urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.142.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://idm.endeavourgroup.com.au/ui
Effective URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Submission: On March 12 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 20.190.142.165, located in Melbourne, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 8th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.208.142.236 14618 (AMAZON-AES)
1 2 54.146.111.198 14618 (AMAZON-AES)
2 20.190.142.165 8075 (MICROSOFT...)
8 152.199.39.242 15133 (EDGECAST)
1 20.190.167.18 8075 (MICROSOFT...)
1 13.107.246.31 8075 (MICROSOFT...)
13 5
1    44.208.142.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-142-236.compute-1.amazonaws.com
idm.endeavourgroup.com.au
2    54.146.111.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-111-198.compute-1.amazonaws.com
idm.login.sailpoint.com
2    20.190.142.165 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
8    152.199.39.242 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.167.18 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
8 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 953
293 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
25 KB
2 sailpoint.com
idm.login.sailpoint.com
2 KB
1 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3241
10 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 67
1 endeavourgroup.com.au
idm.endeavourgroup.com.au
791 B
13 6
Domain Requested by
8 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
2 login.microsoftonline.com
2 idm.login.sailpoint.com 1 redirects
1 aadcdn.msftauthimages.net
1 login.live.com login.microsoftonline.com
1 idm.endeavourgroup.com.au 1 redirects
13 6

This site contains links to these domains. Also see Links.

Domain
idm.endeavourgroup.com.au
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.login.sailpoint.com
Amazon RSA 2048 M01		 2023-05-10 -
2024-06-07		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-02-09 -
2025-02-09		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-02-18 -
2025-02-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Frame ID: C6FF7CF693A8AE94CB1CB862022068C2
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://idm.endeavourgroup.com.au/ui HTTP 302
    https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=h... HTTP 302
    https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-... Page URL
  2. https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2 Page URL
  3. https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

330 kB
Transfer

1137 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://idm.endeavourgroup.com.au/ui HTTP 302
    https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=https%3A%2F%2Fidm.endeavourgroup.com.au%2Foauth%2Fcallback&state=RfSVDqnPK3JWPMjUR5b76qBt6hoHeN6ZrN1LWpN0DR3g54CfwZFLabIVRmGTZxyaHMKRVhjsuiCvyiy9UGxi2brt50ntktoiZqoUhIdXR25WIh70HmZdta7qOUXi3CkKVMUrqp4qBzVpWgRamExUoR0SlWebp9WyCMHIwbOz1sJQThVut91NPVZ4ZKscY3Aeac5Lfh0oAWe8Y3oFxA8kv9dxp4FlcKZvKv1Cc8sEWPLvN47F1eFp5kjJFWUmsYMd HTTP 302
    https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae Page URL
  2. https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2 Page URL
  3. https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://idm.endeavourgroup.com.au/ui HTTP 302
  • https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=https%3A%2F%2Fidm.endeavourgroup.com.au%2Foauth%2Fcallback&state=RfSVDqnPK3JWPMjUR5b76qBt6hoHeN6ZrN1LWpN0DR3g54CfwZFLabIVRmGTZxyaHMKRVhjsuiCvyiy9UGxi2brt50ntktoiZqoUhIdXR25WIh70HmZdta7qOUXi3CkKVMUrqp4qBzVpWgRamExUoR0SlWebp9WyCMHIwbOz1sJQThVut91NPVZ4ZKscY3Aeac5Lfh0oAWe8Y3oFxA8kv9dxp4FlcKZvKv1Cc8sEWPLvN47F1eFp5kjJFWUmsYMd HTTP 302
  • https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
idm-sp
idm.login.sailpoint.com/saml/login/alias/
Redirect Chain
  • https://idm.endeavourgroup.com.au/ui
  • https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=https%3A%2F%2Fidm.endeavourgroup.com.au%2Foauth%2Fcallback&state=RfSVDqnPK3JWPMjUR5b76qBt6...
  • https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.111.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-111-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ca22d60953689f0ec4dd3983c1be1be3da71bb9331538f6e13b54208d7f55bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-expose-headers
X-Content-Type-Options,Connection,Pragma,Date,X-Zuul-ServiceId,X-Frame-Options,Strict-Transport-Security,Cache-Control,Retry-After,Set-Cookie,Expires,SLPT-Request-ID,X-XSS-Protection,Content-Length,Content-Type
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 12 Mar 2024 05:43:58 GMT
server
nginx
slpt-request-id
faea6f3d71f44c7190ffc6b30b60fc48
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
x-robots-tag
none noindex

Redirect headers

access-control-expose-headers
X-Content-Type-Options,Connection,Pragma,Date,X-Zuul-ServiceId,X-Frame-Options,Strict-Transport-Security,Cache-Control,Retry-After,Set-Cookie,Expires,SLPT-Request-ID,X-XSS-Protection,Content-Length,Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
date
Tue, 12 Mar 2024 05:43:58 GMT
location
https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae
server
nginx
slpt-request-id
cdeedff0e1324abd971390dde641959f
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-robots-tag
none noindex
saml2
login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.142.165 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b85357443289d3f73d2254aecaddd35bc89cde5c7a7cbd53d6d2903004056242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://idm.login.sailpoint.com
Referer
https://idm.login.sailpoint.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
8804
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 05:43:59 GMT
expires
-1
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+mel"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ms-ests-server
2.1.17445.4 - KRC ProdSlices
x-ms-request-id
caa11d28-1f88-4933-b0e2-8be5bf985800
x-xss-protection
0
BssoInterrupt_Core_3j2JgMBNuZbncq02org-aA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_3j2JgMBNuZbncq02org-aA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7B4) /
Resource Hash
98d49bcbdef69dff2f7de3aa41373d49a77ba926d76f2225bcc4cb12c3c18824

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:43:59 GMT
content-encoding
gzip
content-md5
GX6w53lqPyBAq7INbRlS6g==
age
2539448
x-cache
HIT
content-length
49563
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 18:13:06 GMT
server
ECAcc (nwa/E7B4)
etag
0x8DC299AC3B75EDA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
247bb723-901e-008a-7827-5d0366000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/ 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.142.165 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3d7cee42f51b4de67c1c69ac61c02064f01ff566be501c53556849468915cfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
14872
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 05:43:59 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+mel"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.17445.4 - KRC ProdSlices
x-ms-request-id
a86932da-7a5f-4827-bd01-18ac8da26d00
x-xss-protection
0
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7A2) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
6336117
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (nwa/E7A2)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
879cef38-d01e-008e-019f-3aaf6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_GVfoNPG_FcWzb4W9VLsB8g2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		432 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GVfoNPG_FcWzb4W9VLsB8g2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D0) /
Resource Hash
187b381cabf0eae8cae0a6b55f64f649d0cd72d3c6d745aeec1b38092eaca8fb

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
rAa6EnZkntPu8nIwih3k9g==
age
2584366
x-cache
HIT
content-length
120561
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 18:13:14 GMT
server
ECAcc (nwa/E7D0)
etag
0x8DC299AC882978D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
10b234d8-a01e-0041-0fbf-5ca235000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_vvj87qbis5y0dod6btj8gq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vvj87qbis5y0dod6btj8gq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7A5) /
Resource Hash
3a973aba838a9e3d3892567c9b794de614221125533808cd01b3ae128b271fc7

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
1yUSFoDtbSynmonT826Odw==
age
2584366
x-cache
HIT
content-length
15732
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 21:58:27 GMT
server
ECAcc (nwa/E7A5)
etag
0x8DC29BA3E91D184
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9c6862c6-d01e-00f6-09bf-5c057f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.167.18 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GVfoNPG_FcWzb4W9VLsB8g2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E79D) /
Resource Hash
7883a97ebd109540ce136e370ec22e24a12b637700ed23de5d5f4aafc8644a9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
RJBYEDbU2n7z9BDhDOAniQ==
age
2584363
x-cache
HIT
content-length
54320
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 18:12:38 GMT
server
ECAcc (nwa/E79D)
etag
0x8DC299AB302A0E4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f57f732-901e-001e-01bf-5c4819000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7BE) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
534755
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (nwa/E7BE)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4dbdc72a-501e-0046-7363-6f733b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-gitk-w7drwmnh7je79d94q6owooplyoy-vyhjx1ffhc/logintenantbranding/0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-gitk-w7drwmnh7je79d94q6owooplyoy-vyhjx1ffhc/logintenantbranding/0/bannerlogo?ts=637576694840623695
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eacd60ee4dd146c694f7b46a357cb6c1cbac822e6c2f55e8c158e9d2205894b6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:43:59 GMT
last-modified
Wed, 26 May 2021 23:44:45 GMT
content-md5
xzMM3OSZ09m5FMbDRlZq9A==
etag
0x8D920A03DF0F6E9
x-azure-ref
0oOvvZQAAAACQbYx5co/xS6KpD8Wa2OFmU1lEMDNFREdFMTgwNwA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-cache
TCP_HIT
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
4775bb39-c01e-002a-72d5-73d843000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
9889
convergedlogin_pstringcustomizationhelper_28fcad64e48b749bb559.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_28fcad64e48b749bb559.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GVfoNPG_FcWzb4W9VLsB8g2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7A2) /
Resource Hash
37535c20277f503a292bfa1237f3e10db5ca57c1572d829c150ce9daefe26091

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
Bk4cioYakFymrW4SIJaQRA==
age
2584362
x-cache
HIT
content-length
35809
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 18:12:41 GMT
server
ECAcc (nwa/E7A2)
etag
0x8DC299AB5064015
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2983981d-801e-0053-64bf-5c4413000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7C3) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Mar 2024 05:44:00 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
24727874
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (nwa/E7C3)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
af6c625c-b01e-0031-575a-93e1f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1 boolean| __convergedlogin_pstringcustomizationhelper_28fcad64e48b749bb559

17 Cookies

Domain/Path Name / Value
idm.endeavourgroup.com.au/ Name: AWSALB
Value: Cxlx2He9rbniO4MYgN2X2fBBCQJERip0FaVLQzNehzd9H5L6JQX1ka6qdQLCQcNNCYTi43eLUvJcux0o3/yx5lMP1LHABmY16FpRGirfQgfyrQU2JLdzmYazyH3S
idm.endeavourgroup.com.au/ Name: AWSALBCORS
Value: Cxlx2He9rbniO4MYgN2X2fBBCQJERip0FaVLQzNehzd9H5L6JQX1ka6qdQLCQcNNCYTi43eLUvJcux0o3/yx5lMP1LHABmY16FpRGirfQgfyrQU2JLdzmYazyH3S
idm.endeavourgroup.com.au/ Name: CCSESSIONID
Value: 8A32B0818F760C2A925D1505F8ABC008
idm.login.sailpoint.com/ Name: SLPTLS
Value: NDZlOWRmZGQtYTRlYS00NWZhLTlkOTYtYjY5ODVmMDM3OTU5
idm.login.sailpoint.com/ Name: XSRF-TOKEN
Value: b62db65f-90b2-44fb-91c3-a7bc1d4376c9
.login.microsoftonline.com/ Name: esctx-Kxg48X5hXZg
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8T4omNhmP85KchjX5-I4AJzrI6du1rUQQJTglK5_T_ZwPT6CbXPDptFP5LSV3_zPZRZTacTs_dEMQuz5y_hzQBjQ3SInXDtf445k4SCN9o5t1rmj5ioR9Q3mE0EkAMY5o7j3vwBSEFWhtZxMHszyO7iAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASUACp39lCN42Ei-UAxlWWUMyeyXus2yXcdHoVYFJ3bpuyQlAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8Stf5yRpfAqAW9XQsaPRGd9fuiypzL3E-X-kyLWZ9Kq08J5xAVD10CZDHGdUaG3O-zCImxy3GYJ9ZiuAOXyy70XFWNKn6BAqgp2edCrwF7ykgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nn1blsGCRjsz1u_U0e4A1Vx6vWd-epXcRcMMBeOhESM0unXbIW73nG3-iFJvh8SCRt9yo0i9BxkPv3-HV3aiIKd8wRRiAaXUJJxwSQ6kyMQY-giegxl4xr2Tmeb0akya7XDlgqm-9e60xiqBx-eqOxMDUS28FNHo4pOuq4JxEbIgAA
.login.microsoftonline.com/ Name: esctx-I5JEGX99uJY
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8tvrCTZ0xfbU6e6X8Gcean_u90tS7fMVEfSKNZnejNViUNUl6elIDAak2gdHFTFB_sxK5wreNnUg9gUeFawUG5GD3MGqj3d2j6YxxfXFsBXzRVcFEy5XQZ5UHjTg7W3YPhrREnXbawTV4VAMvQoIfJyAA
login.microsoftonline.com/ Name: fpc
Value: ApTXaXTFNn1LvDbQ3OigeJs74sj3AQAAAJ7igd0OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: a201597a9fdf439aa7fd1fbcbff599c4
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1710222240&co=1

2 Console Messages

Source Level URL
Text
other warning URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains