQLj3SJIs/NRDQlJVMzBFREdFMDQxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2f168974-501e-0032-6e41-a64066000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		50 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_75ls70pcmyowwllyhvy0uq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63162be4955cc397d9f6dba0f8b963434b8f4df32d18e0c9de95b8c98bf985cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 04:54:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0j/LrYgAAAADa1BPv0FAjR4O79OHTG6C1QU1TMDRFREdFMTgwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
R6rMEFXxgOhzlstP4byWrQ==
x-cache
TCP_HIT
content-length
14696
x-ms-lease-status
unlocked
last-modified
Fri, 24 Jun 2022 22:43:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA5632E9DFB509
x-azure-ref
0maLsYgAAAAAPq6Be0MRUSIno6ftaEr8PQlJVMzBFREdFMDQxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b7ddc8d9-901e-0056-6e1e-a7ae4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_d72fec552fd7ebea069f boolean| __convergedlogin_pcustomizationloader_20ead0268c36816fd612

24 Cookies

Domain/Path Name / Value
utas.eblib.com/ Name: ASP.NET_SessionId
Value: wl1glekeunhtgr1ytqfplrw5
.proquest.com/ Name: EBSESSIONID
Value: 1ea125d5274a4e8dacc2af969d2c863e
.proquest.com/ Name: EBUQUSER
Value: 1ea125d5274a4e8dacc2af969d2c863e
ebookcentral.proquest.com/ Name: AWSALBTG
Value: kpMHGQPeNekTJEk7oz4mfig8kcVDiFXQ6MjKH8nkRbnvGUxEbxJQyCgw1RFFWJFcuzhVsz1voKFIzlHf5Qzo77eltRPPMskPcP4gCMPNRUYkS+k8jQuteleon0QbJD6L9LbWiiThSxx/R0/UtQPNFOAT2gl1I5mliYv9vVbUXMd0PsU2wD371XgVISEWUvvFh2R9mpCSXeFeX7fQXli6A/S3jzv7soyJz0vRWl82nWwoujvrG2E7gQP/ZgaJnDRV
ebookcentral.proquest.com/ Name: AWSALBTGCORS
Value: kpMHGQPeNekTJEk7oz4mfig8kcVDiFXQ6MjKH8nkRbnvGUxEbxJQyCgw1RFFWJFcuzhVsz1voKFIzlHf5Qzo77eltRPPMskPcP4gCMPNRUYkS+k8jQuteleon0QbJD6L9LbWiiThSxx/R0/UtQPNFOAT2gl1I5mliYv9vVbUXMd0PsU2wD371XgVISEWUvvFh2R9mpCSXeFeX7fQXli6A/S3jzv7soyJz0vRWl82nWwoujvrG2E7gQP/ZgaJnDRV
ebookcentral.proquest.com/ Name: AWSALB
Value: SftdID5jsSA1rwidqzf+9mtOSL7Crv5Fe+a3M6gvI6KldA817Gfs41kzDi46jZ5C44kROlFdKQMFfKnk+aywvbcyoFnsIMgvHMxszM2EM7xG3aVK95xPpasT/sl4
ebookcentral.proquest.com/ Name: AWSALBCORS
Value: SftdID5jsSA1rwidqzf+9mtOSL7Crv5Fe+a3M6gvI6KldA817Gfs41kzDi46jZ5C44kROlFdKQMFfKnk+aywvbcyoFnsIMgvHMxszM2EM7xG3aVK95xPpasT/sl4
utas.eblib.com/ Name: AWSALB
Value: codBbTetFNiFqBBCLNLOM8nXaQjIszLn3XGGwS0zKgH/+zPcPxUUGKGvQuTachaoVPm9eGYk5nTaoNvP7nfPD5Uqu1gLCj80WWDXsnVMlFudXPFrv8KkjkVM3KVg
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AQoAVV3rFZEZvEaNp6slI03uCAACTZt4icJDpjG_nvrwZ9cKAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrAbqW0JMKDpmoTSUjZvqIewybM3OotWx92JvFnQ7D5gLpC7r7yXQVQNS-KEbJRFZA6N_9HM5WFW322eb0mjwFWSk23bkBHJl_P3RhpZh-wLkgAA
login.microsoftonline.com/ Name: fpc
Value: AnyJgzez37NNu4CyqhmUEJyAm4-1AQAAAJKZftoOAAAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrtiTxHGz4Ypeq3VxQJBPsa9Cj5TvUoM40cIH22PtZrc_e14nqmY5X1eJw_v46sw9zxW_LznIkHlnugdiDSXipJJzEenKaK1VYxdFYwiAhUV2oGP59t3h8bLD3iaunYuoImy8w_dfnVkmKwYMvu4NQk73iDw38pfJzyQgS0bkA3fsgAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 8cad7483c7764aa7a05934b51ee0ef13
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1659675284&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AnpMCPGz4y1Lq8Lhrq7hg8Y
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd
.microsoft.com/ Name: MC1
Value: GUID=37af2db0c8ea45f2801debf499a3ddf2&HASH=37af&LV=202208&V=4&LU=1659675286843
.microsoft.com/ Name: MS0
Value: 7c4f01f29f2e48228811c926be2174ed
login.microsoftonline.com/ Name: MSFPC
Value: GUID=37af2db0c8ea45f2801debf499a3ddf2&HASH=37af&LV=202208&V=4&LU=1659675286843

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ssoprobe?client-request-id=836c3060-5036-4e8d-94b3-da709fdcb7ef&_=1659675284225
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
browser.events.data.microsoft.com
ebookcentral.proquest.com
ezproxy.utas.edu.au
login.live.com
login.microsoftonline.com
utas.eblib.com
104.19.242.3
131.217.10.58
152.199.23.72
162.159.153.8
20.190.159.19
2603:1037:1:130::6
2620:1ec:46::44
40.126.32.67
51.11.192.49
145be1bd4b718eb0b192566523e81f5f88b2b19126a92709f99044b33ac47828
25f5265955426811bb79ece323eca40c41e4d9ba61f859f5f63f93a3ad123c00
26ca12ec08929399b4622683ebdb915b7d47e1adc95c2a013a70c059cf4f5b2c
4008131ffd594fae344a106a6b54bc35ba496eb47d604a2a88558b945c173e1c
4cc1914204beca4a34eac1ed055f49f42ad77f143d97271fafa00e4810383fef
63162be4955cc397d9f6dba0f8b963434b8f4df32d18e0c9de95b8c98bf985cb
70656474f2d1ee3ba78192603ca0556506ed0863904ab1befdccf5cba5d2a4b9
716af232e4796ecd3607274c51320e3e797f0b669ec15813ac4b53caac362b6e
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9455cc1814babdc224cfe873b712d89e0ad834171b1badc628556f2e1bcfb2d6
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c76a22a062b9d855f2e680c6556c59bd06967aeeddaf4faacc10f478508ba068
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b9a2d534d82859cc6f7e9d95542e79c67392f03c817388ffce0f0aba8f194f
fc0e66e2b6b4b68a3c29fd2eeabd35e34467b8f21a18644f0fc17390a4a58870