login.microsoftonline.com Open in urlscan Pro
20.190.144.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password
Effective URL:
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Submission: On November 28 via manual (November 28th 2022, 12:54:11 pm UTC) from GB — Scanned from AU

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 18 HTTP transactions. The main IP is 20.190.144.164, located in Seoul, Korea, Republic Of and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 27.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 28th 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	131.217.10.58 131.217.10.58	7573 (UTAS The ...) (UTAS The University of Tasmania)
3	20.190.144.164 20.190.144.164	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	152.199.39.242 152.199.39.242	15133 (EDGECAST) (EDGECAST)
1	40.126.35.80 40.126.35.80	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.213.59 13.107.213.59	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.16.166 40.126.16.166	() ()
18	6

3 131.217.10.58 (Summerleas, Australia) 2 redirects

ASN7573 (UTAS The University of Tasmania, AU)
PTR: ezproxy.its.utas.edu.au

search.ebscohost.com.ezproxy.utas.edu.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
search-ebscohost-com.ezproxy.utas.edu.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.ezproxy.utas.edu.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.190.144.164 (Seoul, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 152.199.39.242 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.35.80 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.59 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.16.166 (None, )

ASN- ()

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1508	194 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 27	108 KB
3	utas.edu.au 2 redirects search.ebscohost.com.ezproxy.utas.edu.au search-ebscohost-com.ezproxy.utas.edu.au login.ezproxy.utas.edu.au	2 KB
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 5426	257 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 59
18	6

	Domain	Requested by
10	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
3	login.microsoftonline.com	aadcdn.msftauth.net
2	aadcdn.msftauthimages.net
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	login.ezproxy.utas.edu.au
1	search-ebscohost-com.ezproxy.utas.edu.au	1 redirects
1	search.ebscohost.com.ezproxy.utas.edu.au	1 redirects
18	8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
ezproxy.utas.edu.au DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2023-08-13`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-08-28` - `2023-08-28`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2022-04-01` - `2023-04-01`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2022-10-04` - `2023-10-04`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 06	`2022-09-29` - `2023-09-24`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2022-10-04` - `2023-10-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Frame ID: 88F743CE157620B09D89D8EADA2E1535
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profi... Page URL
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2 Page URL
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

4
Countries

562 kB
Transfer

1129 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-AU/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-AU/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword Page URL
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2 Page URL
https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password HTTP 302
https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

https://search.ebscohost.com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password
https://search-ebscohost-com.ezproxy.utas.edu.au/login.aspx?authtype=ip&profile=eds&user=s3690071&password=password
https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword

1 KB
2 KB

495ms
125ms

Document
text/html

131.217.10.58
UTAS The Universi...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 131.217.10.58 Summerleas, Australia, ASN7573 (UTAS The University of Tasmania, AU),
Reverse DNS: ezproxy.its.utas.edu.au
Software: EZproxy /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: close
Content-Type: text/html
Date: Mon, 28 Nov 2022 12:54:05 GMT
Server: EZproxy

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: close
Date: Mon, 28 Nov 2022 12:54:04 GMT
Expires: Mon, 02 Aug 1999 00:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 12:54:04 GMT
Location: https://login.ezproxy.utas.edu.au/login?qurl=https://search.ebscohost.com%2flogin.aspx%3fauthtype%3dip%26profile%3deds%26user%3ds3690071%26password%3dpassword
Pragma: no-cache
Server: EZproxy

POST
H/1.1 200
OK saml2 Show response
login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/ 152 KB
55 KB 1070ms
321ms Document
text/html 20.190.144.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.144.164 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8dc13a2057a11d16a8159930f848a10c58d645c072f718fb278d5e12a7f8c9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://login.ezproxy.utas.edu.au
Referer: https://login.ezproxy.utas.edu.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55599
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 12:54:05 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
x-ms-ests-server: 2.1.14059.16 - SEASLR2 ProdSlices
x-ms-request-id: 376d5277-2165-4b30-a9f3-c9fb58e02801

POST
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/ 195 KB
51 KB 311ms
311ms Document
text/html 20.190.144.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.144.164 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7d7492e4627e46528df0a765b1cedd1d5284d62a39509fd80dcf06f0a4407eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 50315
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 12:54:06 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
x-ms-ests-server: 2.1.14059.16 - KRSLR1 ProdSlices
x-ms-request-id: a1a1a807-79e2-44d9-9fec-9ae88c702201

GET
H2 200 ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 387 KB
110 KB 399ms
98ms Script
application/x-javascript 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E79D) /
Resource Hash: 4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:07 GMT
content-encoding: gzip
content-md5: GWIREUt3H0wPJYOZTfRfQg==
age: 3941660
x-cache: HIT
content-length: 111991
x-ms-lease-status: unlocked
last-modified: Wed, 12 Oct 2022 00:11:49 GMT
server: ECAcc (nwa/E79D)
etag: 0x8DAABE65BB403E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a4b5235b-301e-009f-524f-dfa60b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 1375ms
375ms Other
text/html 40.126.35.80
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.35.80 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 394ms
101ms Other
text/css 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7C8) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
age: 9892184
x-cache: HIT
content-length: 19970
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (nwa/E7C8)
etag: 0x8DA7650B375AC9B
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a3fa0a7a-701e-0075-1830-a9f6ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en.min_itjeuokkx5s5hz5xm6syrg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
14 KB 394ms
101ms Other
application/x-javascript 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_itjeuokkx5s5hz5xm6syrg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7C9) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-encoding: gzip
content-md5: /guMfU/O5vlcggq+yYbuLA==
age: 3941659
x-cache: HIT
content-length: 14015
x-ms-lease-status: unlocked
last-modified: Wed, 12 Oct 2022 19:43:55 GMT
server: ECAcc (nwa/E7C9)
etag: 0x8DAAC8A1925DDF6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e4fbc3b2-301e-0071-624f-df1d53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 390ms
98ms Script
application/x-javascript 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7A4) /
Resource Hash: 1715c786d52ce35bea2274e2080b9fbda3a4177d7741d8fb3997caeea4798dca

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-encoding: gzip
content-md5: 4Xt/SF4lC+Zsg96sCtMl3A==
age: 6623411
x-cache: HIT
content-length: 5531
x-ms-lease-status: unlocked
last-modified: Wed, 07 Sep 2022 21:52:20 GMT
server: ECAcc (nwa/E7A4)
etag: 0x8DA911B3D45D5FD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c10d9b40-801e-000e-11eb-c61f6b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 390ms
99ms Image
image/gif 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7B8) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 20764621
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (nwa/E7B8)
etag: 0x8D79A1B9F2C6EC8
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: c0b1602f-701e-0054-3a4e-4676a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 390ms
100ms Image
image/gif 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7D0) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 25605185
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (nwa/E7D0)
etag: 0x8D79A1B9F8A840E
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: d5f923b2-a01e-0090-0c47-1a99e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 99ms
99ms Script
application/x-javascript 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7B2) /
Resource Hash: 89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-encoding: gzip
content-md5: xYMsa398BlO7oQWNFlhVpg==
age: 6952181
x-cache: HIT
content-length: 32180
x-ms-lease-status: unlocked
last-modified: Wed, 07 Sep 2022 21:52:20 GMT
server: ECAcc (nwa/E7B2)
etag: 0x8DA911B3D1A0EB6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1e29e04e-001e-000b-68ed-c30aca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 illustration
aadcdn.msftauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/ 247 KB
248 KB 341ms
103ms Image
image/* 13.107.213.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/illustration?ts=637492415727798532
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.59 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c76a22a062b9d855f2e680c6556c59bd06967aeeddaf4faacc10f478508ba068

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:07 GMT
last-modified: Thu, 18 Feb 2021 10:39:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: BzY7BKbbxeXXGwdWlIfhoA==
etag: 0x8D8D3F97BF40844
vary: Origin
x-cache: TCP_HIT
content-type: image/*
x-azure-ref: 0cK+EYwAAAADn+tLSp/zpSJDC34gy744iU1lEMDNFREdFMTgxMQA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id: 86f97881-601e-0024-3666-027daa000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 253116

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/ 9 KB
9 KB 340ms
102ms Image
image/* 13.107.213.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-lijraerayvic3fboizsyfbbmzoqh-kfoa3jzvr1g0dy/logintenantbranding/0/bannerlogo?ts=637491334753528234
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.59 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4008131ffd594fae344a106a6b54bc35ba496eb47d604a2a88558b945c173e1c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:07 GMT
last-modified: Wed, 17 Feb 2021 04:37:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: DPiWF4pUK4uPz1ul6cbc3A==
etag: 0x8D8D2FDCC6115DA
vary: Origin
x-cache: TCP_HIT
content-type: image/*
x-azure-ref: 0cK+EYwAAAABfTOqP6HLDSasMViz2SIMeU1lEMDNFREdFMTgxMQA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id: a8f0dd3d-e01e-0058-6ea9-02e09f000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 8821

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 98ms
97ms Image
image/gif 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7B8) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 20764621
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (nwa/E7B8)
etag: 0x8D79A1B9F2C6EC8
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: c0b1602f-701e-0054-3a4e-4676a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 99ms
98ms Image
image/gif 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7D0) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:08 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 25605185
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (nwa/E7D0)
etag: 0x8D79A1B9F8A840E
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: d5f923b2-a01e-0090-0c47-1a99e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ 12 B
1 KB 978ms
245ms Image
image/png 40.126.16.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ssoprobe?client-request-id=48011e09-756d-49e8-886a-c8694f95537b&_=1669640048246

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.16.166 -, , ASN (),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:54:08 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: a26a148c-cc90-4ac2-b70d-f242c7704a01
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
x-ms-ests-server: 2.1.14059.16 - KRC ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 264 B
1 KB 318ms
317ms XHR
application/json 20.190.144.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.144.164 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

642b4893c0bed2b58b6a3d762dce5a1d7085a0978f1b71ee1324778c81c0640a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: a1a1a807-79e2-44d9-9fec-9ae88c702201
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
client-request-id: 48011e09-756d-49e8-886a-c8694f95537b
canary: AQABAAAAAAD--DLA3VO7QrddgJg7WevroQbR06nVaUmEg9TwB_PbTyHLRWqBNwf1DyNhBnMZEQDLXNjUbWLVJd1AcdjnFJq97Ybj-SydhWPch3dZV6JwOrCdVvWt0-g_Z449cTW26vQi4l_TJWY5NQeA46ZM07j6wJ8tNDrmQ5mxgmPOJ0jbVLGZEzRPzYcZaz6hPcbFxyXXZ04IyrJNVy6VNyLVUeETCr4s8bMvArLOfREKhiLEOCAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/15eb5d55-1991-46bc-8da7-ab25234dee08/saml2?sso_reload=true
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 28 Nov 2022 12:54:08 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: 48011e09-756d-49e8-886a-c8694f95537b
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 264
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: 9eaf0090-b6e8-4cdf-af02-7facb5352701
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+krc"}]}
x-ms-ests-server: 2.1.14059.16 - SEASLR2 ProdSlices
Expires: -1

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
807 B 99ms
98ms Image
image/svg+xml 152.199.39.242
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7C3) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Nov 2022 12:54:09 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 1010132
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: ECAcc (nwa/E7C3)
etag: 0x8D8852A740F01B9
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 92f46db5-f01e-0012-64f8-f96cc0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 07:47:20	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 08:30:32	Name: buid Value: 0.AQoAVV3rFZEZvEaNp6slI03uCAACTZt4icJDpjG_nvrwZ9cKAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrUyoQhb-Wo2ZorKTIq3Be99Hv1_Nh_mYSET122jxcq0T1Tf-QXMxBE41E7KCy5C2ScTpLft2krlrU9SgIpWkuGnfVZhhAIuUtVvI56wqhApwgAA
login.microsoftonline.com/	1970-01-20 08:30:32	Name: fpc Value: AoACRGjgCOFEjq_dXBC6mDmAm4-1AQAAAG6mFtsOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrQV_sxE5vPy6uuJqSz7toaqHQZjqVe44gpaFaVP-0trs-PK3HdYmGp0z6tsWZkH8A9BasI5ksEXB2peY6rra9UPraT47Peqy-9p2-ERCc5MOM9sqI5BSmp_dCxYXJww935k-pAIZgAcsj-jf8cIGQi187nWtwQWQZwOlBbZp2rg0SxJZ2XFqqgxCsTdYC_NUpQTMAG2sekCm2b5Co5AYG1eQJUHB_6Tb5MrZ_HDrQ7wkgAA
.login.microsoftonline.com/	1970-01-20 17:08:56	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: ec3054666876440faa4baf708c1140dc
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1669640048&co=1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/15eb5d55-1991-46bc-8da7-ab25234dee08/winauth/ssoprobe?client-request-id=48011e09-756d-49e8-886a-c8694f95537b&_=1669640048246 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
login.ezproxy.utas.edu.au
login.live.com
login.microsoftonline.com
search-ebscohost-com.ezproxy.utas.edu.au
search.ebscohost.com.ezproxy.utas.edu.au
13.107.213.59
131.217.10.58
152.199.39.242
20.190.144.164
40.126.16.166
40.126.35.80
1715c786d52ce35bea2274e2080b9fbda3a4177d7741d8fb3997caeea4798dca
4008131ffd594fae344a106a6b54bc35ba496eb47d604a2a88558b945c173e1c
4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194
642b4893c0bed2b58b6a3d762dce5a1d7085a0978f1b71ee1324778c81c0640a
7d7492e4627e46528df0a765b1cedd1d5284d62a39509fd80dcf06f0a4407eab
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd
8dc13a2057a11d16a8159930f848a10c58d645c072f718fb278d5e12a7f8c9bd
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c76a22a062b9d855f2e680c6556c59bd06967aeeddaf4faacc10f478508ba068
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

login.microsoftonline.com Open in urlscan Pro 20.190.144.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

6 IPs

4 Countries

562 kBTransfer

1129 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

10 Cookies

1 Console Messages

Indicators

login.microsoftonline.com Open in urlscan Pro
20.190.144.164 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

4
Countries

562 kB
Transfer

1129 kB
Size

10
Cookies

18 HTTP transactions
0 data transactions