![](/screenshots/70353b42-08f6-4ce0-bb79-193ec9c074b5.png)
login.microsoftonline.com
Open in
urlscan Pro
20.190.142.165
Public Scan
Effective URL: https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Submission: On March 12 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 8th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 44.208.142.236 44.208.142.236 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 2 | 54.146.111.198 54.146.111.198 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 20.190.142.165 20.190.142.165 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
8 | 152.199.39.242 152.199.39.242 | 15133 (EDGECAST) (EDGECAST) | |
1 | 20.190.167.18 20.190.167.18 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 13.107.246.31 13.107.246.31 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 5 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-142-236.compute-1.amazonaws.com
idm.endeavourgroup.com.au |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-111-198.compute-1.amazonaws.com
idm.login.sailpoint.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 953 |
293 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
25 KB |
2 |
sailpoint.com
1 redirects
idm.login.sailpoint.com |
2 KB |
1 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3241 |
10 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 67 |
|
1 |
endeavourgroup.com.au
1 redirects
idm.endeavourgroup.com.au |
791 B |
13 | 6 |
Domain | Requested by | |
---|---|---|
8 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
2 | login.microsoftonline.com | |
2 | idm.login.sailpoint.com | 1 redirects |
1 | aadcdn.msftauthimages.net | |
1 | login.live.com |
login.microsoftonline.com
|
1 | idm.endeavourgroup.com.au | 1 redirects |
13 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
idm.endeavourgroup.com.au |
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.login.sailpoint.com Amazon RSA 2048 M01 |
2023-05-10 - 2024-06-07 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-02-08 - 2025-02-08 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-02-09 - 2025-02-09 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 07 |
2024-02-18 - 2025-02-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true
Frame ID: C6FF7CF693A8AE94CB1CB862022068C2
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/70353b42-08f6-4ce0-bb79-193ec9c074b5.png)
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://idm.endeavourgroup.com.au/ui
HTTP 302
https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=h... HTTP 302
https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-... Page URL
- https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2 Page URL
- https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Single Sign On Portal
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://idm.endeavourgroup.com.au/ui
HTTP 302
https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=https%3A%2F%2Fidm.endeavourgroup.com.au%2Foauth%2Fcallback&state=RfSVDqnPK3JWPMjUR5b76qBt6hoHeN6ZrN1LWpN0DR3g54CfwZFLabIVRmGTZxyaHMKRVhjsuiCvyiy9UGxi2brt50ntktoiZqoUhIdXR25WIh70HmZdta7qOUXi3CkKVMUrqp4qBzVpWgRamExUoR0SlWebp9WyCMHIwbOz1sJQThVut91NPVZ4ZKscY3Aeac5Lfh0oAWe8Y3oFxA8kv9dxp4FlcKZvKv1Cc8sEWPLvN47F1eFp5kjJFWUmsYMd HTTP 302
https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae Page URL
- https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2 Page URL
- https://login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/saml2?sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://idm.endeavourgroup.com.au/ui HTTP 302
- https://idm.login.sailpoint.com/oauth/authorize?response_type=code&client_id=9MHfEgNeWu94XgXL&redirect_uri=https%3A%2F%2Fidm.endeavourgroup.com.au%2Foauth%2Fcallback&state=RfSVDqnPK3JWPMjUR5b76qBt6hoHeN6ZrN1LWpN0DR3g54CfwZFLabIVRmGTZxyaHMKRVhjsuiCvyiy9UGxi2brt50ntktoiZqoUhIdXR25WIh70HmZdta7qOUXi3CkKVMUrqp4qBzVpWgRamExUoR0SlWebp9WyCMHIwbOz1sJQThVut91NPVZ4ZKscY3Aeac5Lfh0oAWe8Y3oFxA8kv9dxp4FlcKZvKv1Cc8sEWPLvN47F1eFp5kjJFWUmsYMd HTTP 302
- https://idm.login.sailpoint.com/saml/login/alias/idm-sp?idp=https://sts.windows.net/94fd9d0a-7823-48d8-be50-0c6559650cc9/&relaystate=033e3044-a046-4926-989b-8226b0b25aae
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
idm-sp
idm.login.sailpoint.com/saml/login/alias/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
saml2
login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_3j2JgMBNuZbncq02org-aA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
saml2
login.microsoftonline.com/94fd9d0a-7823-48d8-be50-0c6559650cc9/ |
39 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
110 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_GVfoNPG_FcWzb4W9VLsB8g2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
432 KB 118 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_vvj87qbis5y0dod6btj8gq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
54 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 838 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-gitk-w7drwmnh7je79d94q6owooplyoy-vyhjx1ffhc/logintenantbranding/0/ |
10 KB 10 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_28fcad64e48b749bb559.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 774 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1 boolean| __convergedlogin_pstringcustomizationhelper_28fcad64e48b749bb55917 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
idm.endeavourgroup.com.au/ | Name: AWSALB Value: Cxlx2He9rbniO4MYgN2X2fBBCQJERip0FaVLQzNehzd9H5L6JQX1ka6qdQLCQcNNCYTi43eLUvJcux0o3/yx5lMP1LHABmY16FpRGirfQgfyrQU2JLdzmYazyH3S |
|
idm.endeavourgroup.com.au/ | Name: AWSALBCORS Value: Cxlx2He9rbniO4MYgN2X2fBBCQJERip0FaVLQzNehzd9H5L6JQX1ka6qdQLCQcNNCYTi43eLUvJcux0o3/yx5lMP1LHABmY16FpRGirfQgfyrQU2JLdzmYazyH3S |
|
idm.endeavourgroup.com.au/ | Name: CCSESSIONID Value: 8A32B0818F760C2A925D1505F8ABC008 |
|
idm.login.sailpoint.com/ | Name: SLPTLS Value: NDZlOWRmZGQtYTRlYS00NWZhLTlkOTYtYjY5ODVmMDM3OTU5 |
|
idm.login.sailpoint.com/ | Name: XSRF-TOKEN Value: b62db65f-90b2-44fb-91c3-a7bc1d4376c9 |
|
.login.microsoftonline.com/ | Name: esctx-Kxg48X5hXZg Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8T4omNhmP85KchjX5-I4AJzrI6du1rUQQJTglK5_T_ZwPT6CbXPDptFP5LSV3_zPZRZTacTs_dEMQuz5y_hzQBjQ3SInXDtf445k4SCN9o5t1rmj5ioR9Q3mE0EkAMY5o7j3vwBSEFWhtZxMHszyO7iAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.ASUACp39lCN42Ei-UAxlWWUMyeyXus2yXcdHoVYFJ3bpuyQlAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8Stf5yRpfAqAW9XQsaPRGd9fuiypzL3E-X-kyLWZ9Kq08J5xAVD10CZDHGdUaG3O-zCImxy3GYJ9ZiuAOXyy70XFWNKn6BAqgp2edCrwF7ykgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nn1blsGCRjsz1u_U0e4A1Vx6vWd-epXcRcMMBeOhESM0unXbIW73nG3-iFJvh8SCRt9yo0i9BxkPv3-HV3aiIKd8wRRiAaXUJJxwSQ6kyMQY-giegxl4xr2Tmeb0akya7XDlgqm-9e60xiqBx-eqOxMDUS28FNHo4pOuq4JxEbIgAA |
|
.login.microsoftonline.com/ | Name: esctx-I5JEGX99uJY Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8tvrCTZ0xfbU6e6X8Gcean_u90tS7fMVEfSKNZnejNViUNUl6elIDAak2gdHFTFB_sxK5wreNnUg9gUeFawUG5GD3MGqj3d2j6YxxfXFsBXzRVcFEy5XQZ5UHjTg7W3YPhrREnXbawTV4VAMvQoIfJyAA |
|
login.microsoftonline.com/ | Name: fpc Value: ApTXaXTFNn1LvDbQ3OigeJs74sj3AQAAAJ7igd0OAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: a201597a9fdf439aa7fd1fbcbff599c4 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1710222240&co=1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 ; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
idm.endeavourgroup.com.au
idm.login.sailpoint.com
login.live.com
login.microsoftonline.com
13.107.246.31
152.199.39.242
20.190.142.165
20.190.167.18
44.208.142.236
54.146.111.198
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
187b381cabf0eae8cae0a6b55f64f649d0cd72d3c6d745aeec1b38092eaca8fb
37535c20277f503a292bfa1237f3e10db5ca57c1572d829c150ce9daefe26091
3a973aba838a9e3d3892567c9b794de614221125533808cd01b3ae128b271fc7
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
7883a97ebd109540ce136e370ec22e24a12b637700ed23de5d5f4aafc8644a9b
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
98d49bcbdef69dff2f7de3aa41373d49a77ba926d76f2225bcc4cb12c3c18824
b85357443289d3f73d2254aecaddd35bc89cde5c7a7cbd53d6d2903004056242
ca22d60953689f0ec4dd3983c1be1be3da71bb9331538f6e13b54208d7f55bcf
e3d7cee42f51b4de67c1c69ac61c02064f01ff566be501c53556849468915cfe
eacd60ee4dd146c694f7b46a357cb6c1cbac822e6c2f55e8c158e9d2205894b6