login.microsoftonline.us
Open in
urlscan Pro
52.126.195.74
Public Scan
Effective URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU...
Submission: On August 08 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2023. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 3.20.31.156 3.20.31.156 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.126.195.74 52.126.195.74 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
6 | 2620:1ec:46::44 2620:1ec:46::44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
11 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-31-156.us-east-2.compute.amazonaws.com
useitc.unanet.biz |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
ASN15133 (EDGECAST, US)
aadcdn.msauthimages.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1010 |
220 KB |
3 |
unanet.biz
2 redirects
useitc.unanet.biz |
2 KB |
2 |
microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 10270 |
26 KB |
1 |
msauthimages.us
aadcdn.msauthimages.us — Cisco Umbrella Rank: 118122 |
10 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1032 |
48 KB |
11 | 5 |
Domain | Requested by | |
---|---|---|
6 | aadcdn.msauth.net |
login.microsoftonline.us
aadcdn.msauth.net |
3 | useitc.unanet.biz | 2 redirects |
2 | login.microsoftonline.us |
aadcdn.msftauth.net
|
1 | aadcdn.msauthimages.us | |
1 | aadcdn.msftauth.net |
login.microsoftonline.us
|
11 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
unanet.biz Amazon RSA 2048 M01 |
2023-05-23 - 2024-06-20 |
a year | crt.sh |
login.microsoftonline.us DigiCert SHA2 Secure Server CA |
2023-05-27 - 2024-05-27 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-07-29 - 2024-07-29 |
a year | crt.sh |
aadcdn.msauthimages.us Microsoft Azure TLS Issuing CA 02 |
2023-03-08 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Frame ID: D022B809A485DA8D69E420B43372F1F2
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://useitc.unanet.biz/useitc
HTTP 302
https://useitc.unanet.biz/useitc/ Page URL
-
https://useitc.unanet.biz/useitc/action/home
HTTP 302
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJN... Page URL
- https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJN... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz & Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://useitc.unanet.biz/useitc
HTTP 302
https://useitc.unanet.biz/useitc/ Page URL
-
https://useitc.unanet.biz/useitc/action/home
HTTP 302
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome Page URL
- https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://useitc.unanet.biz/useitc HTTP 302
- https://useitc.unanet.biz/useitc/
- https://useitc.unanet.biz/useitc/action/home HTTP 302
- https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgndJpGRJNmE5cGMENZC2Rqz00EtBU6uEAEW6XMp9fH1Z2Q7SQ1OAp%2BXszs7MLm9%2BDIacwKN2tqE8ZZSAVa7T9qmhj%2B1dMqc3qyXKweRHsR7Ds32AbyNgILHRojj%2FNHT0VjiJGoWVA6AISuzXH%2B5FnjJx9C445Qwla0TwIVLdOovjAH4P%2FqQVPD7cN%2FQ5hCOKLBsRdFDpaKWFkB70r0slk%2BpPa2bck7bZSRrdyQCUbOI22sowKbgOmUDpoJV36PrgrNEW0hGzQ573%2BaI%2BJAXjLJlJVieyLlVSl3nHy7KuqoXKJlWU3DmvYBLd0F4ajGTbTUO%2FKiihqKqKK8WqmeRclawoAeZlz4saZhGGOMLWYpA2NDRneZGweXwtr0RZCzZL68XiCyW7izXvtD1b%2FpaPhzMIxfu23SW7T%2FuWks%2FX6CKAXoISE7t%2FndDbg%2BU1Frr6XwjL7DXFy2V8jDO3m50zWv0ka2Pc91sPMZ0X36KVgwz%2FXoOnfKroLuknqBgtHkHpXkNHs9WF9%2B8bXP0G&RelayState=%2Fuseitc%2Faction%2Fhome
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
useitc.unanet.biz/useitc/ Redirect Chain
|
330 B 824 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
135 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/ |
38 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
108 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
413 KB 115 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_teq2a9w5a9dvhiycdifrpa2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
54 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.us/6ebb54f4-fauwkqsiorlkcsbgvzljmgn1jsficer7jms5hjxk0gu/logintenantbranding/0/ |
10 KB 10 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1 boolean| __convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a1310 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
useitc.unanet.biz/ | Name: AWSALB Value: 3hV964z1qRFg5w4dn6TQvrzAIY1JsqpKVHScYZesubCiJ+nBKUIsEtZayD7e++m/zNB3Yi7Xr+riyzXTGqix1ic667eJPMgYeijjUqjNkx7e9J84YTvMKdTyZVIS |
|
useitc.unanet.biz/ | Name: AWSALBCORS Value: 3hV964z1qRFg5w4dn6TQvrzAIY1JsqpKVHScYZesubCiJ+nBKUIsEtZayD7e++m/zNB3Yi7Xr+riyzXTGqix1ic667eJPMgYeijjUqjNkx7e9J84YTvMKdTyZVIS |
|
login.microsoftonline.us/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.us/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.us/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.us/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.us/ | Name: buid Value: 0.CwMAeykvshAwB0qnXHUtFVdmnPhhjiEF2NRNkSFlYAx_tVACAAA.AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mjMdfH-b0UIp3GOkQoQINaC85M72PydudO226ptrb-_1rb0MggmzH_IYWrtmCOSQo_RcasEF8kZh-wO6-DSMhRwIOf5qecvHZETcQUDmLTJYgAA |
|
.login.microsoftonline.us/ | Name: esctx Value: PAQABAAEAAgAhOAwqV52nQZ3QnHiKUS5m-jknFo2G_XWNygIvmzU0_pogxYvc0dDznrUMCzHa0KURq3NlJcWA4kWGBD3SEeBH84eRTOH6Rz7CZkDQd7donFMl-tEMe35CBHJXiSRacbPyQAsH_AI2YvVOtL_ffjYuzdub4TnN8diEJOmjPTTkwPI4-6awQnw5ApaYfcfZTN_VmNFr1IbsMEWEpYPGQQjsSmre8jOIIgb6A3WCzHfRo1K5dLJ3Yy5tBcesn8HZePogAA |
|
login.microsoftonline.us/ | Name: fpc Value: AqFlIj3Jso1MrybiH-5xZGW-2vsQAQAAAOFqZNwOAAAA |
|
.login.microsoftonline.us/ | Name: brcap Value: 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.us
aadcdn.msftauth.net
login.microsoftonline.us
useitc.unanet.biz
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::44
3.20.31.156
52.126.195.74
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe
129d8b4779013ada24a3e2d35018b67e51fef2923673e1cb198cb0dca6389af2
30d997a1a1cf301801b22dbf1b79574ccc349460dc387915b983d80cc23a032b
4b3ed7172134f84207da2017a103ad077d37b5bfd8405723010db3f0f48cc93e
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd
8341ffbd25a1b2899756fd73fd44f7fb67279b78ae0fe052ac48bee38149fe4c
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9
8c859b0f26ab216250894370acb6dca3669fe8f2273790e3825ee94739415bf1
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
ab59e0706e64ed2bdbd25864335bdc27f61f019a6600f368f234e6ac0314572e
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c