login.microsoftonline.com
Open in
urlscan Pro
40.126.26.133
Public Scan
Effective URL: https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&...
Submission: On August 21 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 2606:4700:303... 2606:4700:3033::6815:1507 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 40.126.26.133 40.126.26.133 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
koco-robot.com
1 redirects
kfh-04.koco-robot.com |
2 MB |
3 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 24 |
5 KB |
2 |
gstatic.com
fonts.gstatic.com |
34 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54 |
1 KB |
11 | 4 |
Domain | Requested by | |
---|---|---|
7 | kfh-04.koco-robot.com |
1 redirects
kfh-04.koco-robot.com
|
3 | login.microsoftonline.com |
1 redirects
kfh-04.koco-robot.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
kfh-04.koco-robot.com
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-07 - 2023-06-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-08-17 - 2023-08-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantredirect%2fauthresp&response_type=id_token&scope=email+openid&response_mode=query&nonce=amHylD0h5iGvzwtZCumhag%3d%3d&nux=1&nca=1&domain_hint=kolektordigital.onmicrosoft.com&mkt=en-US&lc=1033&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTFhOWE2NzQtYmMwZC00OTRjLWEzZTQtNWVkNjBkYmY5M2I0IiwiVElEIjoiZTVhZDhmZDEtM2YxMC00ODFkLWI5MTgtMGIwNGViYWZjNTA5IiwiVE9JRCI6IjA3MTk1MjBjLWM0NDUtNGE5MS05ODQ3LTZlOWM1ZTM2ZTFjMyJ9
Frame ID: D832F5BBB3EBEDBDD25B138307D3DD97
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://kfh-04.koco-robot.com/
HTTP 301
https://kfh-04.koco-robot.com/ Page URL
-
https://login.microsoftonline.com/te/kolektordigital.onmicrosoft.com/b2c_1_signin1/oauth2/v2.0/authorize?respo...
HTTP 302
https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kfh-04.koco-robot.com/
HTTP 301
https://kfh-04.koco-robot.com/ Page URL
-
https://login.microsoftonline.com/te/kolektordigital.onmicrosoft.com/b2c_1_signin1/oauth2/v2.0/authorize?response_type=id_token&scope=openid%20profile&client_id=cad29921-e7b2-4108-bc0e-d3bc7bb10efb&redirect_uri=https%3A%2F%2Fkfh-04.koco-robot.com%2F&state=15f26b65-c694-4e90-bb22-1db866906ef6&nonce=663e3984-5af2-4584-a81e-2a420ec0ef37&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=0.2.4&client-request-id=89053be3-5024-4321-912e-ba10e5fb3630&response_mode=fragment
HTTP 302
https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantredirect%2fauthresp&response_type=id_token&scope=email+openid&response_mode=query&nonce=amHylD0h5iGvzwtZCumhag%3d%3d&nux=1&nca=1&domain_hint=kolektordigital.onmicrosoft.com&mkt=en-US&lc=1033&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTFhOWE2NzQtYmMwZC00OTRjLWEzZTQtNWVkNjBkYmY5M2I0IiwiVElEIjoiZTVhZDhmZDEtM2YxMC00ODFkLWI5MTgtMGIwNGViYWZjNTA5IiwiVE9JRCI6IjA3MTk1MjBjLWM0NDUtNGE5MS05ODQ3LTZlOWM1ZTM2ZTFjMyJ9 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://kfh-04.koco-robot.com/ HTTP 301
- https://kfh-04.koco-robot.com/
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
kfh-04.koco-robot.com/ Redirect Chain
|
828 B 979 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.048636a2f804bc4df083.css
kfh-04.koco-robot.com/ |
213 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.d6c52737d4587c65265f.js
kfh-04.koco-robot.com/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.41024c9a7dec145da7b3.js
kfh-04.koco-robot.com/ |
187 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.606bc0b1b1acc6cafe0e.js
kfh-04.koco-robot.com/ |
2 MB 350 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.258ac2ba39767eabb425.js
kfh-04.koco-robot.com/ |
9 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.microsoftonline.com/tfp/kolektordigital.onmicrosoft.com/b2c_1_signin1/v2.0/.well-known/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/ Redirect Chain
|
46 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.microsoftonline.com/ | Name: x-ms-cpim-rc:91a9a674-bc0d-494c-a3e4-5ed60dbf93b4 Value: OVJWbjg0elYrOHdrMlk3NVNqQmZuQUFGUTE2VGNzTStnMThEcWpmVHdBcWxBTlRFZmtFTHkyNXhnZFFJMzZidG1EUzVrN2taa3VyeVRYQnMzWFlMT3c9PTsyMDIyLTA4LTIxVDEyOjEwOjUwLjA2ODA3NTNaO0ZoWDF6RXZ5YTFuUDdRZTQ0V1gwRVE9PTt7IlRhcmdldEVudGl0eSI6IlNpZ25JbldpdGhMb2dvbk5hbWVFeGNoYW5nZSIsIk9yY2hlc3RyYXRpb25TdGVwIjoyfQ== |
|
.login.microsoftonline.com/ | Name: x-ms-cpim-cache|0y-t5ra_hui5gase66_fcq_0 Value: m1.rMpCnLvUpUozke7+.Pk47cPBgfEsGPBZzYLyY2A==.0.VqRvW4nNSYz+ug4zedx+RECJZJjE9tix8akVUsYv3LP1ZddLKpHLjDVEdDUY4AmpqKEbToo3CcDkWT8y+xX+jm0Ss4E8TaeIdFOQ04YFC3PF8yxe9UOzgMBXjouwMyNM8MMx5VyMFcy5onaHBgDHi8x7fKOJATEQZLrpxcPtw8tXvg0ZGqmwgVJZJfO8dQe19Mn1Mrp2iKBCTHlEuHSdsHcCpfCweMXWjpQreH71WkJJdfDkYnQUsMrFsjcHX9qoxQ5H6biOr/UNWpq07ewwHZeRVIpGbU8s++tMvuTa5vb3K35vmWTYoX97SNevcA0EUlO8BZyUDqbKj3wFWvU88NSzcATxKd9WcscYfNnfhp1pH4M3uacWb04bxEnYmtbVkCYqMUiPNM8+vNcJAKbECFapQo8PgVyIVtIj7DbIp3ZiZkRps+RUUt/H1oPPJ/AUdCpt4aJnwu2ThJ0ikQZOIrAt5hBQJSlPvsYrqpi/LvaHufj5P3Hkmuop4IQlNDoHdPYtqyDBAo5VVlN8aktVscA5+i/SNE1jQLv/5+gJXOAqUZpCa/d9/ZMi39LGhl5S7/gu3ImxEqxCj6k6h0JaPlfdX+lAih8AUxFTCNiUSy7Jbb5cikgBsd3V+F/zrXwwAqmeNaiFozT1NuoNMj0CK1oCqv5jaH0OE3FUqB0xjNzpGhpsy5Dbqqlzz0rawaY/y+EBAnPx+w869T9UcC0/WnpzvTzLYJrcMETEHbOc00nrZzBuhcE2gAG7umXHD46OkNq/4M2HOHZLXfvOSikWuJ/I2sNDqHo2Hh6f8NrWfAdySWaI1JkLxBKYOEMCzel7sczEPobm/ClAfSdzdNeM+JBey+gIIwHAeF10NiSRmNY3qpry1K7Two5QJz7axs8OgDGIGLgOnlYIRqQi2LR8S64SvnLn |
|
.login.microsoftonline.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6ImU1YWQ4ZmQxLTNmMTAtNDgxZC1iOTE4LTBiMDRlYmFmYzUwOSIsIlQiOiJrb2xla3RvcmRpZ2l0YWwub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xX3NpZ25pbjEiLCJDIjoiY2FkMjk5MjEtZTdiMi00MTA4LWJjMGUtZDNiYzdiYjEwZWZiIiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6ImU1YWQ4ZmQxLTNmMTAtNDgxZC1iOTE4LTBiMDRlYmFmYzUwOSJ9 |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: 001-000 |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: cpim_te |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
kfh-04.koco-robot.com
login.microsoftonline.com
2606:4700:3033::6815:1507
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::200a
40.126.26.133
56fe8d62f6968d1660efa03b37da62a8c4cf53acfa6a1a00ea3e2b2f526d74a6
82d57f67ab0814e294462e2fe5effee559d78fd73289214f0b5a9802ed6e3900
82f5c46b62e74508b30c7ce64ae39583bfbfb7a60b6d2e358b0d55f3b3b73f68
851e03842c74996898440f775671f41c8312703468ebf70fe01d740d868e8478
8e62d499f2ca5e3e9b5393ee4d9688c41a515e790aea9dbd69bd2a0e890f0aea
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
b829786ef6d81456941e1b7411a2c679c52793f7b2c14d55366516f5ed6d79d5
c8e81b8e1eb5eb3accaa11754853b6953d2a321bb3574869c988dcf36d517aeb