login.microsoftonline.com
Open in
urlscan Pro
20.190.144.164
Public Scan
Effective URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Submission: On November 28 via manual from GB — Scanned from AU
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 28th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 131.217.10.58 131.217.10.58 | 7573 (UTAS The ...) (UTAS The University of Tasmania) | |
3 | 20.190.144.164 20.190.144.164 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 152.199.39.242 152.199.39.242 | 15133 (EDGECAST) (EDGECAST) | |
1 | 40.126.35.80 40.126.35.80 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 13.107.213.59 13.107.213.59 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 40.126.16.166 40.126.16.166 | () () | |
18 | 6 |
ASN7573 (UTAS The University of Tasmania, AU)
PTR: ezproxy.its.utas.edu.au
search.ebscohost.com.ezproxy.utas.edu.au | |
search-ebscohost-com.ezproxy.utas.edu.au | |
login.ezproxy.utas.edu.au |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1508 |
194 KB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 27 |
108 KB |
3 |
utas.edu.au
2 redirects
search.ebscohost.com.ezproxy.utas.edu.au search-ebscohost-com.ezproxy.utas.edu.au login.ezproxy.utas.edu.au |
2 KB |
2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 5426 |
257 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com |
1 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 59 |
|
18 | 6 |
Domain | Requested by | |
---|---|---|
10 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
3 | login.microsoftonline.com |
aadcdn.msftauth.net
|
2 | aadcdn.msftauthimages.net | |
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | login.ezproxy.utas.edu.au | |
1 | search-ebscohost-com.ezproxy.utas.edu.au | 1 redirects |
1 | search.ebscohost.com.ezproxy.utas.edu.au | 1 redirects |
18 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ezproxy.utas.edu.au DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-13 - 2023-08-13 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-08-28 - 2023-08-28 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2022-10-04 - 2023-10-04 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 06 |
2022-09-29 - 2023-09-24 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2022-10-04 - 2023-10-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Frame ID: 88F743CE157620B09D89D8EADA2E1535
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password
HTTP 302
https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profi... Page URL
- https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2 Page URL
- https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password
HTTP 302
https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword Page URL
- https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2 Page URL
- https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
- https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
- https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
login
login.ezproxy.utas.edu.au/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
saml2
login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/ |
152 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
saml2
login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/ |
195 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
387 KB 110 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_itjeuokkx5s5hz5xm6syrg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/ |
247 KB 248 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/ |
9 KB 9 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
264 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 807 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e boolean| __convergedlogin_pcustomizationloader_8dc1586f19519d6b618f10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQoAVV3rFZEZvEaNp6slI03uCAACTZt4icJDpjG_nvrwZ9cKAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrUyoQhb-Wo2ZorKTIq3Be99Hv1_Nh_mYSET122jxcq0T1Tf-QXMxBE41E7KCy5C2ScTpLft2krlrU9SgIpWkuGnfVZhhAIuUtVvI56wqhApwgAA |
|
login.microsoftonline.com/ | Name: fpc Value: AoACRGjgCOFEjq_dXBC6mDmAm4-1AQAAAG6mFtsOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrQV_sxE5vPy6uuJqSz7toaqHQZjqVe44gpaFaVP-0trs-PK3HdYmGp0z6tsWZkH8A9BasI5ksEXB2peY6rra9UPraT47Peqy-9p2-ERCc5MOM9sqI5BSmp_dCxYXJww935k-pAIZgAcsj-jf8cIGQi187nWtwQWQZwOlBbZp2rg0SxJZ2XFqqgxCsTdYC_NUpQTMAG2sekCm2b5Co5AYG1eQJUHB_6Tb5MrZ_HDrQ7wkgAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: ec3054666876440faa4baf708c1140dc |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1669640048&co=1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
login.ezproxy.utas.edu.au
login.live.com
login.microsoftonline.com
search-ebscohost-com.ezproxy.utas.edu.au
search.ebscohost.com.ezproxy.utas.edu.au
13.107.213.59
131.217.10.58
152.199.39.242
20.190.144.164
40.126.16.166
40.126.35.80
1715c786d52ce35bea2274e2080b9fbda3a4177d7741d8fb3997caeea4798dca
4008131ffd594fae344a106a6b54bc35ba496eb47d604a2a88558b945c173e1c
4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194
642b4893c0bed2b58b6a3d762dce5a1d7085a0978f1b71ee1324778c81c0640a
7d7492e4627e46528df0a765b1cedd1d5284d62a39509fd80dcf06f0a4407eab
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd
8dc13a2057a11d16a8159930f848a10c58d645c072f718fb278d5e12a7f8c9bd
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c76a22a062b9d855f2e680c6556c59bd06967aeeddaf4faacc10f478508ba068
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855