![](/screenshots/43590700-e8da-46d8-bc00-6db30523952c.png)
login.microsoftonline.com
Open in
urlscan Pro
2603:1036:3000:138::6
Public Scan
Effective URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd...
Submission: On December 09 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 9th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.160.8.8 34.160.8.8 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
6 | 2001:4860:480... 2001:4860:4802:32::35 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:6ea0:c40... 2a02:6ea0:c400::12 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:821::2003 | 15169 (GOOGLE) (GOOGLE) | |
6 | 2607:f8b0:400... 2607:f8b0:4006:80d::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:817::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2603:1036:300... 2603:1036:3000:138::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b | 15133 (EDGECAST) (EDGECAST) | |
1 | 20.190.190.196 20.190.190.196 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2620:1ec:46::40 2620:1ec:46::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
30 | 11 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.8.160.34.bc.googleusercontent.com
mongo-express-sso.live.oscato.com |
ASN15169 (GOOGLE, US)
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 www.googleapis.com — Cisco Umbrella Rank: 22 identitytoolkit.googleapis.com — Cisco Umbrella Rank: 3562 |
3 KB |
7 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 974 |
269 KB |
6 |
run.app
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app |
875 KB |
2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3507 |
146 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16 |
27 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 80 |
|
1 |
icons8.com
img.icons8.com — Cisco Umbrella Rank: 30684 |
6 KB |
1 |
oscato.com
1 redirects
mongo-express-sso.live.oscato.com |
1001 B |
30 | 9 |
Domain | Requested by | |
---|---|---|
7 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
6 | www.googleapis.com |
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
|
6 | iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app |
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
|
2 | aadcdn.msftauthimages.net | |
2 | login.microsoftonline.com |
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
aadcdn.msftauth.net |
2 | identitytoolkit.googleapis.com |
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | login.live.com |
login.microsoftonline.com
|
1 | fonts.googleapis.com |
client
|
1 | img.icons8.com |
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
|
1 | mongo-express-sso.live.oscato.com | 1 redirects |
30 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.a.run.app GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
1004834818.rsc.cdn77.org R3 |
2023-11-26 - 2024-02-24 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-09 - 2024-11-09 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2023-11-10 - 2024-11-10 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03 |
2023-11-25 - 2024-11-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Frame ID: 9AA584623C30CC93A9C0B9ED2D1B88C0
Requests: 27 HTTP requests in this frame
Screenshot
![](/screenshots/43590700-e8da-46d8-bc00-6db30523952c.png)
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://mongo-express-sso.live.oscato.com/
HTTP 302
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express... Page URL
- https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo... Page URL
- https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt... Page URL
- https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mongo-express-sso.live.oscato.com/
HTTP 302
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg Page URL
- https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp Page URL
- https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app Page URL
- https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://mongo-express-sso.live.oscato.com/ HTTP 302
- https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/ Redirect Chain
|
781 B 972 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/ |
782 KB 785 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cloud.png
img.icons8.com/cotton/2x/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
config
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/ |
960 B 976 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ |
312 B 457 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
projects
identitytoolkit.googleapis.com/v1/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
projects
identitytoolkit.googleapis.com/v1/ |
312 B 457 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
handler
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/ |
462 B 306 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
experiments.js
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/ |
570 B 321 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
handler.js
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/ |
278 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ |
312 B 227 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
425 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
createAuthUri
www.googleapis.com/identitytoolkit/v3/relyingparty/ |
1 KB 965 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
createAuthUri
www.googleapis.com/identitytoolkit/v3/relyingparty/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_G8nbIKerNCoHF1cUBcOz7w2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/ |
43 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_2TS5K5gxo-zWGrXS7stGhw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
421 KB 116 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_fmhisaxpoaglzwf5og-iag2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
52 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_e510439e6f2355f97577.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-7prhwieizc3kvm-yvgph9xxmyucsb0dbgnvycho9sdk/logintenantbranding/0/ |
137 KB 138 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-7prhwieizc3kvm-yvgph9xxmyucsb0dbgnvycho9sdk/logintenantbranding/0/ |
8 KB 8 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_50b92a7b991422dd39ff.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 809 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_e510439e6f2355f97577 boolean| __convergedlogin_pstringcustomizationhelper_50b92a7b991422dd39ff12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mongo-express-sso.live.oscato.com/ | Name: GCP_IAP_XSRF_NONCE_tp04gAZIOH8uAGTD-BSxFA Value: 1 |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AUcADOnO3gPOHkaMId1Tjhgcdcnr8c27BkZLuP7oR_u6TwpHAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-gapuyHuf7FOiQ8zMAZFJk_3wWNXeh7T1F87MrB-hT53cH2whxbmCWPgM5pWVKCY0iIunxOFvh7ZgNdokgG4EZRqJ8YCEHPKyB1l8oSW-bK0gAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ--jXQy8IEru4TdiLZakT_5Sm7BbQ3JaxF9p3Ho4nVuyZeCQU3Rp5xD-mawbfgrFbx0-kPrrzQ_aNmay6-glPEqwbWwIEXFthomsQ_pUkFXrShnxU37BlxOEkMnXib49jRZZbGqslEvKDSzgBXpicgk5elq7IJHDdnSytTzmtSlhsgAA |
|
.login.microsoftonline.com/ | Name: esctx-VsJ26RP1RWU Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-kgNScMieYtSlNk13IHZgD-YMpkeEoFido_foaxUM4Fkx2YU-zl7t1dYeQxGWFIYCNz-WwQv4piqqQOmA83CQsCkqtOKBDcnhmt49lXDiYugOBnWyJPBFl--bjAtkIM7SGZNptYpBNCKfJqfSnt3dSCAA |
|
login.microsoftonline.com/ | Name: fpc Value: AoC8ycXR34hHtRAmdQmL4BkEBUSKAQAAAAVLBt0OAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: 3f0ec9950d364be8b4eb5ba2b536fcc6 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1702122502&co=1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
fonts.googleapis.com
fonts.gstatic.com
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
identitytoolkit.googleapis.com
img.icons8.com
login.live.com
login.microsoftonline.com
mongo-express-sso.live.oscato.com
www.googleapis.com
20.190.190.196
2001:4860:4802:32::35
2603:1036:3000:138::6
2606:2800:21f:1b88:6342:f8de:86c:e98b
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::200a
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::200a
2620:1ec:46::40
2a02:6ea0:c400::12
34.160.8.8
064f806299b82681ca35a489f6fc4b6d614c6c93471ef6f2c6738c8e6f107299
0c637f963ac04978b12b1e98a68a9ff611cbf2212d70f21b69cb0fad96722bc5
0ea7628423c80e4e8d0791f57aa8b205cb64886686a360467ae645c7cf6aa99b
13d3abb27a74de95eb09aab2efc653b781835fbdd7b1e33ff499ecc73d9921f9
1b34f0506570aee83401813c56d2621febe7e7c84bd2f7b0e21682c5c7b1338f
1ee9272f18dabe52ff16697ca183c53f620ed11f18c7254d5fbc69e028bd6b80
401786897a75a740a92b94f1aa27726e522d70855d163371e298422d482be69c
446be1706e1aa01860576ecd07073af8e2451cabe7b8f538b330efbf8816d529
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89
8af9b303e5e3a3623a9520e74be0ed612595812f0e5ffa704aa7ae3a9a0f269d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
969486e23eab84d16be606d82c2b166aba2ad28b8582583a068987f0b9c39d7f
9d02d07fbda0125bede904e0e67f56a471f05760150481523f3f29f170076f67
9e32ea1b2a0a983eff9ef556da5576edb42e68e0f4c34cc8c99b35bab105668a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b797cd27c5cbc7ce1ec29665a5d2bfb1a582caff1096bdd22f944370a0333edb
ce225ee3bd2a8ad914e3da1ad3c2fb7dfb42e901d54d358b718c449eededb254
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
e6c1c75c1ad278bb37fe3e06f0b1bf775cb94bcc58ae46651d9a29b5218f34f2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f693e596bd255e64c26bdbabfb059178e31f7037f20718039be5e8eeb477ba84
f8080380beb017e5fe694e286aa1f282a5097e542c969c8ea0d07996e43aee33
fb77bb1d43b2d95229ad7bc71b3b259a0b83bf64351212b448a27c172fe61ffa