adfs.nku.edu
Open in
urlscan Pro
52.185.64.116
Public Scan
Effective URL: https://adfs.nku.edu/adfs/ls/?client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&username=&wa=wsignin1.0&wtrealm=...
Submission: On December 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by InCommon RSA Server CA on July 26th 2023. Valid for: a year.
This is the only time adfs.nku.edu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2603:1026:c0d... 2603:1026:c0d:82a::8 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2603:1026:c0d... 2603:1026:c0d:77::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 2603:1026:300... 2603:1026:3000:d0::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
4 | 52.185.64.116 52.185.64.116 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autodiscover.mymail.nku.edu |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: adfs.nku.edu
adfs.nku.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
nku.edu
1 redirects
autodiscover.mymail.nku.edu adfs.nku.edu — Cisco Umbrella Rank: 785535 |
317 KB |
2 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 16 |
13 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 974 |
48 KB |
1 |
office365.com
1 redirects
outlook.office365.com — Cisco Umbrella Rank: 44 |
3 KB |
6 | 4 |
Domain | Requested by | |
---|---|---|
4 | adfs.nku.edu |
aadcdn.msftauth.net
adfs.nku.edu |
2 | login.microsoftonline.com | 1 redirects |
1 | aadcdn.msftauth.net |
login.microsoftonline.com
|
1 | outlook.office365.com | 1 redirects |
1 | autodiscover.mymail.nku.edu | 1 redirects |
6 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
password.nku.edu |
one.nku.edu |
inside.nku.edu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-28 - 2024-11-28 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
adfs.nku.edu InCommon RSA Server CA |
2023-07-26 - 2024-08-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://adfs.nku.edu/adfs/ls/?client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNhAIbvy6VnEtt6dHKUQ1AKl9x_LgcOSS_NNUlN80ObRCTcb3LmLl-aXJImpYuDOKgUxKWDg4NDBysOIq1IFxGKQ-ZOHYsgioudxAQXx77Dy7O98LyLKB2mpZvUvzDktEnKsmhSN6f0XzoLIfxR89PLTLpw6_boSPp9wB7tgXl36Kq2E241e2HT6O0DouF57a4UicCe50DYDEPLsnWTFfiwDt0IHKiRDwCMATgHYN8XFViRFSlGEFk-SguMyPBhQ43GGJWnSd4QLJKLaTQZM3mKtHhaozXDNFSOPfVdy8V7XoOZFuzYI_OXL2jBjltrw663hz4Hst7PynC1nkwmCuoa6djDSl3mLGXQL2iNOue27Uw6W9LIfnGUY9fZXCrrsR4ndJSeasilCuS4leUOT6UTdrHxYFBNLA3jrD1KutmNlVR6Q8sXi1amkVlzamUqF6vUZFUkOWfT1RNVY11ri-5qtKzkCzmmLJQdUuAV1hb30UuJfodiE1MubJ2gGGybLdsY-8GZH3zzz1KoFAiEcOQ6cgO58INXM5NPDvDhs68Pnyrv8ePX5c9zyMlMxMsmooUBV9XvtjSjuuLl3VRLXo4r_bgod7lSIlJkxM1meys2EO-wEr2LgV0MO8SCARRHCHRpjT7HwE8MPL6CHAYv8ef4Kjid5UKY7qi2211Y3CZso-bBptkipG1iy-3WdH1KfdXpmV1CukdMJoj7Ozs7x3PIxfyLN18-Pvnx57vyFkf-Ag2
Frame ID: 670FC421458A5C18CC3F0CF3755A9C54
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
AnmeldenPage URL History Show full URLs
-
http://autodiscover.mymail.nku.edu/
HTTP 301
https://outlook.office365.com/owa/?realm=mymail.nku.edu&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
-
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir...
HTTP 302
https://adfs.nku.edu/adfs/ls/?client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&username=&wa... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Startseite
Search URL Search Domain Scan URL
Title: Hilfe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://autodiscover.mymail.nku.edu/
HTTP 301
https://outlook.office365.com/owa/?realm=mymail.nku.edu&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=mymail.nku.edu&nonce=638380268357162825.da792a51-5d6f-49b1-9e50-f51b1bdeda43&state=DcvLDoMgEEBRaP-liyYgD4fHwvRbhg4mpiKJLTb-vSzO3V3OGLt3t46rHuadDTYo44IFr50JBiShjwZBCyA3izEmLWIGJWbQSSfKhKPl_X0O9Y_Da8-4lqmcBZdVbp8mM7XHQRO2X6Xl-65H3i8 Page URL
-
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=mymail.nku.edu&nonce=638380268357162825.da792a51-5d6f-49b1-9e50-f51b1bdeda43&state=DcvLDoMgEEBRaP-liyYgD4fHwvRbhg4mpiKJLTb-vSzO3V3OGLt3t46rHuadDTYo44IFr50JBiShjwZBCyA3izEmLWIGJWbQSSfKhKPl_X0O9Y_Da8-4lqmcBZdVbp8mM7XHQRO2X6Xl-65H3i8&sso_reload=true
HTTP 302
https://adfs.nku.edu/adfs/ls/?client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNhAIbvy6VnEtt6dHKUQ1AKl9x_LgcOSS_NNUlN80ObRCTcb3LmLl-aXJImpYuDOKgUxKWDg4NDBysOIq1IFxGKQ-ZOHYsgioudxAQXx77Dy7O98LyLKB2mpZvUvzDktEnKsmhSN6f0XzoLIfxR89PLTLpw6_boSPp9wB7tgXl36Kq2E241e2HT6O0DouF57a4UicCe50DYDEPLsnWTFfiwDt0IHKiRDwCMATgHYN8XFViRFSlGEFk-SguMyPBhQ43GGJWnSd4QLJKLaTQZM3mKtHhaozXDNFSOPfVdy8V7XoOZFuzYI_OXL2jBjltrw663hz4Hst7PynC1nkwmCuoa6djDSl3mLGXQL2iNOue27Uw6W9LIfnGUY9fZXCrrsR4ndJSeasilCuS4leUOT6UTdrHxYFBNLA3jrD1KutmNlVR6Q8sXi1amkVlzamUqF6vUZFUkOWfT1RNVY11ri-5qtKzkCzmmLJQdUuAV1hb30UuJfodiE1MubJ2gGGybLdsY-8GZH3zzz1KoFAiEcOQ6cgO58INXM5NPDvDhs68Pnyrv8ePX5c9zyMlMxMsmooUBV9XvtjSjuuLl3VRLXo4r_bgod7lSIlJkxM1meys2EO-wEr2LgV0MO8SCARRHCHRpjT7HwE8MPL6CHAYv8ef4Kjid5UKY7qi2211Y3CZso-bBptkipG1iy-3WdH1KfdXpmV1CukdMJoj7Ozs7x3PIxfyLN18-Pvnx57vyFkf-Ag2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://autodiscover.mymail.nku.edu/ HTTP 301
- https://outlook.office365.com/owa/?realm=mymail.nku.edu&vd=autodiscover HTTP 302
- https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9ebe6b86-4a4b-2752-287a-bb3af7af33bb&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=mymail.nku.edu&nonce=638380268357162825.da792a51-5d6f-49b1-9e50-f51b1bdeda43&state=DcvLDoMgEEBRaP-liyYgD4fHwvRbhg4mpiKJLTb-vSzO3V3OGLt3t46rHuadDTYo44IFr50JBiShjwZBCyA3izEmLWIGJWbQSSfKhKPl_X0O9Y_Da8-4lqmcBZdVbp8mM7XHQRO2X6Xl-65H3i8
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
authorize
login.microsoftonline.com/common/oauth2/ Redirect Chain
|
20 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
adfs.nku.edu/adfs/ls/ Redirect Chain
|
40 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfs.nku.edu/adfs/portal/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
adfs.nku.edu/adfs/portal/logo/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.jpg
adfs.nku.edu/adfs/portal/illustration/ |
236 KB 236 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| LoginErrors number| maxPasswordLength function| InputUtil object| paginationManager object| PaginationUtil object| PaginationManager object| Login object| LoginManager object| options object| _self undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage string| orgDomain object| userNameInput function| UpdErrors function| SetFavicon object| userPasswordError object| updPwdErrorError object| formsAuthenticationAreaPassword object| forgotPassword undefined| workArea14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
outlook.office365.com/ | Name: ClientId Value: 040BE6155E534EBD855332A2E089B1D8 |
|
outlook.office365.com/ | Name: OIDC Value: 1 |
|
outlook.office365.com/ | Name: domainName Value: mymail.nku.edu |
|
outlook.office365.com/ | Name: OpenIdConnect.nonce.v3.lcb6yqyFXYOpOstiqDen6AO_dn13OXKO7ncci8NJu3s Value: 638380268357162825.da792a51-5d6f-49b1-9e50-f51b1bdeda43 |
|
outlook.office365.com/ | Name: X-OWA-RedirectHistory Value: ArLym14BSRcMx3j72wg |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AVkAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Ntq5kBQVyRNSVa7ynpMVM5kHpaMwFy2i45VNYAeKlQDw9Z13bsM2baAkxSX3LSyYQiikgW5N3RnL6mXQudwHrwJTz-ZsDQ17oxJY2SgDaAMgAA |
|
.login.microsoftonline.com/ | Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-B8OXaqTXPmuEVkxq3epAWLJvNebzufEXj2cuH5ssSI46Q-JEUUrHKgv5Z__CI3XMeXKksxuzdjcSfDYrXVOzUfqMQVj7jBxkEj08E7aI4Ctm0IrapwaXC3Hc9cc1GAl8QUbmtS7FeXw2pafV2wPQfWxBbr8hZOiT--5yJgTS1l1BReKJxRdryOomkG6v-13jqbKDBKuVOH_ZLTgWtwO3VIKBw3RvSxBhjLFHpp_-IePkYY1xIU76l8igL909MhUE7LmIo73eo_RUy0QG-Epvbu4MBlyzWkR5IhjEhAnTLujw5y-Ux9ARmn5mFlkUchK63UG7UKLUlWnCxes3D4PEuJ9KbBzNNNL6_TxuVBIxnhSWEht68QIt6vGKYidMyc1Q3AJgqHWFttQYeGwPr-F8n4QqTLhF1evWgnXIl8kTlrBTgF50bcwKRL8fWfgIRNgFHblIe7Luh4ue-VhOUaoTkBqaV96w1weqWRx_lgeDBmxSMIIT43oA7JRSY44PUNgmlerTsn5ijXjklPSVFSVW4CyScKrDMEYj5VYdxKZpAAxLatKS-ONPZTo1MWU9WmLYRMy95UkQftTf6-mcOyywOaLae4wEx2J6e-LCCHXGfcNugau_bTVGnx5R4FAIrGHz--0Dx72svkwr_3MqYu5AKCAA |
|
login.microsoftonline.com/ | Name: fpc Value: Anns7Jt2CWpJrH0kIoYNLt-erOTJAQAAAFT8Ct0OAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-PqaUVYH2LI-v1GgimuMoWsf6NPAtry4CYBAr-y5wJHoHGBHrF9xd-1T2QU1eDavmvaBQKPBlBUcyGgR5a3X-RJkhSbJx6OMIbR4lU6TVrocQ48rPfAmWlAb5qg_u8HWBxcYaorug0I9Yxet7QbUlBubyRvkjT78AjKpqs3AzguYgAA |
|
.login.microsoftonline.com/ | Name: cltm Value: CgAQABoAIgQIDBAF |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
adfs.nku.edu
autodiscover.mymail.nku.edu
login.microsoftonline.com
outlook.office365.com
2603:1026:3000:d0::6
2603:1026:c0d:77::2
2603:1026:c0d:82a::8
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
52.185.64.116
6e037986086e1f5622eab67b5b6b4d45ab7c594c0687ae193ef813c11a57e6f6
a6e29721b697d6e6d6cc7ef11cb66ee5bce620487e8b4d8baef099d72f50bff2
cc7f5703fb6c08c928b92aa5e07004beac46d9093f930679fc5ac33d8249fe72
ef3e52b07a085ec34408c00513bd009f070d5418e348ba5b5c7d0ea9d9a39b05
fc5452d1ab8ed5f72e44043cd02b351c6855046ae2558e015f0dede9e8011d78
ffcdc5cf12d239da380c74332eb6246e768dd93c401ee4d7ee2bfa8cd870d552