login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:148::7
Public Scan
Effective URL: https://login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/saml2?SAMLRequest=jVLLbtswEPwVgneJEiVZNmE5cGMENZA2RqTk0EtBS...
Submission: On January 22 via api from US — Scanned from NL
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 154.59.124.101 154.59.124.101 | 4373 (OCLC-AS) (OCLC-AS) | |
4 5 | 5.101.151.140 5.101.151.140 | 42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers) | |
1 | 2603:1026:300... 2603:1026:3000:148::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
5 | 5 |
ASN4373 (OCLC-AS, US)
www-jstor-org.plymouth.idm.oclc.org | |
plymouth.idm.oclc.org |
ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: no.rdns.ukservers.com
shibboleth.plymouth.ac.uk |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
plymouth.ac.uk
4 redirects
shibboleth.plymouth.ac.uk |
5 KB |
3 |
oclc.org
2 redirects
www-jstor-org.plymouth.idm.oclc.org plymouth.idm.oclc.org |
2 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943 |
48 KB |
1 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
10 KB |
5 | 4 |
Domain | Requested by | |
---|---|---|
5 | shibboleth.plymouth.ac.uk | 4 redirects |
2 | plymouth.idm.oclc.org | 1 redirects |
1 | aadcdn.msftauth.net |
login.microsoftonline.com
|
1 | login.microsoftonline.com |
aadcdn.msftauth.net
|
1 | www-jstor-org.plymouth.idm.oclc.org | 1 redirects |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
shibboleth.plymouth.ac.uk Sectigo RSA Domain Validation Secure Server CA |
2023-06-26 - 2024-07-25 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-23 - 2024-11-23 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/saml2?SAMLRequest=jVLLbtswEPwVgneJEiVZNmE5cGMENZA2RqTk0EtBSsuYCEWqJJU2fx%2FFjzwuQc87O7Mzs8uLf71GT%2BC8sqbCaZxgBKa1nTIPFb5rrqI5vlgtPe81Hdh6DHtzC39G8AFNi8az46TCozPMcq88M7wHz0LL6vWPa0bjhA3OBttajdHae3Bhkrq0xo89uBrck2rh7va6wvsQBs8I8XslhNUQ9vGgn3s7ica8jcdHorqBTGRSaSCHW8irBiW7m7ohdX2D0Wa6TBkeDm7OhNo%2BKBP3qnXWWxms0cpA3NqeFHlWQgkimmdSRHmX8kjILouEoHkJySwVMiUHixhtNxX%2BTYtCzksKs7Tji0IuUpFJueCzLs9mZZ4VE8z7EbbGB25ChWlC8yhJI0qbNGEpZfk8XpTFL4x2p1C%2BKXMM%2B6sExRHk2fem2UWvdjG6P5c2AfCpInZQdx%2B7%2BZqYnwvBq%2F%2BL%2F326JB8l337k56Sx3eysVu0zWmtt%2F1464AEqHNwImKxOe5%2B%2FafUC&RelayState=e1s2&sso_reload=true
Frame ID: BBE984E3BF7DD4FD91715256B92E13DF
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www-jstor-org.plymouth.idm.oclc.org/
HTTP 302
http://plymouth.idm.oclc.org/ HTTP 302
http://plymouth.idm.oclc.org/login Page URL
-
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO
HTTP 302
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s1 Page URL
-
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s1
HTTP 302
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s2 HTTP 302
https://shibboleth.plymouth.ac.uk/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s2 HTTP 302
https://login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/saml2?SAMLRequest=jVLLbtswEPwVgneJEiVZN... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www-jstor-org.plymouth.idm.oclc.org/
HTTP 302
http://plymouth.idm.oclc.org/ HTTP 302
http://plymouth.idm.oclc.org/login Page URL
-
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO
HTTP 302
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s1 Page URL
-
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s1
HTTP 302
https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s2 HTTP 302
https://shibboleth.plymouth.ac.uk/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s2 HTTP 302
https://login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/saml2?SAMLRequest=jVLLbtswEPwVgneJEiVZNmE5cGMENZA2RqTk0EtBSsuYCEWqJJU2fx%2FFjzwuQc87O7Mzs8uLf71GT%2BC8sqbCaZxgBKa1nTIPFb5rrqI5vlgtPe81Hdh6DHtzC39G8AFNi8az46TCozPMcq88M7wHz0LL6vWPa0bjhA3OBttajdHae3Bhkrq0xo89uBrck2rh7va6wvsQBs8I8XslhNUQ9vGgn3s7ica8jcdHorqBTGRSaSCHW8irBiW7m7ohdX2D0Wa6TBkeDm7OhNo%2BKBP3qnXWWxms0cpA3NqeFHlWQgkimmdSRHmX8kjILouEoHkJySwVMiUHixhtNxX%2BTYtCzksKs7Tji0IuUpFJueCzLs9mZZ4VE8z7EbbGB25ChWlC8yhJI0qbNGEpZfk8XpTFL4x2p1C%2BKXMM%2B6sExRHk2fem2UWvdjG6P5c2AfCpInZQdx%2B7%2BZqYnwvBq%2F%2BL%2F326JB8l337k56Sx3eysVu0zWmtt%2F1464AEqHNwImKxOe5%2B%2FafUC&RelayState=e1s2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www-jstor-org.plymouth.idm.oclc.org/ HTTP 302
- http://plymouth.idm.oclc.org/ HTTP 302
- http://plymouth.idm.oclc.org/login
- https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO HTTP 302
- https://shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/SSO?execution=e1s1
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
login
plymouth.idm.oclc.org/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SSO
shibboleth.plymouth.ac.uk/idp/profile/SAML2/POST/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
saml2
login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.microsoftonline.com
- URL
- https://login.microsoftonline.com/5437e7eb-83fb-4d1a-bfd3-bb247e061bf1/saml2?SAMLRequest=jVLLbtswEPwVgneJEiVZNmE5cGMENZA2RqTk0EtBSsuYCEWqJJU2fx%2FFjzwuQc87O7Mzs8uLf71GT%2BC8sqbCaZxgBKa1nTIPFb5rrqI5vlgtPe81Hdh6DHtzC39G8AFNi8az46TCozPMcq88M7wHz0LL6vWPa0bjhA3OBttajdHae3Bhkrq0xo89uBrck2rh7va6wvsQBs8I8XslhNUQ9vGgn3s7ica8jcdHorqBTGRSaSCHW8irBiW7m7ohdX2D0Wa6TBkeDm7OhNo%2BKBP3qnXWWxms0cpA3NqeFHlWQgkimmdSRHmX8kjILouEoHkJySwVMiUHixhtNxX%2BTYtCzksKs7Tji0IuUpFJueCzLs9mZZ4VE8z7EbbGB25ChWlC8yhJI0qbNGEpZfk8XpTFL4x2p1C%2BKXMM%2B6sExRHk2fem2UWvdjG6P5c2AfCpInZQdx%2B7%2BZqYnwvBq%2F%2BL%2F326JB8l337k56Sx3eysVu0zWmtt%2F1464AEqHNwImKxOe5%2B%2FafUC&RelayState=e1s2&sso_reload=true
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
shibboleth.plymouth.ac.uk/idp | Name: JSESSIONID Value: node0ffycq5fyfk551lf5o3pq407cw18016085.node0 |
|
.login.microsoftonline.com/ | Name: esctx-igDUvo698 Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-E5jxm7vDz03rP7pEiWOnprTjybQKtCDTr95WIGYlhJmpbuXEWwVgij7JehaX1uMkba5fScEZ6ajED4zcMm48DzZ9kO7w5IAQwJYRGx5AijXJXLgzcVp3y-5zoLGPjkLhnY83HWMTasDDWGkwTpIoZiAA |
|
login.microsoftonline.com/ | Name: fpc Value: Ao7vtPAi2MFFvzVW-MASBvQ |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-dPhZnre0mFxFcYSdUaZNznfv3ahh4eT73sXpgY3VDtD7FxyupTSCcK_EP4hWikC2YfIQTdbNgaaOgmvrf_ScE-k4_PD2Gd4n4yvGgUz6HlFRU-SEjIzmtqmLjXKD4nOl94dk3dExtB2gTguBYdZc_Ro6j3MHkhFmnfGGprdGY4kgAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
login.microsoftonline.com
plymouth.idm.oclc.org
shibboleth.plymouth.ac.uk
www-jstor-org.plymouth.idm.oclc.org
login.microsoftonline.com
154.59.124.101
2603:1026:3000:148::7
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
5.101.151.140
15e697417242d779ddec5439f81b56bdc61974ffda9a40919be81428f341296e
4ceacbe07542a579459a5a9f61c1449e9441200a47e8383452adf0ddfd97a09b
7fadb2a4015a256f494cac06aaa6deef8709ba64a634beca8db9501e121c7cd9
fe14dad36e348fb31f53f19f946eae19f4ee33eb39bfe155b00a199978e36339