login.microsoftonline.com
Open in
urlscan Pro
40.126.31.69
Public Scan
Effective URL: https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYvsOI6IA6ahEEhL6Xbopcj...
Submission Tags: discord.fish
Submission: On July 17 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 2nd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2001:41d0:301... 2001:41d0:301:5::31 | 16276 (OVH) (OVH) | |
1 1 | 2a05:d018:64e... 2a05:d018:64e:7a02:7ce6:3bc:ba02:2b33 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 40.126.31.69 40.126.31.69 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2620:1ec:40::44 2620:1ec:40::44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 40.126.32.133 40.126.32.133 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 152.199.23.72 152.199.23.72 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2603:1027:1:d... 2603:1027:1:d8::5 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
18 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1339 |
197 KB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23 |
107 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1407 |
1 KB |
1 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 4767 |
289 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 77 |
|
1 |
4me.com
1 redirects
polsteam.4me.com |
1 KB |
1 |
polsteam.com
servicedesk.polsteam.com |
423 B |
18 | 7 |
Domain | Requested by | |
---|---|---|
11 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
3 | login.microsoftonline.com |
login.microsoftonline.com
aadcdn.msauth.net |
1 | autologon.microsoftazuread-sso.com | |
1 | aadcdn.msauthimages.net | |
1 | login.live.com |
login.microsoftonline.com
|
1 | polsteam.4me.com | 1 redirects |
1 | servicedesk.polsteam.com | |
18 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-06-02 - 2023-06-02 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-06-01 - 2023-06-01 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2022-05-11 - 2023-05-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYvsOI6IA6ahEEhL6XbopcjycyvQ4urJXf59HYfS9JBexXwzwzytURg98GYMr%2FYW3kbAEDWI4INy9sJZHA34O%2FDvSsLD7b4mryEMyJNkcBoDCBMXBmLpTCKkBMTk4JfII0ii7eSnrDiY%2FaLavSgbGyW9Q9cHZ7WyR4%2B%2BLVcsTVu6KquKFqJqadu1C7pKK1aWIBe5yOcERqLdtibPbVGxZd8vKeQTVfT5hHaLjPZVWvawgq5j1SRFHGFnMQgbasJSxmi6pNnyPmOcFTxPn0j0CB7nlixOSfRptEV%2BSKrJ6C13AhVyKwwgD5LfNVd7Pgm5%2BJnqFBn%2BZwbvgpNOk836oOZzO785N%2Bw6OVWtj%2Fe6nlx32xunlfyKGq3dx4UHEaAmwY%2FT7pfOGxHO98jibH5RHe1nKQcjlG66zk9HJMnmmPr3Y2y%2BAQ%3D%3D&sso_reload=true
Frame ID: 7F481C2F5C06A85518683B4DB9D0DB6A
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Kirjaudu sisään tiliisiPage URL History Show full URLs
- http://servicedesk.polsteam.com/ Page URL
-
https://polsteam.4me.com/
HTTP 302
https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYv... Page URL
- https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYv... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Käyttöehdot
Search URL Search Domain Scan URL
Title: Tietosuoja ja evästeet
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://servicedesk.polsteam.com/ Page URL
-
https://polsteam.4me.com/
HTTP 302
https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYvsOI6IA6ahEEhL6XbopcjycyvQ4urJXf59HYfS9JBexXwzwzytURg98GYMr%2FYW3kbAEDWI4INy9sJZHA34O%2FDvSsLD7b4mryEMyJNkcBoDCBMXBmLpTCKkBMTk4JfII0ii7eSnrDiY%2FaLavSgbGyW9Q9cHZ7WyR4%2B%2BLVcsTVu6KquKFqJqadu1C7pKK1aWIBe5yOcERqLdtibPbVGxZd8vKeQTVfT5hHaLjPZVWvawgq5j1SRFHGFnMQgbasJSxmi6pNnyPmOcFTxPn0j0CB7nlixOSfRptEV%2BSKrJ6C13AhVyKwwgD5LfNVd7Pgm5%2BJnqFBn%2BZwbvgpNOk836oOZzO785N%2Bw6OVWtj%2Fe6nlx32xunlfyKGq3dx4UHEaAmwY%2FT7pfOGxHO98jibH5RHe1nKQcjlG66zk9HJMnmmPr3Y2y%2BAQ%3D%3D Page URL
- https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYvsOI6IA6ahEEhL6XbopcjycyvQ4urJXf59HYfS9JBexXwzwzytURg98GYMr%2FYW3kbAEDWI4INy9sJZHA34O%2FDvSsLD7b4mryEMyJNkcBoDCBMXBmLpTCKkBMTk4JfII0ii7eSnrDiY%2FaLavSgbGyW9Q9cHZ7WyR4%2B%2BLVcsTVu6KquKFqJqadu1C7pKK1aWIBe5yOcERqLdtibPbVGxZd8vKeQTVfT5hHaLjPZVWvawgq5j1SRFHGFnMQgbasJSxmi6pNnyPmOcFTxPn0j0CB7nlixOSfRptEV%2BSKrJ6C13AhVyKwwgD5LfNVd7Pgm5%2BJnqFBn%2BZwbvgpNOk836oOZzO785N%2Bw6OVWtj%2Fe6nlx32xunlfyKGq3dx4UHEaAmwY%2FT7pfOGxHO98jibH5RHe1nKQcjlG66zk9HJMnmmPr3Y2y%2BAQ%3D%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://polsteam.4me.com/ HTTP 302
- https://login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/saml2?SAMLRequest=fZJJa8MwFIT%2Fim86yYvsOI6IA6ahEEhL6XbopcjycyvQ4urJXf59HYfS9JBexXwzwzytURg98GYMr%2FYW3kbAEDWI4INy9sJZHA34O%2FDvSsLD7b4mryEMyJNkcBoDCBMXBmLpTCKkBMTk4JfII0ii7eSnrDiY%2FaLavSgbGyW9Q9cHZ7WyR4%2B%2BLVcsTVu6KquKFqJqadu1C7pKK1aWIBe5yOcERqLdtibPbVGxZd8vKeQTVfT5hHaLjPZVWvawgq5j1SRFHGFnMQgbasJSxmi6pNnyPmOcFTxPn0j0CB7nlixOSfRptEV%2BSKrJ6C13AhVyKwwgD5LfNVd7Pgm5%2BJnqFBn%2BZwbvgpNOk836oOZzO785N%2Bw6OVWtj%2Fe6nlx32xunlfyKGq3dx4UHEaAmwY%2FT7pfOGxHO98jibH5RHe1nKQcjlG66zk9HJMnmmPr3Y2y%2BAQ%3D%3D
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
servicedesk.polsteam.com/ |
87 B 423 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/ Redirect Chain
|
150 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/ |
194 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_31e9nWW0Q0dL93Nmdh5wSw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
381 KB 109 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_9lddfuhsopopkddlczwbda2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-fi.min_cy4swsrvquwndw81rtaqda2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_c517f0e3ce9f4c448e6f.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_87a35ded5475e7847fb4.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/c1c6b6c8-nh-qx23p-r4fpqtl2m0sh0trmlscq6zlxpq6toe39a8/logintenantbranding/0/ |
289 KB 289 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/fb69200b-9688-4a8b-bdb5-908266ec53a3/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
264 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1008 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_c517f0e3ce9f4c448e6f boolean| __convergedlogin_pcustomizationloader_87a35ded5475e7847fb416 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
polsteam.4me.com/ | Name: _4me_uu Value: 58F_wXBEyP3e |
|
polsteam.4me.com/ | Name: __Host-4me_same_site Value: ZfUMLjCqeR_p85-H1HSts07h4y_8k67XKu2jKQs3KI8 |
|
polsteam.4me.com/ | Name: _4me_session Value: eXdVc093SUhqRUpxQVpxQlluam1GaUNHVXE1YmxvY2NUaDVaeHRpSG4wL0Z3MmVBL2pYOFp1UGNBODNjYkcvcm9vbDZaVGkwWTJPNEpKazY0QS8vN2NHUmduTTNjK2l4VGlKbW0vMDlHUllVSzFQY3lnVjZUckVkVnBpYnhmckswR1pkU2txL1VBc3g3RExzUHpYL0htS0Niekk3UlNVRkRSR0orZW12WEJTMytDQ3V2Qy9lcktwRWg2NXNIVHArLS1XNWZJaEVmbjZDR1p4U3BVeGlrVkNRPT0%3D--151e251d6e567aee57f89f7f574ea7eece7fc1f9 |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AR8ACyBp-4iWi0q9tZCCZuxTo5zhrC9_49lDuoQ6zCljCqcfAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrT_Q1KeS8eSQZuJPq3UetYmDj2cL3zdpQbUR-gKp76VOvKvTJAspMCEe-zuFfuGCH5_OYkQOzDbsiqRkQQCbpRF3SNI4ucbuvlAS8goPxscogAA |
|
login.microsoftonline.com/ | Name: fpc Value: Am1U4RT9Dy1No0aZj0TxInetYEcYAQAAAH72ZdoOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrBsX8WkFnbZZmF0n4Lx1Sv8piaBlPT7hGi3u_FlYE2-SZd7F1IZMBcGKAvhdYzbCl-9AFR1W_aQqs3LhC9hdoCMpU_hTdA91bjV1IMESp_ac_luTvCi5Nzk4J_M2Qg4qOlAjzgPouiDwSr_uoDn0YUdJTW9De3n4E0Er8vcwcWdQgAA |
|
.login.live.com/ | Name: uaid Value: 267cc1d287954f8caeabb9d03be76861 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1658060671&co=1 |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: Akywc9u58uRAgTJ3q11NVB4 |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
polsteam.4me.com
servicedesk.polsteam.com
152.199.23.72
2001:41d0:301:5::31
2603:1027:1:d8::5
2620:1ec:40::44
2a05:d018:64e:7a02:7ce6:3bc:ba02:2b33
40.126.31.69
40.126.32.133
01e543c438475cd2b68d2e6a9ab7012927c3343362933a48003096fa7eeb246b
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
19474df8b78e0f0cd6edd88f205c74201e8d71d3a3f4a601ad94ac7f24fcca41
1e5e0ceccd4fb722515dadc71c62cf4450aeefe32a0545f08bc179d0546e9afe
3cb809e81fa426e7a98001a616453ff1b4a593c40a8759f6596afb18d63a6b88
413258aec34fe36678d97371fa6687877b6785696b9df7e36f0db5fc9bda83f6
684e9cccab201b7a6da2033099e511a9cc210284bdf2d1f88103335b0f129656
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c03790ceb276544a944c2221c55167251b4e983c7830e1490349e6020e5a4593
c75801b3748406d9b0c08d4e104b0972d0cab701ee09ffb7f0df6441c39d6a81
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855