adfs.is.payxdev.com
Open in
urlscan Pro
38.73.192.12
Public Scan
Effective URL: https://adfs.is.payxdev.com/adfs/ls/?client-request-id=6ec8482f-feac-451c-bf87-66350652436a&username=&wa=wsignin1.0&wtrealm=...
Submission: On July 28 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 29th 2024. Valid for: a year.
This is the only time adfs.is.payxdev.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 141.123.52.92 141.123.52.92 | 5650 (FRONTIER-...) (FRONTIER-FRTR) | |
12 | 2603:1026:300... 2603:1026:3000:150::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2603:1026:300... 2603:1026:3000:148::e | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2603:1026:300... 2603:1026:3000:150::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 38.73.192.12 38.73.192.12 | 174 (COGENT-174) (COGENT-174) | |
1 | 20.50.201.204 20.50.201.204 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 5 |
ASN5650 (FRONTIER-FRTR, US)
PTR: gateway.perf.paychex.com
gateway.perf.paychex.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
myapps.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
microsoft.com
myapps.microsoft.com — Cisco Umbrella Rank: 12493 eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 625 |
1 MB |
4 |
payxdev.com
adfs.is.payxdev.com |
95 KB |
3 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 15 |
7 KB |
1 |
paychex.com
1 redirects
gateway.perf.paychex.com |
147 B |
19 | 4 |
Domain | Requested by | |
---|---|---|
12 | myapps.microsoft.com |
myapps.microsoft.com
|
4 | adfs.is.payxdev.com |
myapps.microsoft.com
adfs.is.payxdev.com |
3 | login.microsoftonline.com |
1 redirects
myapps.microsoft.com
|
1 | eu-mobile.events.data.microsoft.com |
myapps.microsoft.com
|
1 | gateway.perf.paychex.com | 1 redirects |
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mygroups.microsoft.com DigiCert SHA2 Secure Server CA |
2024-06-02 - 2025-06-02 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
adfs.is.payxdev.com Sectigo RSA Organization Validation Secure Server CA |
2024-01-29 - 2025-01-28 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 08 |
2024-06-16 - 2025-06-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://adfs.is.payxdev.com/adfs/ls/?client-request-id=6ec8482f-feac-451c-bf87-66350652436a&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAfZFPaNNQAIf72q7WomvRiweFglNESZrkJU1bmLBu3ZZ2Tf-s25peJEnfa16XNDFJ27V3UW87ykAEj9XD8CQ7-OcmPe2mCIIXYXhQEZGBILqrBy-_y3f6vl8swtFQpNnrIY5mcnOcmIXZrIAoRhXbFM-0RUprQ4FKZ9MZTWV5js2K7rlYIrX6pvf098XCy7tYiNQXu3tglni0o4522mhA67Y1AZcM33e8XCpljVTH8WiL6K7t2dg_wannABwCcATAJDjHajrmBV2nMlDPULzGQErFmKNEnNV0mOYxz-D3wXhloe8b3MnYLhmj78EodtWOhXr-XshBo6LTWpTSkiUT2SoL5UaBW9tqmZUl3ZeXlHFlnTWU8cJ4rSGxcmODkccKX-5KfGtd8iSLNdsrBVLpeUTdEphWs2gosO5onLCBmnlT6tpEtza31WbRVGCN4CYz_yz0j_A0dNl2UI-0k45rY2KipI2xSXrolqrryPOSyFKJ-S4EDsPgc_hMNJi4cgEkA9euMtHjMHg88zfqz_iLg18fbhbvFx_GhMSjwHQmlRogOKzafF90FMOolG_veHlZqi13HKHXh2oDcoMMsz1sZNBwns2xuxGwGzk_jcQtTzXprkdrrj30kPstAu6dChyc_v8nD2JgErvRxHJeZkvVSn6zZLoyB5fTDPHrNqq5rXpphXS0ah6ODU6ROvsx8Ops4Hj2052vP16_ffJldT8R-JgI_AE1
Frame ID: 4AD9BEE2FD45C74BBD0ACA0A5A332939
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
AnmeldenPage URL History Show full URLs
-
https://gateway.perf.paychex.com/
HTTP 301
https://myapps.microsoft.com/is.payxdev.com Page URL
-
https://login.microsoftonline.com/is.payxdev.com/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968b...
HTTP 302
https://adfs.is.payxdev.com/adfs/ls/?client-request-id=6ec8482f-feac-451c-bf87-66350652436a&username=&wa... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://gateway.perf.paychex.com/
HTTP 301
https://myapps.microsoft.com/is.payxdev.com Page URL
-
https://login.microsoftonline.com/is.payxdev.com/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access%20email&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=6ec8482f-feac-451c-bf87-66350652436a&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=wQCv4KS_LGlRafQ9mBw0gVx9Bzc0xJbAKWT_1Tj8KqU&code_challenge_method=S256&domain_hint=is.payxdev.com&nonce=1bcf45cc-83c8-4b03-aff2-7f9bc364f40f&state=eyJpZCI6ImNiNmM5MTE2LWZlODctNDYzOS1hYzAzLTI1NTU0NzY4MjI4ZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
HTTP 302
https://adfs.is.payxdev.com/adfs/ls/?client-request-id=6ec8482f-feac-451c-bf87-66350652436a&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAfZFPaNNQAIf72q7WomvRiweFglNESZrkJU1bmLBu3ZZ2Tf-s25peJEnfa16XNDFJ27V3UW87ykAEj9XD8CQ7-OcmPe2mCIIXYXhQEZGBILqrBy-_y3f6vl8swtFQpNnrIY5mcnOcmIXZrIAoRhXbFM-0RUprQ4FKZ9MZTWV5js2K7rlYIrX6pvf098XCy7tYiNQXu3tglni0o4522mhA67Y1AZcM33e8XCpljVTH8WiL6K7t2dg_wannABwCcATAJDjHajrmBV2nMlDPULzGQErFmKNEnNV0mOYxz-D3wXhloe8b3MnYLhmj78EodtWOhXr-XshBo6LTWpTSkiUT2SoL5UaBW9tqmZUl3ZeXlHFlnTWU8cJ4rSGxcmODkccKX-5KfGtd8iSLNdsrBVLpeUTdEphWs2gosO5onLCBmnlT6tpEtza31WbRVGCN4CYz_yz0j_A0dNl2UI-0k45rY2KipI2xSXrolqrryPOSyFKJ-S4EDsPgc_hMNJi4cgEkA9euMtHjMHg88zfqz_iLg18fbhbvFx_GhMSjwHQmlRogOKzafF90FMOolG_veHlZqi13HKHXh2oDcoMMsz1sZNBwns2xuxGwGzk_jcQtTzXprkdrrj30kPstAu6dChyc_v8nD2JgErvRxHJeZkvVSn6zZLoyB5fTDPHrNqq5rXpphXS0ah6ODU6ROvsx8Ops4Hj2052vP16_ffJldT8R-JgI_AE1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://gateway.perf.paychex.com/ HTTP 301
- https://myapps.microsoft.com/is.payxdev.com
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
is.payxdev.com
myapps.microsoft.com/ Redirect Chain
|
956 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
low-change-freq-vendors.791ea13a.js
myapps.microsoft.com/bundle/ |
660 KB 258 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fluent.da77279e.js
myapps.microsoft.com/bundle/ |
397 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft.9a8b6809.js
myapps.microsoft.com/bundle/ |
260 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
azure.e9a30734.js
myapps.microsoft.com/bundle/ |
374 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moderate-change-freq-vendors.b9b6c819.js
myapps.microsoft.com/bundle/ |
45 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.af5136ff.js
myapps.microsoft.com/bundle/ |
1 MB 397 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
searchbox.ef784575.js
myapps.microsoft.com/bundle/ |
0 12 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Apps.json
myapps.microsoft.com/locales/en-US/ |
17 KB 7 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Apps.json
myapps.microsoft.com/locales/en/ |
17 KB 7 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
myapps.microsoft.com/ |
17 KB 18 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
myapps.microsoft.com/ |
17 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instance
login.microsoftonline.com/common/discovery/ |
958 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
login.microsoftonline.com/is.payxdev.com/v2.0/.well-known/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
adfs.is.payxdev.com/adfs/ls/ Redirect Chain
|
43 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
0 587 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfs.is.payxdev.com/adfs/portal/css/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
323 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
407 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.png
adfs.is.payxdev.com/adfs/portal/illustration/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
adfs.is.payxdev.com/ |
315 B 492 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| LoginErrors number| maxPasswordLength function| InputUtil object| paginationManager object| PaginationUtil object| PaginationManager object| Login object| LoginManager function| SelectOption object| options object| _self function| getStyle function| computeLoadIllustration function| SetIllustrationImage function| UpdatePlaceholders9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
myapps.microsoft.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 4920be9e-7b3a-4732-8946-36456653527a |
|
myapps.microsoft.com/ | Name: ai_session Value: HCqwcg+J6W8CCdysesq/i0|1722140216291|1722140216294 |
|
.microsoft.com/ | Name: MC1 Value: GUID=79f4b992f6eb4d4bbff023d92ebcd9b7&HASH=79f4&LV=202407&V=4&LU=1722140216988 |
|
.microsoft.com/ | Name: MS0 Value: 31cabc0e524542eabfbbc222389cd51e |
|
login.microsoftonline.com/ | Name: buid Value: 0.AVAA_HxWA2T4O0yldsdECVyms16Zkyd9CtdAvTVpaLoUIZd_AAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYitR8W2GIIeRcdXs80KmtYT2ut4IZebFoqrpSvoCfTXzq3p5RHeJlm0DnCEQRUi3i5hmP3Pd1GGkt6cO3KwUNjsklLL_v87CIoLdOH4loQHUgAA |
|
login.microsoftonline.com/ | Name: fpc Value: Aiq7HWDmPx1Pktp-x9kARADumecPAQAAADi9N94OAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYx84K-XKHiSprd0rI02fPue2jXfYgMajxIICTY7H_FmboPRIqFIwUBcwVZydwTRaH2AErDqkg987i8KYi0vxsge06oLMK0LlaM3QnaBb1p4OY5QoOED3p1wly5A1v0TvMXmHNFBHfxj9o_5s288vT5Y8EZKViMVMeSOAEFpbBgP4gAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adfs.is.payxdev.com
eu-mobile.events.data.microsoft.com
gateway.perf.paychex.com
login.microsoftonline.com
myapps.microsoft.com
141.123.52.92
20.50.201.204
2603:1026:3000:148::e
2603:1026:3000:150::2
2603:1026:3000:150::6
38.73.192.12
5f74c854dc6b97753afa0c34c3715eb9a5db6f4df519bfc9ca82be403dad9510
6392134c7a6bc1b65bbae8f7aafe273ea9b11b6dfa0f011ddf7b645479727546
6ddd26fd0189899eb54cd6d08586ffe5fdf68d253d64ea06713ced2c9f57c4fd
749c6b8a247e92baffd1b98919d429b9752c89c9f1f7baf053d4b1b23d54d68d
7a1a9945c84056cd4016c1537aadb421309d807613bb5912e0c8fbe2b8e92d29
7e8de115feeaf1cc73ec0b19e6c0c7d6a5891df3fb5581cf047696493a088d70
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a4eacde3da3e7e5cfb6b34fb69bbcdc1928e84fa5a70e0484e1cc1c0d3389b92
a914e9556879fe0765e6a45eae910940a06a3321277e845479917659778fc610
bca767128bd97ed2230abd6add5a662ba9b49d63a78374b7290223b130739a50
cd91e5cb1719cb3e852e88d0724ac37a1afbd0bb987a0b097e668c81a4f0dfb8
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0
de05c4427071792155dabce4c8c1124cdf5ee2ff0580c496859c6484bd7b7fa2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e808891ff5c6a1ea2a290240ada84d504f5480f61aea7060c6b15dfb10c3f0b3
f1a54e92391653cc7dd5d4480ef80f578b2a2c77e6e421b7c9aafa0ac4586e75
f22c0e077993bc20aec1a2ef52b37d64c653a663529d087d2de78ec3b54faa0a
fcae19f10ab0b84439df8593fbf0a6be0a6e6843281475aed37d34481fbfe0e1