login.microsoftonline.com
Open in
urlscan Pro
20.190.159.22
Public Scan
Submitted URL: https://empowerbt.com/notifications/open/230821/
Effective URL: https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-0000-0000-c000-00000000...
Submission: On January 25 via manual from GB — Scanned from GB
Effective URL: https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-0000-0000-c000-00000000...
Submission: On January 25 via manual from GB — Scanned from GB
Summary
This website contacted 8 IPs
in 4 countries
across 10 domains to perform 19 HTTP transactions.
The main IP is 20.190.159.22, located in
Dublin, Ireland and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 21.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 6 | 20.68.204.133 20.68.204.133 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2a00:1450:400... 2a00:1450:400d:802::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 3 | 51.104.28.65 51.104.28.65 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 40.126.32.6 40.126.32.6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 40.126.32.129 40.126.32.129 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 20.190.159.22 20.190.159.22 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 5 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 40.126.31.68 40.126.31.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2620:1ec:4f:1... 2620:1ec:4f:1::44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 19 | 8 |
3
51.104.28.65
(London, United Kingdom)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| identity.apinternal.com |
1
40.126.32.6
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| myapps.microsoft.com |
1
40.126.32.129
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| account.activedirectory.windowsazure.com |
2
20.190.159.22
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
2
2620:1ec:4f:1::44
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| aadcdn.msftauthimages.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
empowerbt.com
empowerbt.com |
1 MB |
| 5 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1164 |
177 KB |
| 3 |
apinternal.com
2 redirects
identity.apinternal.com |
3 KB |
| 2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3203 |
18 KB |
| 2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 21 |
108 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 77 |
|
| 1 |
windowsazure.com
1 redirects
account.activedirectory.windowsazure.com — Cisco Umbrella Rank: 4874 |
3 KB |
| 1 |
microsoft.com
1 redirects
myapps.microsoft.com — Cisco Umbrella Rank: 10504 |
636 B |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
| 0 |
sentry.io
Failed
o511220.ingest.sentry.io Failed |
|
| 19 | 10 |
| Domain | Requested by | |
|---|---|---|
| 6 | empowerbt.com |
empowerbt.com
|
| 5 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
| 3 | identity.apinternal.com |
2 redirects
empowerbt.com
|
| 2 | aadcdn.msftauthimages.net | |
| 2 | login.microsoftonline.com |
empowerbt.com
login.microsoftonline.com |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | account.activedirectory.windowsazure.com | 1 redirects |
| 1 | myapps.microsoft.com | 1 redirects |
| 1 | fonts.googleapis.com |
empowerbt.com
|
| 0 | o511220.ingest.sentry.io Failed |
empowerbt.com
|
| 19 | 10 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.empowerbt.com Go Daddy Secure Certificate Authority - G2 |
2022-05-18 - 2023-05-18 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
| *.apinternal.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-27 - 2023-07-28 |
a year | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-12-01 - 2023-12-01 |
a year | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
| aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 05 |
2022-12-23 - 2023-12-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-0000-0000-c000-000000000000&redirect_uri=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2F&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DAQAAAAMAAAAIVGVuYW50SWSrAW9lQlYxdVc2MERpclYtbmZPZ2hMVW80V0VYT2d3YnJ4Y1FPYlk5RHlQRWRBQjhLZkxvLXFHSTN2Uk1mSTEtMWUxWmI5UjJ1Y0M5aGxnX2dpY2ZCQVVqYXhyNHltY29IVFNCTU92aEJuSXJMQzNKSnFEYmNrb0RkWTByYjJIRmxXTm5qcnYyLXY4cy03NGRkbHVnUXRFOEEyMXhLYWsyUDFCd1VCdGJ2dlVGdwkucmVkaXJlY3SaAmh0dHBzOi8vYWNjb3VudC5hY3RpdmVkaXJlY3Rvcnkud2luZG93c2F6dXJlLmNvbS9hcHBsaWNhdGlvbnMvcmVkaXJlY3R0b2FwcGxpY2F0aW9uLmFzcHg_T3BlcmF0aW9uPUxpbmtlZFNpZ25JbiZhcHBsaWNhdGlvbklkPTYyNGMyOTRjLWFhODQtNGMyNS04Mzc0LWZlNzllZDIzNjcxMyZ0ZW5hbnRJZD1hN2YzNTY4OC05YzAwLTRkNWUtYmE0MS0yOWYxNDYzNzdhYjAmUmVsYXlTdGF0ZT1odHRwcyUzYSUyZiUyZmVtcG93ZXJidC5jb20lMmZub3RpZmljYXRpb25zJTJmb3BlbiUyZjIzMDgyMSUyZh5PcGVuSWRDb25uZWN0LkNvZGUuUmVkaXJlY3RVcmnAAXAxYWpiQWpZUms2RlZLRVZoMDF6aksxOWRHNGJkeUlMdHJ0T1gwZzFOZWg3Mm1DWURPeFZObkZqNHo5SnFpblFhTC1ObXBCRHlveEk3RlpuYVBZWllOVWYzeTh5ckh4VUNTSVg1M191eGUtS0pqVVNoRkd5TktjaklucVdPcDRlcE9vMEk3LU9VdWpRUUhudzRYM0J4RW1hTlNkaHVDR2YyYjljRHZLcjVMZmV1MUduYXlZY2R6X0tRd2RHQ0Z6WA&nonce=1674645432.sJeibcBXqEosciecuADLaA&nux=1&sso_reload=true
Frame ID: 6277EF2806B23CE9C88F9A17AFBA8A1B
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
- https://empowerbt.com/notifications/open/230821/ Page URL
-
https://identity.apinternal.com/connect/authorize?client_id=processengine.dashboard&redirect_uri=https%3A%2F...
HTTP 302
https://identity.apinternal.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dproc... HTTP 302
https://myapps.microsoft.com/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41... HTTP 302
https://account.activedirectory.windowsazure.com/applications/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9... HTTP 302
https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-000... Page URL
- https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-000... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/en-GB/servicesagreement/
Title: Terms of use
Title: Terms of use
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/en-GB/privacystatement
Title: Privacy & cookies
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://empowerbt.com/notifications/open/230821/ Page URL
-
https://identity.apinternal.com/connect/authorize?client_id=processengine.dashboard&redirect_uri=https%3A%2F%2Fempowerbt.com%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20processengineuserapiaccess%20processengineserviceapiaccess%20searchapiaccess%20appapiaccess%20caseapiaccess%20configurationapiaccess%20workflowtrackingapiaccess%20processenginedocumentserviceapiaccess%20processengineknowledgeportalapiaccess&state=8333a8f1c07c48b48e1a2eee5dd45943&nonce=eb46e2a88b934be7b4c67ffa1a713f77
HTTP 302
https://identity.apinternal.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dprocessengine.dashboard%26redirect_uri%3Dhttps%253A%252F%252Fempowerbt.com%252Fsignin%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520processengineuserapiaccess%2520processengineserviceapiaccess%2520searchapiaccess%2520appapiaccess%2520caseapiaccess%2520configurationapiaccess%2520workflowtrackingapiaccess%2520processenginedocumentserviceapiaccess%2520processengineknowledgeportalapiaccess%26state%3D8333a8f1c07c48b48e1a2eee5dd45943%26nonce%3Deb46e2a88b934be7b4c67ffa1a713f77 HTTP 302
https://myapps.microsoft.com/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f230821%2f HTTP 302
https://account.activedirectory.windowsazure.com/applications/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f230821%2f HTTP 302
https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-0000-0000-c000-000000000000&redirect_uri=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2F&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DAQAAAAMAAAAIVGVuYW50SWSrAW9lQlYxdVc2MERpclYtbmZPZ2hMVW80V0VYT2d3YnJ4Y1FPYlk5RHlQRWRBQjhLZkxvLXFHSTN2Uk1mSTEtMWUxWmI5UjJ1Y0M5aGxnX2dpY2ZCQVVqYXhyNHltY29IVFNCTU92aEJuSXJMQzNKSnFEYmNrb0RkWTByYjJIRmxXTm5qcnYyLXY4cy03NGRkbHVnUXRFOEEyMXhLYWsyUDFCd1VCdGJ2dlVGdwkucmVkaXJlY3SaAmh0dHBzOi8vYWNjb3VudC5hY3RpdmVkaXJlY3Rvcnkud2luZG93c2F6dXJlLmNvbS9hcHBsaWNhdGlvbnMvcmVkaXJlY3R0b2FwcGxpY2F0aW9uLmFzcHg_T3BlcmF0aW9uPUxpbmtlZFNpZ25JbiZhcHBsaWNhdGlvbklkPTYyNGMyOTRjLWFhODQtNGMyNS04Mzc0LWZlNzllZDIzNjcxMyZ0ZW5hbnRJZD1hN2YzNTY4OC05YzAwLTRkNWUtYmE0MS0yOWYxNDYzNzdhYjAmUmVsYXlTdGF0ZT1odHRwcyUzYSUyZiUyZmVtcG93ZXJidC5jb20lMmZub3RpZmljYXRpb25zJTJmb3BlbiUyZjIzMDgyMSUyZh5PcGVuSWRDb25uZWN0LkNvZGUuUmVkaXJlY3RVcmnAAXAxYWpiQWpZUms2RlZLRVZoMDF6aksxOWRHNGJkeUlMdHJ0T1gwZzFOZWg3Mm1DWURPeFZObkZqNHo5SnFpblFhTC1ObXBCRHlveEk3RlpuYVBZWllOVWYzeTh5ckh4VUNTSVg1M191eGUtS0pqVVNoRkd5TktjaklucVdPcDRlcE9vMEk3LU9VdWpRUUhudzRYM0J4RW1hTlNkaHVDR2YyYjljRHZLcjVMZmV1MUduYXlZY2R6X0tRd2RHQ0Z6WA&nonce=1674645432.sJeibcBXqEosciecuADLaA&nux=1 Page URL
- https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-0000-0000-c000-000000000000&redirect_uri=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2F&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DAQAAAAMAAAAIVGVuYW50SWSrAW9lQlYxdVc2MERpclYtbmZPZ2hMVW80V0VYT2d3YnJ4Y1FPYlk5RHlQRWRBQjhLZkxvLXFHSTN2Uk1mSTEtMWUxWmI5UjJ1Y0M5aGxnX2dpY2ZCQVVqYXhyNHltY29IVFNCTU92aEJuSXJMQzNKSnFEYmNrb0RkWTByYjJIRmxXTm5qcnYyLXY4cy03NGRkbHVnUXRFOEEyMXhLYWsyUDFCd1VCdGJ2dlVGdwkucmVkaXJlY3SaAmh0dHBzOi8vYWNjb3VudC5hY3RpdmVkaXJlY3Rvcnkud2luZG93c2F6dXJlLmNvbS9hcHBsaWNhdGlvbnMvcmVkaXJlY3R0b2FwcGxpY2F0aW9uLmFzcHg_T3BlcmF0aW9uPUxpbmtlZFNpZ25JbiZhcHBsaWNhdGlvbklkPTYyNGMyOTRjLWFhODQtNGMyNS04Mzc0LWZlNzllZDIzNjcxMyZ0ZW5hbnRJZD1hN2YzNTY4OC05YzAwLTRkNWUtYmE0MS0yOWYxNDYzNzdhYjAmUmVsYXlTdGF0ZT1odHRwcyUzYSUyZiUyZmVtcG93ZXJidC5jb20lMmZub3RpZmljYXRpb25zJTJmb3BlbiUyZjIzMDgyMSUyZh5PcGVuSWRDb25uZWN0LkNvZGUuUmVkaXJlY3RVcmnAAXAxYWpiQWpZUms2RlZLRVZoMDF6aksxOWRHNGJkeUlMdHJ0T1gwZzFOZWg3Mm1DWURPeFZObkZqNHo5SnFpblFhTC1ObXBCRHlveEk3RlpuYVBZWllOVWYzeTh5ckh4VUNTSVg1M191eGUtS0pqVVNoRkd5TktjaklucVdPcDRlcE9vMEk3LU9VdWpRUUhudzRYM0J4RW1hTlNkaHVDR2YyYjljRHZLcjVMZmV1MUduYXlZY2R6X0tRd2RHQ0Z6WA&nonce=1674645432.sJeibcBXqEosciecuADLaA&nux=1&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://identity.apinternal.com/connect/authorize?client_id=processengine.dashboard&redirect_uri=https%3A%2F%2Fempowerbt.com%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20processengineuserapiaccess%20processengineserviceapiaccess%20searchapiaccess%20appapiaccess%20caseapiaccess%20configurationapiaccess%20workflowtrackingapiaccess%20processenginedocumentserviceapiaccess%20processengineknowledgeportalapiaccess&state=8333a8f1c07c48b48e1a2eee5dd45943&nonce=eb46e2a88b934be7b4c67ffa1a713f77 HTTP 302
- https://identity.apinternal.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dprocessengine.dashboard%26redirect_uri%3Dhttps%253A%252F%252Fempowerbt.com%252Fsignin%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520processengineuserapiaccess%2520processengineserviceapiaccess%2520searchapiaccess%2520appapiaccess%2520caseapiaccess%2520configurationapiaccess%2520workflowtrackingapiaccess%2520processenginedocumentserviceapiaccess%2520processengineknowledgeportalapiaccess%26state%3D8333a8f1c07c48b48e1a2eee5dd45943%26nonce%3Deb46e2a88b934be7b4c67ffa1a713f77 HTTP 302
- https://myapps.microsoft.com/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f230821%2f HTTP 302
- https://account.activedirectory.windowsazure.com/applications/signin/624c294c-aa84-4c25-8374-fe79ed236713?tenantId=a7f35688-9c00-4d5e-ba41-29f146377ab0&RelayState=https%3a%2f%2fempowerbt.com%2fnotifications%2fopen%2f230821%2f HTTP 302
- https://login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/authorize?client_id=0000000c-0000-0000-c000-000000000000&redirect_uri=https%3A%2F%2Faccount.activedirectory.windowsazure.com%2F&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DAQAAAAMAAAAIVGVuYW50SWSrAW9lQlYxdVc2MERpclYtbmZPZ2hMVW80V0VYT2d3YnJ4Y1FPYlk5RHlQRWRBQjhLZkxvLXFHSTN2Uk1mSTEtMWUxWmI5UjJ1Y0M5aGxnX2dpY2ZCQVVqYXhyNHltY29IVFNCTU92aEJuSXJMQzNKSnFEYmNrb0RkWTByYjJIRmxXTm5qcnYyLXY4cy03NGRkbHVnUXRFOEEyMXhLYWsyUDFCd1VCdGJ2dlVGdwkucmVkaXJlY3SaAmh0dHBzOi8vYWNjb3VudC5hY3RpdmVkaXJlY3Rvcnkud2luZG93c2F6dXJlLmNvbS9hcHBsaWNhdGlvbnMvcmVkaXJlY3R0b2FwcGxpY2F0aW9uLmFzcHg_T3BlcmF0aW9uPUxpbmtlZFNpZ25JbiZhcHBsaWNhdGlvbklkPTYyNGMyOTRjLWFhODQtNGMyNS04Mzc0LWZlNzllZDIzNjcxMyZ0ZW5hbnRJZD1hN2YzNTY4OC05YzAwLTRkNWUtYmE0MS0yOWYxNDYzNzdhYjAmUmVsYXlTdGF0ZT1odHRwcyUzYSUyZiUyZmVtcG93ZXJidC5jb20lMmZub3RpZmljYXRpb25zJTJmb3BlbiUyZjIzMDgyMSUyZh5PcGVuSWRDb25uZWN0LkNvZGUuUmVkaXJlY3RVcmnAAXAxYWpiQWpZUms2RlZLRVZoMDF6aksxOWRHNGJkeUlMdHJ0T1gwZzFOZWg3Mm1DWURPeFZObkZqNHo5SnFpblFhTC1ObXBCRHlveEk3RlpuYVBZWllOVWYzeTh5ckh4VUNTSVg1M191eGUtS0pqVVNoRkd5TktjaklucVdPcDRlcE9vMEk3LU9VdWpRUUhudzRYM0J4RW1hTlNkaHVDR2YyYjljRHZLcjVMZmV1MUduYXlZY2R6X0tRd2RHQ0Z6WA&nonce=1674645432.sJeibcBXqEosciecuADLaA&nux=1
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
empowerbt.com/notifications/open/230821/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.js
empowerbt.com/ |
1 KB 991 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2.1da6b0cf.chunk.css
empowerbt.com/static/css/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.5272d301.chunk.css
empowerbt.com/static/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2.70c5343a.chunk.js
empowerbt.com/static/js/ |
3 MB 791 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.b52ad7ac.chunk.js
empowerbt.com/static/js/ |
2 MB 297 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
openid-configuration
identity.apinternal.com/.well-known/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authorize
login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/ Redirect Chain
|
152 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
/
o511220.ingest.sentry.io/api/6269530/envelope/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/a7f35688-9c00-4d5e-ba41-29f146377ab0/oauth2/ |
207 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
391 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-en-gb.min_z8_wtfamgyysa5i9jiyvva2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-0k0wnld7xt1xgmba8a3eh-r87nnzsewzxha2rfq1bxo/logintenantbranding/0/ |
10 KB 10 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-0k0wnld7xt1xgmba8a3eh-r87nnzsewzxha2rfq1bxo/logintenantbranding/0/ |
8 KB 8 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 807 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- o511220.ingest.sentry.io
- URL
- https://o511220.ingest.sentry.io/api/6269530/envelope/?sentry_key=afc16536b2ca4b0bac7d253a1aa70414&sentry_version=7
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_442ad4dbc9101c033d3319 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .identity.apinternal.com/ | Name: ARRAffinity Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9 |
|
| .identity.apinternal.com/ | Name: ARRAffinitySameSite Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9 |
|
| identity.apinternal.com/ | Name: .AspNetCore.Session Value: CfDJ8A1EhI7fOShHqtDDYzrdzG9CdoycO8YdENheIOlcc%2B0dGuqaUkiqxTn%2FG53O2pUCs%2FTwqfHkLbOHCSuuxReE%2BTMvnBBMNP9BegNfX0iVUs5pYwNHbiyOQjXdGPjkDI8t1XH0wliLmT1%2FLkGY7cE9Vm7oaYMaRhCTNQpO2QwAa9aC |
|
| myapps.microsoft.com/ | Name: BOX.SessionCacheKey.SessID Value: 74731319-ef67-4585-b286-511b0ada6e36 |
|
| account.activedirectory.windowsazure.com/ | Name: flt Value: 0 |
|
| account.activedirectory.windowsazure.com/ | Name: BOX.SessionCacheKey.SessID Value: f22e9544-c649-4a0d-a2e0-d5a8e7cc3125 |
|
| account.activedirectory.windowsazure.com/ | Name: x-server Value: WEU |
|
| account.activedirectory.windowsazure.com/ | Name: gatewaydc Value: ams2 |
|
| account.activedirectory.windowsazure.com/ | Name: OpenIdConnect.nonce.OpenIdConnect Value: QVFBQUFBRUFBQUFCVHFzQk4yZGhNbTkwTmpoeWVVZHdiVUZrYTFaTlRFcEJaVFJxZFdSelQwSXdPVnBJTm5sT1gyVTFPVXBxU1RONVdqaHBVazR4Tm1nMFFqZG1OVUpCWmpkMVExTktNVE0zVXpVNFMybG9kMmd6TVVkRVozUmFSMWMxUzJsNlQySlJPRGQ1VURsVGNUWlRjRTl4VmtGTFRHTlBUelZtYUc1VWNVSm9aWHBYUjFkWk5GSk5iRVpZTVZaRFp6Qm1hMGRDVTBkUFJVUjZiR0pRYWtZNGRXMUtNRlZwUWt0cU1YQkhPVTkzVmtWag%3D%3D |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AQsAiFbzpwCcXk26QSnxRjd6sAwAAAAAAAAAwAAAAAAAAAALAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr2v0myVRlwN-oWvsEKm9qyvGwe4Ked4iXGkLihfn1px_q_-TDLsFQNZvlxToFO7CoXE9g90MNxn37AiW4mawqtcdCnoycRfyhLOzkb1RASAsgAA |
|
| login.microsoftonline.com/ | Name: fpc Value: AonpFXjbI7NLsRtRnkcKMKbbQZhZAQAAALcGY9sOAAAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr_YkbkAJuXb_-u9um4YNxPhhtToF8bC6fyD_4Q0uNJAfGrvd289FjxseBthazmAQndviacviU89qBiU_uTDFti5id0ZSVdXAZEISa9Y441POTAJqH76zc3AfpZa_BBCT_f_3_ygI2BEs750ak9GSirYuamUFVAkTWh5na_QiUjEYgAA |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: 85c7984c04814b4aa2e409b9ede7dd3e |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1674645432&co=1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
account.activedirectory.windowsazure.com
empowerbt.com
fonts.googleapis.com
identity.apinternal.com
login.live.com
login.microsoftonline.com
myapps.microsoft.com
o511220.ingest.sentry.io
o511220.ingest.sentry.io
152.199.23.37
20.190.159.22
20.68.204.133
2620:1ec:4f:1::44
2a00:1450:400d:802::200a
40.126.31.68
40.126.32.129
40.126.32.6
51.104.28.65
070fed15a92a1ce675d13b33655a7a03bab5831e05503a52c56429d3205e8c98
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea
44844525cd189cba5616c06f78285194690c745e4ecb142750c2644edf128739
485a913f4ee91726e59429bce7ffaaf6ad4eb31ebcd76033cd2031d688b190f2
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993
8b14952e33df7d466c92199f81bd6fd952ae7415a251197aa752226931bd95f0
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9b5e107be4032a661c59081b9a20aac2f0d79938c0c00f31373bd0ed99ad19d7
a2a94a6aaa575cdb5c4c42fe645685e9ae792a3471a571fccc27807071b7a350
af4bbe3aa2cf82af354147ed75f678732dc5b22e663ee24aaed5f3d0db45171a
e01c8c5d3be05ff43cdae4a3dbcbf1e77929935a7cda15b8efe4cc028a0b59e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1ea3a0229fb17b8b028e48e16b214556288431cd4ce24a3e8f1c550960a0d2
f091c0b7f7d6c2b708b0d793cea6b1d0608c0c1ae88795c7966c3bcb014c78f3