login.live-int.com
Open in
urlscan Pro
2603:1037:1:c8::7
Public Scan
Effective URL: https://login.live-int.com/oauth20_authorize.srf?client_id=2fb460b9-f751-4da4-977c-c7a5d24bfa50&scope=openid+profile&redire...
Submission: On February 03 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 6th 2020. Valid for: a year.
This is the only time login.live-int.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 104.214.20.19 104.214.20.19 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 104.111.253.251 104.111.253.251 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 40.126.31.135 40.126.31.135 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 40.126.1.160 40.126.1.160 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2603:1037:1:c... 2603:1037:1:c8::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 192.229.221.185 192.229.221.185 | 15133 (EDGECAST) (EDGECAST) | |
1 | 40.90.27.190 40.90.27.190 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
15 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ppe-verify.microsoft.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-253-251.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ipv4.login.live-int.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
msauth.net
logincdn.msauth.net |
189 KB |
3 |
live-int.com
login.live-int.com ipv4.login.live-int.com |
13 KB |
2 |
windows-ppe.net
1 redirects
login.windows-ppe.net |
4 KB |
2 |
microsoft.com
ppe-verify.microsoft.com |
909 KB |
1 |
microsoftonline.com
login.microsoftonline.com |
2 KB |
1 |
sharepointonline.com
static2.sharepointonline.com |
32 KB |
15 | 6 |
Domain | Requested by | |
---|---|---|
7 | logincdn.msauth.net |
login.live-int.com
|
2 | login.live-int.com |
ppe-verify.microsoft.com
logincdn.msauth.net |
2 | login.windows-ppe.net |
1 redirects
ppe-verify.microsoft.com
|
2 | ppe-verify.microsoft.com |
ppe-verify.microsoft.com
|
1 | ipv4.login.live-int.com | |
1 | login.microsoftonline.com |
ppe-verify.microsoft.com
|
1 | static2.sharepointonline.com |
ppe-verify.microsoft.com
|
15 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
signup.live-int.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ppe-verify.microsoft.com Microsoft Azure TLS Issuing CA 06 |
2021-02-02 - 2022-01-28 |
a year | crt.sh |
*.sharepointonline.com Microsoft RSA TLS CA 02 |
2020-09-08 - 2021-09-08 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2020-10-13 - 2021-10-12 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2020-10-22 - 2021-10-21 |
a year | crt.sh |
login.live-int.com DigiCert SHA2 Secure Server CA |
2020-10-06 - 2021-10-06 |
a year | crt.sh |
identitycdn.msauth.net DigiCert SHA2 Secure Server CA |
2020-07-20 - 2021-07-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.live-int.com/oauth20_authorize.srf?client_id=2fb460b9-f751-4da4-977c-c7a5d24bfa50&scope=openid+profile&redirect_uri=https%3a%2f%2fppe-verify.microsoft.com%2f&response_type=code&state=eyJpZCI6ImRkOTdkNzBjLTVhNjItNDQ3Mi05NzNhLTljMzZmNjc3ZTlkOCIsInRzIjoxNjEyMzMyOTMzLCJtZXRhIjp7ImludGVyYWN0aW9uVHlwZSI6InJlZGlyZWN0In19&response_mode=fragment&nonce=9fa3c7a0-fa3b-49ed-8296-6b251bb6758d&code_challenge=M0cK77XBdbbGCBFcU7Zi-T3ESEr2qv0kMPwhq9cRUIU&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=2.3.0&uaid=ef2d22939881478aa8d31b607d61b00e&msproxy=1&issuer=windowsppe&tenant=consumers&ui_locales=en-US&client_info=1
Frame ID: 59CE130B630A88F7DCF25E752098642F
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ppe-verify.microsoft.com/ Page URL
-
https://login.windows-ppe.net/consumers/oauth2/v2.0/authorize?client_id=2fb460b9-f751-4da4-977c-c7a5d24bfa...
HTTP 302
https://login.live-int.com/oauth20_authorize.srf?client_id=2fb460b9-f751-4da4-977c-c7a5d24bfa50&scope=o... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Create one!
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ppe-verify.microsoft.com/ Page URL
-
https://login.windows-ppe.net/consumers/oauth2/v2.0/authorize?client_id=2fb460b9-f751-4da4-977c-c7a5d24bfa50&scope=openid%20profile&redirect_uri=https%3A%2F%2Fppe-verify.microsoft.com%2F&client-request-id=ef2d2293-9881-478a-a8d3-1b607d61b00e&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.3.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=FRlIE1FkaYIRjK0MUY7c6Pl1fvPbL5g9QA61R1AWnSI&code_challenge_method=S256&nonce=9fa3c7a0-fa3b-49ed-8296-6b251bb6758d&state=eyJpZCI6ImRkOTdkNzBjLTVhNjItNDQ3Mi05NzNhLTljMzZmNjc3ZTlkOCIsInRzIjoxNjEyMzMyOTMzLCJtZXRhIjp7ImludGVyYWN0aW9uVHlwZSI6InJlZGlyZWN0In19
HTTP 302
https://login.live-int.com/oauth20_authorize.srf?client_id=2fb460b9-f751-4da4-977c-c7a5d24bfa50&scope=openid+profile&redirect_uri=https%3a%2f%2fppe-verify.microsoft.com%2f&response_type=code&state=eyJpZCI6ImRkOTdkNzBjLTVhNjItNDQ3Mi05NzNhLTljMzZmNjc3ZTlkOCIsInRzIjoxNjEyMzMyOTMzLCJtZXRhIjp7ImludGVyYWN0aW9uVHlwZSI6InJlZGlyZWN0In19&response_mode=fragment&nonce=9fa3c7a0-fa3b-49ed-8296-6b251bb6758d&code_challenge=M0cK77XBdbbGCBFcU7Zi-T3ESEr2qv0kMPwhq9cRUIU&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=2.3.0&uaid=ef2d22939881478aa8d31b607d61b00e&msproxy=1&issuer=windowsppe&tenant=consumers&ui_locales=en-US&client_info=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
ppe-verify.microsoft.com/ |
403 B 1008 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fabric.min.css
static2.sharepointonline.com/files/fabric/office-ui-fabric-core/11.0.0/css/ |
331 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
ppe-verify.microsoft.com/ |
3 MB 908 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instance
login.microsoftonline.com/common/discovery/ |
949 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.windows-ppe.net/consumers/v2.0/.well-known/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
oauth20_authorize.srf
login.live-int.com/ Redirect Chain
|
31 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Converged_v21033_pX57w6YnWiqTo95swppIBg2.css
logincdn.msauth.net/16.000/ |
105 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLoginPaginatedStrings.en_ASeCcPptdR7EmG155DgO3w2.js
logincdn.msauth.net/16.000/content/js/ |
31 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OldConvergedLogin_PCore_tAbJKqrKBr-rAKe7coBgwA2.js
logincdn.msauth.net/shared/1.0/content/js/ |
623 KB 157 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info_4883eb1a3cbdddf5a79e28d320cfe5a9.svg
logincdn.msauth.net/shared/1.0/content/images/ |
342 B 335 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
logincdn.msauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipv4.png
ipv4.login.live-int.com/ |
0 161 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 824 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
logincdn.msauth.net/shared/1.0/content/images/ |
2 KB 759 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Instrumentation.srf
login.live-int.com/ |
2 B 594 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| PROOF function| $Loader object| $Do function| $DepLoader object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| ServerData object| UXResourceDependencies function| WhenAllLoaded object| StringRepository boolean| __ConvergedLoginPaginatedStrings function| webpackJsonp object| ko boolean| __OldConvergedLogin_PCore5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.live-int.com/ | Name: cltm Value: nw:4G |
|
.login.live-int.com/ | Name: MSPOK Value: $uuid-1070718b-0725-42c4-b75a-76f8dee43f6b |
|
.login.live-int.com/ | Name: OParams Value: 11O.B7aW*N3nTOHO7hKIpmjxBIvZwLQblv5GQlxEnms*36JsdM0MP3OiAVo4SZxJL!TZBkCS4asI1G4dd6lIKe8m152Rj9CkkTKWcYpRfJd5edFy*wlOJS6CZla2E*7mf*gUeegDiyD38T0mPCXByuApRNKlvRKXPa0cJIAGCWDaGrdNaAT1L2MjkntJVlYY*tXrYTwShpFJ80W5Vxk8oXYlzTs!5!23UA2SWebIajN5nl9Rt7PP8uZvT3JyED1B8rLnmyR6NFH59l3Q0wswyPgN3bby8vVQIaoLPxDwoJH8iiDynRVdiyV3*VzuKVQDu3HFM4Pu4aOmgAHouHMDdaazotqg7EgyoRX9XG26duDyQNsG2BSmhv5G6BnMFYglKngabK0eSvL20GFDGoPFywycciBgXJwcDrbn8xvGsnxDj!6CWpvhsMEGRP2i*8KqYFoqS5MwVXJKhwxLRtzFkCUkoTXVQu0c2Lw55ipoi*ThxNVsLg!ghmEcVW9UpkydAsCqrsqmStSAD3tAEPQjJUtn8flWb98CkWTJloH0MDM7oHf!VWK*Xm86dloVI8Soi0BUxcJRXQSSxv7rmtejOY46ME1CxfwXJZmvT4IJxwUnuLg3bbaTS9YPhxoRH73clNZzFH4q887BGU1hNW3mHK*T1hPHayQL6unqdP5GViyVf94BYOgvHAa4iPZATuZsOOY3dQ*zdg6UaHFtC6en3S0dy*YwIOO5GFKGGBWlZZR7IAB!19FtxSBRJqUIJg3T6tOE5VLNPizCDiqMt3Rn06XP0t4$ |
|
.login.live-int.com/ | Name: uaid Value: ef2d22939881478aa8d31b607d61b00e |
|
.login.live-int.com/ | Name: MSPRequ Value: id=N<=1612332935&co=1 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ipv4.login.live-int.com
login.live-int.com
login.microsoftonline.com
login.windows-ppe.net
logincdn.msauth.net
ppe-verify.microsoft.com
static2.sharepointonline.com
104.111.253.251
104.214.20.19
192.229.221.185
2603:1037:1:c8::7
40.126.1.160
40.126.31.135
40.90.27.190
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
16c25c9829f1c935eebf11c21ed85f6a3765fe3c9c76161f5de9b6e39c88cca3
2541943a2b850bc674351e8cc4617892f884a26d6813e57e449c3607300b0108
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466465b30ae344f5884c3e0711f8aef588186fe2bb2115f6ba80655c5ece9389
92630c2462f747d36b34568397fe64469c798a8d0a0df111cf0fbe2f2a20b262
a6194a2d5c778fe3dde398a6eaad5af17959b9978b129f71ea53cb5816bb6e21
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
a934621dc97e4ded859fe0b4855b8a5359575f95b723812c92d776b4d98abc77
bed05d21f74cdcbce21ea73af7f9519e5501effea2534f18fa7a8aac6c25925c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3368544a6266f0fee3c4437a8144887bbad1de97be20a578c07946a8ed41b4f