login.microsoftonline.com
Open in
urlscan Pro
40.126.24.81
Public Scan
Effective URL: https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5...
Submission: On February 10 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 17th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2620:1ec:48:1... 2620:1ec:48:1::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 40.126.24.81 40.126.24.81 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2600:1400:d::... 2600:1400:d::17db:5d73 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 40.126.24.146 40.126.24.146 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 152.199.4.73 152.199.4.73 | 15133 (EDGECAST) (EDGECAST) | |
22 | 5 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
admin.r350d3v.cyber.gouv.qc.ca | |
aadcdn.msauth.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
gouv.qc.ca
admin.r350d3v.cyber.gouv.qc.ca |
587 KB |
6 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1139 |
213 KB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 20 |
109 KB |
2 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3327 |
243 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 92 |
|
1 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 378 |
36 KB |
22 | 6 |
Domain | Requested by | |
---|---|---|
9 | admin.r350d3v.cyber.gouv.qc.ca |
admin.r350d3v.cyber.gouv.qc.ca
|
6 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
3 | login.microsoftonline.com |
admin.r350d3v.cyber.gouv.qc.ca
login.microsoftonline.com |
2 | aadcdn.msauthimages.net | |
1 | login.live.com |
login.microsoftonline.com
|
1 | res-1.cdn.office.net | |
22 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
admin.r350d3v.cyber.gouv.qc.ca GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2022-09-27 - 2023-03-26 |
6 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-11-17 - 2023-11-17 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2022-11-15 - 2023-11-15 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-01-27 - 2024-01-27 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2023-01-02 - 2024-01-02 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2022-05-11 - 2023-05-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true
Frame ID: 3183039FF1B419686016D8E50A837D0E
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
- https://admin.r350d3v.cyber.gouv.qc.ca/ Page URL
- https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea3939... Page URL
- https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea3939... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://admin.r350d3v.cyber.gouv.qc.ca/ Page URL
- https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US Page URL
- https://login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/authorize?client_id=6ea39392-c41a-465d-abf7-8f5abd3bfb32&redirect_uri=https%3A%2F%2Fadmin.r350d3v.cyber.gouv.qc.ca%2Fsignin-callback.html&response_type=code&scope=openid+profile+email+Directory.ReadWrite.All&state=3f7ff0b87ffb40e983fba661f1341716&code_challenge=iiPE_Zm2YGEectVUmPqgNsoAd9tAskM-Z7DH7G0wVwg&code_challenge_method=S256&response_mode=query&ui_locales=fr-CA&locale=en-US&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
admin.r350d3v.cyber.gouv.qc.ca/ |
872 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.95fbd684.js
admin.r350d3v.cyber.gouv.qc.ca/static/js/ |
2 MB 571 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.712f7a0e.css
admin.r350d3v.cyber.gouv.qc.ca/static/css/ |
1 KB 860 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin.json
admin.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
globals.json
admin.r350d3v.cyber.gouv.qc.ca/locales/fr-CA/ |
321 B 544 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin.json
admin.r350d3v.cyber.gouv.qc.ca/locales/en-US/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
globals.json
admin.r350d3v.cyber.gouv.qc.ca/locales/en-US/ |
317 B 538 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edfdffe6-2243-474b-bf5d-bc2cd8791d30.webp
admin.r350d3v.cyber.gouv.qc.ca/images/ |
872 B 872 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
admin.r350d3v.cyber.gouv.qc.ca/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/v2.0/.well-known/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/ |
151 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/ba3754c0-02f7-431f-bfc3-43e37c96f3d1/oauth2/v2.0/ |
196 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
393 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_drcggiwi0cystfohuwx04a2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/ |
233 KB 233 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-9qe6gpdtnyjupbusbuw2bqwmaca5uctfydkw0lircpw/logintenantbranding/0/ |
10 KB 10 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 971 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f3782014f3739160dbfd boolean| __convergedlogin_pstringcustomizationhelper_44ba818dfa55d874950310 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.ARUAwFQ3uvcCH0O_w0PjfJbz0ZKTo24axF1Gq_ePWr07-zIVAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevra4Fo8yWWSeOJ7rQ9SLhgDAVk0WYSpA3xny1KM2XP9Igg5MQqjLuYL77yFJIPw7lXIPy-JhWX78oCcgfYlFieFnHWL9B1STdqsd_EwjsF4HwgAA |
|
login.microsoftonline.com/ | Name: fpc Value: AnLuyAQdyAtMh5lfkhZd_s4wxYlRAQAAALx8eNsOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr-nEAWzRjY8sKuyq5tshboGRUeF3-o17U9KfxtZzj9ebm-ez2Ky9FiaTeHrZjubA7Ji8uw8gYGJUL-dcpjxLZ8U9Usw17plX6CUke5XWqAvgZ7HPJvA-afDcJUblmt847E8uJ9J6d4WhbJO0gqhxRo4GqBWhK_l2YnO7rdwCq-HYgAA |
|
.login.live.com/ | Name: uaid Value: 95ac7b11fac340968dbdef1d48da3bf2 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1676051901&co=1 |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
admin.r350d3v.cyber.gouv.qc.ca
login.live.com
login.microsoftonline.com
res-1.cdn.office.net
152.199.4.73
2600:1400:d::17db:5d73
2620:1ec:48:1::40
40.126.24.146
40.126.24.81
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe
14138f35bd052a946b4dacd7e6def56a49e90ec545cc734d6dd66c916af10fcf
2cf019cc983c437a44778d667ce5073f82674b196090d8f90d26b49366d7c033
31182161179e50906df487c9fd54493d023ae899882fbc601c379b36bb5b959f
4f5aa27d78b047d9fdb084d32455e0255561e0a7b23de3220e73a657513cb670
6cbc9b7517b061cfb429661c4c4ac7242d3f9fd9ccfa8916347876f82dcb1e4a
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2
80901e04ff9db05908cfa4741e49918466c9a0d3a2b8e76273f9f906e5c26768
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9ba805f56cd27eb720a6348c0944dff5f214e3a823a30300897e7c9f0193b3e3
c5ba7972433265385ac52e181ba06529532d5680139632a32096f8f0c75ab28d
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490
d1165d337f36d0055db56c99252fa7ad0db9ef33582968761e129ddc4f4f8c2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4b4c9d49ff05d8b115d4dc035d03d2a10516515b1c70c634d35efbf48b27cdd