login.microsoftonline.us Open in urlscan Pro
52.126.195.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://useitc.unanet.biz/useitc
Effective URL:
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU...
Submission: On August 08 via manual (August 8th 2023, 4:57:08 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 11 HTTP transactions. The main IP is 52.126.195.74, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 10270.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2023. Valid for: a year.

This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	3.20.31.156 3.20.31.156	16509 (AMAZON-02) (AMAZON-02)
2	52.126.195.74 52.126.195.74	8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef	15133 (EDGECAST) (EDGECAST)
6	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
11	5

3 3.20.31.156 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-31-156.us-east-2.compute.amazonaws.com

useitc.unanet.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.126.195.74 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 1010	220 KB
3	unanet.biz 2 redirects useitc.unanet.biz	2 KB
2	microsoftonline.us login.microsoftonline.us — Cisco Umbrella Rank: 10270	26 KB
1	msauthimages.us aadcdn.msauthimages.us — Cisco Umbrella Rank: 118122	10 KB
1	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1032	48 KB
11	5

	Domain	Requested by
6	aadcdn.msauth.net	login.microsoftonline.us aadcdn.msauth.net
3	useitc.unanet.biz	2 redirects
2	login.microsoftonline.us	aadcdn.msftauth.net
1	aadcdn.msauthimages.us
1	aadcdn.msftauth.net	login.microsoftonline.us
11	5

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
unanet.biz Amazon RSA 2048 M01	`2023-05-23` - `2024-06-20`	a year	crt.sh
login.microsoftonline.us DigiCert SHA2 Secure Server CA	`2023-05-27` - `2024-05-27`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-07-29` - `2024-07-29`	a year	crt.sh
aadcdn.msauthimages.us Microsoft Azure TLS Issuing CA 02	`2023-03-08` - `2024-03-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Frame ID: D022B809A485DA8D69E420B43372F1F2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://useitc.unanet.biz/useitc HTTP 302
https://useitc.unanet.biz/useitc/ Page URL
https://useitc.unanet.biz/useitc/action/home HTTP 302
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJN... Page URL
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJN... Page URL

Page Statistics

11
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

304 kB
Transfer

999 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://useitc.unanet.biz/useitc HTTP 302
https://useitc.unanet.biz/useitc/ Page URL
https://useitc.unanet.biz/useitc/action/home HTTP 302
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome Page URL
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://useitc.unanet.biz/useitc HTTP 302
https://useitc.unanet.biz/useitc/

Request Chain 1

https://useitc.unanet.biz/useitc/action/home HTTP 302
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
useitc.unanet.biz/useitc/
Redirect Chain

https://useitc.unanet.biz/useitc
https://useitc.unanet.biz/useitc/

330 B
824 B

129ms
128ms

Document
text/html

3.20.31.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://useitc.unanet.biz/useitc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.20.31.156 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-31-156.us-east-2.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 30d997a1a1cf301801b22dbf1b79574ccc349460dc387915b983d80cc23a032b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 330
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 16:57:04 GMT
etag: W/"330-1606794662000"
last-modified: Tue, 01 Dec 2020 03:51:02 GMT
server: nginx/1.22.1

Redirect headers

content-length: 0
date: Tue, 08 Aug 2023 16:57:04 GMT
location: /useitc/
server: nginx/1.22.1

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/
Redirect Chain

https://useitc.unanet.biz/useitc/action/home
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1...

20 KB
10 KB

597ms
184ms

Document
text/html

52.126.195.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.126.195.74 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8c859b0f26ab216250894370acb6dca3669fe8f2273790e3825ee94739415bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://useitc.unanet.biz/useitc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 9207
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Aug 2023 16:57:05 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
x-ms-ests-server: 2.1.15984.6 - USGAZLR2 ProdSlices
x-ms-request-id: b7cbdeea-f365-4bb0-b3b3-d2aaa7165b00

Redirect headers

cache-control: no-cache, no-store
content-length: 0
content-script-type: text/javascript
content-type: text/html;charset=UTF-8
date: Tue, 08 Aug 2023 16:57:04 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome
pragma: no-cache
server: nginx/1.22.1

GET
H2 200 BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 135 KB
48 KB 162ms
41ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D07) /
Resource Hash: cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c

Request headers

Referer: https://login.microsoftonline.us/
Origin: https://login.microsoftonline.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:05 GMT
content-encoding: gzip
content-md5: Mwomsrfm/E5wVC4ntDZsmw==
age: 2158082
x-cache: HIT
content-length: 48719
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 10:42:34 GMT
server: ECAcc (frc/4D07)
etag: 0x8DB82C4B39B426F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bb78137b-401e-002e-4b78-b6613a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/ 38 KB
16 KB 404ms
404ms Document
text/html 52.126.195.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.126.195.74 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4b3ed7172134f84207da2017a103ad077d37b5bfd8405723010db3f0f48cc93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14575
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Aug 2023 16:57:05 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
x-ms-ests-server: 2.1.15984.6 - USGTX ProdSlices
x-ms-request-id: 20aa5b28-8f87-4022-abda-2966f74b8800

GET
H2 200 converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 209ms
78ms Stylesheet
text/css 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer: https://login.microsoftonline.us/
Origin: https://login.microsoftonline.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:06 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 20105
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 19:54:03 GMT
etag: 0x8DB5710770A6D5D
x-azure-ref: 20230808T165706Z-vwhum15ebp6pd81ngsk9npc3e80000000be0000000006xkw
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 060a69b2-e01e-0021-1dca-c08d42000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 413 KB
115 KB 209ms
78ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8341ffbd25a1b2899756fd73fd44f7fb67279b78ae0fe052ac48bee38149fe4c

Request headers

Referer: https://login.microsoftonline.us/
Origin: https://login.microsoftonline.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:06 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 116827
x-ms-lease-status: unlocked
last-modified: Fri, 14 Jul 2023 16:42:13 GMT
etag: 0x8DB848946EF0442
x-azure-ref: 20230808T165706Z-vwhum15ebp6pd81ngsk9npc3e80000000be0000000006xkx
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b8fbb776-101e-0062-7b03-c42355000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-de.min_teq2a9w5a9dvhiycdifrpa2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 54 KB
16 KB 209ms
78ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_teq2a9w5a9dvhiycdifrpa2.js
Requested by: Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 129d8b4779013ada24a3e2d35018b67e51fef2923673e1cb198cb0dca6389af2

Request headers

Referer: https://login.microsoftonline.us/
Origin: https://login.microsoftonline.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:06 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 15915
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 00:28:46 GMT
etag: 0x8DB83381EC1EC18
x-azure-ref: 20230808T165706Z-vwhum15ebp6pd81ngsk9npc3e80000000be0000000006xky
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 31bf678f-a01e-0019-511e-c4f442000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 166ms
85ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:06 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 32254
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 17:22:22 GMT
etag: 0x8DB6C32C003B3FA
x-azure-ref: 20230808T165706Z-6pccr4hzmx49b9xeq1hw8gdm6w0000000bhg00000002c8d5
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dc95b169-901e-0046-7bb6-c31e6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msauthimages.us/6ebb54f4-fauwkqsiorlkcsbgvzljmgn1jsficer7jms5hjxk0gu/logintenantbranding/0/ 10 KB
10 KB 958ms
755ms Image
image/* 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.us/6ebb54f4-fauwkqsiorlkcsbgvzljmgn1jsficer7jms5hjxk0gu/logintenantbranding/0/bannerlogo?ts=636906914828203376
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ab59e0706e64ed2bdbd25864335bdc27f61f019a6600f368f234e6ac0314572e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:07 GMT
last-modified: Thu, 08 Oct 2020 18:58:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: VUTXAJMpwS9ZXV8lUlmQoA==
etag: 0x8D86BBC27C085EB
vary: Origin
content-type: image/*
x-ms-request-id: 7d4f26a0-e01e-000b-2d19-caabd9000000
x-ms-version: 2009-09-19
content-length: 9963

GET
H2 200 convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
36 KB 47ms
47ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:06 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 35820
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 17:22:24 GMT
etag: 0x8DB6C32C0B49A7E
x-azure-ref: 20230808T165706Z-6pccr4hzmx49b9xeq1hw8gdm6w0000000bhg00000002c8eb
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 22e2c800-e01e-0021-1e0e-c48d42000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 16:57:06 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:49 GMT
etag: 0x8DB5C3F49ED96E0
x-azure-ref: 20230808T165706Z-6pccr4hzmx49b9xeq1hw8gdm6w0000000bhg00000002c8gc
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6ce6a4c8-801e-009f-39ef-c3591b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
useitc.unanet.biz/	1970-01-20 14:01:58	Name: AWSALB Value: 3hV964z1qRFg5w4dn6TQvrzAIY1JsqpKVHScYZesubCiJ+nBKUIsEtZayD7e++m/zNB3Yi7Xr+riyzXTGqix1ic667eJPMgYeijjUqjNkx7e9J84YTvMKdTyZVIS
useitc.unanet.biz/	1970-01-20 14:01:58	Name: AWSALBCORS Value: 3hV964z1qRFg5w4dn6TQvrzAIY1JsqpKVHScYZesubCiJ+nBKUIsEtZayD7e++m/zNB3Yi7Xr+riyzXTGqix1ic667eJPMgYeijjUqjNkx7e9J84YTvMKdTyZVIS
login.microsoftonline.us/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.us/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.us/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.us/	1970-01-20 13:51:53	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.us/	1970-01-20 14:35:05	Name: buid Value: 0.CwMAeykvshAwB0qnXHUtFVdmnPhhjiEF2NRNkSFlYAx_tVACAAA.AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mjMdfH-b0UIp3GOkQoQINaC85M72PydudO226ptrb-_1rb0MggmzH_IYWrtmCOSQo_RcasEF8kZh-wO6-DSMhRwIOf5qecvHZETcQUDmLTJYgAA
.login.microsoftonline.us/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAgAhOAwqV52nQZ3QnHiKUS5m-jknFo2G_XWNygIvmzU0_pogxYvc0dDznrUMCzHa0KURq3NlJcWA4kWGBD3SEeBH84eRTOH6Rz7CZkDQd7donFMl-tEMe35CBHJXiSRacbPyQAsH_AI2YvVOtL_ffjYuzdub4TnN8diEJOmjPTTkwPI4-6awQnw5ApaYfcfZTN_VmNFr1IbsMEWEpYPGQQjsSmre8jOIIgb6A3WCzHfRo1K5dLJ3Yy5tBcesn8HZePogAA
login.microsoftonline.us/	1970-01-20 14:35:05	Name: fpc Value: AqFlIj3Jso1MrybiH-5xZGW-2vsQAQAAAOFqZNwOAAAA
.login.microsoftonline.us/	1970-01-20 23:13:29	Name: brcap Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.us
aadcdn.msftauth.net
login.microsoftonline.us
useitc.unanet.biz
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::44
3.20.31.156
52.126.195.74
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe
129d8b4779013ada24a3e2d35018b67e51fef2923673e1cb198cb0dca6389af2
30d997a1a1cf301801b22dbf1b79574ccc349460dc387915b983d80cc23a032b
4b3ed7172134f84207da2017a103ad077d37b5bfd8405723010db3f0f48cc93e
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd
8341ffbd25a1b2899756fd73fd44f7fb67279b78ae0fe052ac48bee38149fe4c
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9
8c859b0f26ab216250894370acb6dca3669fe8f2273790e3825ee94739415bf1
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
ab59e0706e64ed2bdbd25864335bdc27f61f019a6600f368f234e6ac0314572e
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c

login.microsoftonline.us Open in urlscan Pro 52.126.195.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

304 kBTransfer

999 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

10 Cookies

Indicators

login.microsoftonline.us Open in urlscan Pro
52.126.195.74 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

304 kB
Transfer

999 kB
Size

10
Cookies

11 HTTP transactions
0 data transactions