![](/screenshots/74aa2c30-5351-4da0-abf8-564f87def0d3.png)
login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:148::7
Public Scan
Effective URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=bc9d8487-53f6-418d-bdce-7ed...
Submission Tags: falconsandbox
Submission: On June 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 104.45.219.135 104.45.219.135 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a02:26f0:480... 2a02:26f0:480:25::1726:620d | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2603:1026:300... 2603:1026:3000:148::10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2603:1026:300... 2603:1026:3000:148::7 | () () | |
1 | 20.50.88.238 20.50.88.238 | () () | |
13 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hits.microsoft.com |
ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
14 KB |
4 |
microsoft.com
hits.microsoft.com |
1 MB |
1 |
visualstudio.com
dc.services.visualstudio.com Failed |
|
1 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 273 |
36 KB |
0 |
msftauth.net
Failed
aadcdn.msftauth.net Failed |
|
13 | 5 |
Domain | Requested by | |
---|---|---|
5 | login.microsoftonline.com |
hits.microsoft.com
|
4 | hits.microsoft.com |
hits.microsoft.com
|
1 | dc.services.visualstudio.com |
hits.microsoft.com
|
1 | res-1.cdn.office.net |
hits.microsoft.com
|
0 | aadcdn.msftauth.net Failed |
login.microsoftonline.com
|
13 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hits.microsoft.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-03-25 - 2025-03-20 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2024-02-20 - 2025-02-20 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-04-10 - 2025-04-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=bc9d8487-53f6-418d-bdce-7ed1f265c33a&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fhits.microsoft.com&client-request-id=a770aa71-ab5c-4a8e-9c51-93b795117ec2&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.33.0&client_info=1&code_challenge=bYonSFkxdZx9cPcwSzPsvvP8kbdkqxlC23vcXAldl5I&code_challenge_method=S256&nonce=7a30ce67-de5f-4bcf-b415-7165dd9b6eb9&state=eyJpZCI6IjYzOTFiZWE0LTE2MzMtNGNlNy1hNDVkLWIwNGFlYzI2NWQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: 6559495F27FA9D47684861AFCCE3D30C
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/74aa2c30-5351-4da0-abf8-564f87def0d3.png)
Page URL History Show full URLs
-
http://hits.microsoft.com/
HTTP 307
https://hits.microsoft.com/ Page URL
- https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=bc9d848... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hits.microsoft.com/
HTTP 307
https://hits.microsoft.com/ Page URL
- https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=bc9d8487-53f6-418d-bdce-7ed1f265c33a&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fhits.microsoft.com&client-request-id=a770aa71-ab5c-4a8e-9c51-93b795117ec2&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.33.0&client_info=1&code_challenge=bYonSFkxdZx9cPcwSzPsvvP8kbdkqxlC23vcXAldl5I&code_challenge_method=S256&nonce=7a30ce67-de5f-4bcf-b415-7165dd9b6eb9&state=eyJpZCI6IjYzOTFiZWE0LTE2MzMtNGNlNy1hNDVkLWIwNGFlYzI2NWQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://hits.microsoft.com/ HTTP 307
- https://hits.microsoft.com/
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
hits.microsoft.com/ Redirect Chain
|
889 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-47c47cd6.js
hits.microsoft.com/assets/ |
1 MB 1 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hits-logo-ef2b8825.svg
hits.microsoft.com/assets/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instance
login.microsoftonline.com/common/discovery/ |
980 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
instance
login.microsoftonline.com/common/discovery/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon-c5863c56.ico
hits.microsoft.com/assets/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0/.well-known/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
openid-configuration
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0/.well-known/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
authorize
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
track
dc.services.visualstudio.com/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dc.services.visualstudio.com
- URL
- https://dc.services.visualstudio.com/v2/track
- Domain
- aadcdn.msftauth.net
- URL
- https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hits.microsoft.com/ | Name: ai_user Value: ecRhhslfwSpiWCgqUP7AdV|2024-06-20T08:37:35.902Z |
|
hits.microsoft.com/ | Name: ai_session Value: zFPoxUkr9kql80cRQ44jHH|1718872655938|1718872655938 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000;includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
dc.services.visualstudio.com
hits.microsoft.com
login.microsoftonline.com
res-1.cdn.office.net
aadcdn.msftauth.net
dc.services.visualstudio.com
104.45.219.135
20.50.88.238
2603:1026:3000:148::10
2603:1026:3000:148::7
2a02:26f0:480:25::1726:620d
0bc66bfe3b29a7b11c80245bec4acbf3e4cd5a5ae60a20d51220bb88013f976c
193b4d4136ce11ed6fecb253a87e9dc27c292f8a040d77f4972115e1272086a6
4f050e19e2fe1eb7051fe112a875058aa3e8a1c6384b124731b26a69e932d083
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
ef2b8825887ac8b0afbaf51d9224bfb0cc5e90b1519725cbb15dc82efb196795
f47679e0cdf46772c5f426b1a92ab78c7a986dd3a0382dae9f3c3b62e35d57bb