login.microsoftonline.com
Open in
urlscan Pro
2603:1036:3000:f8::3
Public Scan
Effective URL: https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b3-7ae0-4e7e-bc2a-544...
Submission: On March 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 7th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 29 | 2606:4700::68... 2606:4700::6811:d648 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2600:1f16:9b9... 2600:1f16:9b9:9602:69f2:10f1:2eb5:fc96 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2603:1036:300... 2603:1036:3000:f8::3 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 2620:1ec:46::40 2620:1ec:46::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.190.196 20.190.190.196 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
1 | 2603:1036:300... 2603:1036:3000:f8::1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
47 | 7 |
ASN16509 (AMAZON-02, US)
td-portal-p.auth.us-east-2.amazoncognito.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
eftours.com
3 redirects
tdportal.eftours.com |
411 KB |
13 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 931 |
332 KB |
3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10 |
28 KB |
2 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3952 |
246 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1337 |
1 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 81 |
|
1 |
amazoncognito.com
1 redirects
td-portal-p.auth.us-east-2.amazoncognito.com |
2 KB |
47 | 7 |
Domain | Requested by | |
---|---|---|
29 | tdportal.eftours.com |
3 redirects
tdportal.eftours.com
|
13 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
3 | login.microsoftonline.com |
tdportal.eftours.com
aadcdn.msauth.net |
2 | aadcdn.msauthimages.net | |
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | td-portal-p.auth.us-east-2.amazoncognito.com | 1 redirects |
47 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-12 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-03-07 - 2025-03-07 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-01-29 - 2025-01-29 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-02-08 - 2025-02-08 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 08 |
2024-01-11 - 2025-01-05 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-02-08 - 2025-02-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b3-7ae0-4e7e-bc2a-5443f19c951d&redirect_uri=https%3A%2F%2Ftd-portal-p.auth.us-east-2.amazoncognito.com%2Foauth2%2Fidpresponse&scope=profile+email+openid&response_type=code&state=H4sIAAAAAAAAAD1SYXOiMBD9L3wuKJFA8ZsoXqGi1Vqt3Nx0QhLSIBCEYFtu7r_fejd3n_Zl9-3bN7v5aRBjavSdyUmnTfT2GoTbMvVlYdwZGVTCpTWjVPW1tlZKyBrSFNLO-HwZCyH6oimlcLzecRiXV5a5QGBAeNe66aajkWaNajUpLZ5r1bedRVU1Km9KI2ByYFLFOMAc4CZazAEKY_rd4BWRJTyaVuWyvDFUw2vJAJCPm4yopVZWJyHWVt_x1iKsAoM_7ox30FqKoGkPp1AO42_Y24WzjSwcuXhu6-Tj4JWJ6WUIecjFruP6f-LEcxCaEIRQDpXbIAk668vCTmehu3_D26TAzpJnK2-X0-SE-QMreLhNTocPEa-HBDoK6HhG-LaFM8BgYVbR5shn2129DqNd95L4Id2rPGyLxURdv1bpENPg4VEeT6FYm6vq-ELlOn2h6duwm88RjUkrD_Fpf76mx_7pMcU0p7au5cE8R9dIBMGh-uq6fYw7N7_cRxo_4nT89HQV8YXNvcHGbRG_lmnN95Hy7PpS6bMOstNw_7mM_PGzl238TqBtfwbHJTjWzPx7MLOxSK_frf9fwyIVGVT9b_FwR2ipjKnt2baLHN_HcCxjmpOy43dGC1pjz82wzSYmw8w2HTtzzfvMz82MU-YTx8mozYxfvwFrIKb0ggIAAA.H4sIAAAAAAAAABN28Zp2jGlKmEFFWSlLrVlk6Irg16kKAZHl6y5K-nXI7QcAY9d5ZCAAAAA.3&sso_reload=true
Frame ID: 1D538CBCAB24C5F7B4B3B043A207C5B6
Requests: 45 HTTP requests in this frame
Frame:
https://tdportal.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 7FC30CB84291DA82B6A0281CFE3FC7A7
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://tdportal.eftours.com/
HTTP 307
https://tdportal.eftours.com/login/?redirect=%2F HTTP 308
https://tdportal.eftours.com/login?redirect=%2F Page URL
-
https://td-portal-p.auth.us-east-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Ftdportal.eftours.com%2Flogin%2F&...
HTTP 302
https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b... Page URL
- https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tdportal.eftours.com/
HTTP 307
https://tdportal.eftours.com/login/?redirect=%2F HTTP 308
https://tdportal.eftours.com/login?redirect=%2F Page URL
-
https://td-portal-p.auth.us-east-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Ftdportal.eftours.com%2Flogin%2F&response_type=code&client_id=40kq0gggujplig47u44deivdb6&identity_provider=EF.Account.Login&scope=email%20profile%20openid%20aws.cognito.signin.user.admin&state=FgBprVYEiz0G57REAOij4iDSrnMwV7lM-7b227265646972656374223a222f227d&code_challenge=NqD1ZAE6T_5QMj54FebL7RfcMY5eHdjeEQMYVwgJNzM&code_challenge_method=S256
HTTP 302
https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b3-7ae0-4e7e-bc2a-5443f19c951d&redirect_uri=https%3A%2F%2Ftd-portal-p.auth.us-east-2.amazoncognito.com%2Foauth2%2Fidpresponse&scope=profile+email+openid&response_type=code&state=H4sIAAAAAAAAAD1SYXOiMBD9L3wuKJFA8ZsoXqGi1Vqt3Nx0QhLSIBCEYFtu7r_fejd3n_Zl9-3bN7v5aRBjavSdyUmnTfT2GoTbMvVlYdwZGVTCpTWjVPW1tlZKyBrSFNLO-HwZCyH6oimlcLzecRiXV5a5QGBAeNe66aajkWaNajUpLZ5r1bedRVU1Km9KI2ByYFLFOMAc4CZazAEKY_rd4BWRJTyaVuWyvDFUw2vJAJCPm4yopVZWJyHWVt_x1iKsAoM_7ox30FqKoGkPp1AO42_Y24WzjSwcuXhu6-Tj4JWJ6WUIecjFruP6f-LEcxCaEIRQDpXbIAk668vCTmehu3_D26TAzpJnK2-X0-SE-QMreLhNTocPEa-HBDoK6HhG-LaFM8BgYVbR5shn2129DqNd95L4Id2rPGyLxURdv1bpENPg4VEeT6FYm6vq-ELlOn2h6duwm88RjUkrD_Fpf76mx_7pMcU0p7au5cE8R9dIBMGh-uq6fYw7N7_cRxo_4nT89HQV8YXNvcHGbRG_lmnN95Hy7PpS6bMOstNw_7mM_PGzl238TqBtfwbHJTjWzPx7MLOxSK_frf9fwyIVGVT9b_FwR2ipjKnt2baLHN_HcCxjmpOy43dGC1pjz82wzSYmw8w2HTtzzfvMz82MU-YTx8mozYxfvwFrIKb0ggIAAA.H4sIAAAAAAAAABN28Zp2jGlKmEFFWSlLrVlk6Irg16kKAZHl6y5K-nXI7QcAY9d5ZCAAAAA.3 Page URL
- https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b3-7ae0-4e7e-bc2a-5443f19c951d&redirect_uri=https%3A%2F%2Ftd-portal-p.auth.us-east-2.amazoncognito.com%2Foauth2%2Fidpresponse&scope=profile+email+openid&response_type=code&state=H4sIAAAAAAAAAD1SYXOiMBD9L3wuKJFA8ZsoXqGi1Vqt3Nx0QhLSIBCEYFtu7r_fejd3n_Zl9-3bN7v5aRBjavSdyUmnTfT2GoTbMvVlYdwZGVTCpTWjVPW1tlZKyBrSFNLO-HwZCyH6oimlcLzecRiXV5a5QGBAeNe66aajkWaNajUpLZ5r1bedRVU1Km9KI2ByYFLFOMAc4CZazAEKY_rd4BWRJTyaVuWyvDFUw2vJAJCPm4yopVZWJyHWVt_x1iKsAoM_7ox30FqKoGkPp1AO42_Y24WzjSwcuXhu6-Tj4JWJ6WUIecjFruP6f-LEcxCaEIRQDpXbIAk668vCTmehu3_D26TAzpJnK2-X0-SE-QMreLhNTocPEa-HBDoK6HhG-LaFM8BgYVbR5shn2129DqNd95L4Id2rPGyLxURdv1bpENPg4VEeT6FYm6vq-ELlOn2h6duwm88RjUkrD_Fpf76mx_7pMcU0p7au5cE8R9dIBMGh-uq6fYw7N7_cRxo_4nT89HQV8YXNvcHGbRG_lmnN95Hy7PpS6bMOstNw_7mM_PGzl238TqBtfwbHJTjWzPx7MLOxSK_frf9fwyIVGVT9b_FwR2ipjKnt2baLHN_HcCxjmpOy43dGC1pjz82wzSYmw8w2HTtzzfvMz82MU-YTx8mozYxfvwFrIKb0ggIAAA.H4sIAAAAAAAAABN28Zp2jGlKmEFFWSlLrVlk6Irg16kKAZHl6y5K-nXI7QcAY9d5ZCAAAAA.3&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://tdportal.eftours.com/ HTTP 307
- https://tdportal.eftours.com/login/?redirect=%2F HTTP 308
- https://tdportal.eftours.com/login?redirect=%2F
- https://tdportal.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://tdportal.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
- https://tdportal.eftours.com/favicon.png HTTP 307
- https://tdportal.eftours.com/login/?redirect=%2Ffavicon.png HTTP 308
- https://tdportal.eftours.com/login?redirect=%2Ffavicon.png
- https://td-portal-p.auth.us-east-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Ftdportal.eftours.com%2Flogin%2F&response_type=code&client_id=40kq0gggujplig47u44deivdb6&identity_provider=EF.Account.Login&scope=email%20profile%20openid%20aws.cognito.signin.user.admin&state=FgBprVYEiz0G57REAOij4iDSrnMwV7lM-7b227265646972656374223a222f227d&code_challenge=NqD1ZAE6T_5QMj54FebL7RfcMY5eHdjeEQMYVwgJNzM&code_challenge_method=S256 HTTP 302
- https://login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/authorize?client_id=9d2345b3-7ae0-4e7e-bc2a-5443f19c951d&redirect_uri=https%3A%2F%2Ftd-portal-p.auth.us-east-2.amazoncognito.com%2Foauth2%2Fidpresponse&scope=profile+email+openid&response_type=code&state=H4sIAAAAAAAAAD1SYXOiMBD9L3wuKJFA8ZsoXqGi1Vqt3Nx0QhLSIBCEYFtu7r_fejd3n_Zl9-3bN7v5aRBjavSdyUmnTfT2GoTbMvVlYdwZGVTCpTWjVPW1tlZKyBrSFNLO-HwZCyH6oimlcLzecRiXV5a5QGBAeNe66aajkWaNajUpLZ5r1bedRVU1Km9KI2ByYFLFOMAc4CZazAEKY_rd4BWRJTyaVuWyvDFUw2vJAJCPm4yopVZWJyHWVt_x1iKsAoM_7ox30FqKoGkPp1AO42_Y24WzjSwcuXhu6-Tj4JWJ6WUIecjFruP6f-LEcxCaEIRQDpXbIAk668vCTmehu3_D26TAzpJnK2-X0-SE-QMreLhNTocPEa-HBDoK6HhG-LaFM8BgYVbR5shn2129DqNd95L4Id2rPGyLxURdv1bpENPg4VEeT6FYm6vq-ELlOn2h6duwm88RjUkrD_Fpf76mx_7pMcU0p7au5cE8R9dIBMGh-uq6fYw7N7_cRxo_4nT89HQV8YXNvcHGbRG_lmnN95Hy7PpS6bMOstNw_7mM_PGzl238TqBtfwbHJTjWzPx7MLOxSK_frf9fwyIVGVT9b_FwR2ipjKnt2baLHN_HcCxjmpOy43dGC1pjz82wzSYmw8w2HTtzzfvMz82MU-YTx8mozYxfvwFrIKb0ggIAAA.H4sIAAAAAAAAABN28Zp2jGlKmEFFWSlLrVlk6Irg16kKAZHl6y5K-nXI7QcAY9d5ZCAAAAA.3
47 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
login
tdportal.eftours.com/ Redirect Chain
|
25 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c21d0b30e9eb1472.css
tdportal.eftours.com/_next/static/css/ |
262 B 262 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-ada8463e200279f5.js
tdportal.eftours.com/_next/static/chunks/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1dd3208c-eaf83ad536cf4b0f.js
tdportal.eftours.com/_next/static/chunks/ |
160 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1053-97b3ff16b5a04cd9.js
tdportal.eftours.com/_next/static/chunks/ |
108 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-app-03612bcc77c19215.js
tdportal.eftours.com/_next/static/chunks/ |
519 B 312 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-error-e82d397fc80eba49.js
tdportal.eftours.com/_next/static/chunks/app/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
812-9940b104730db36a.js
tdportal.eftours.com/_next/static/chunks/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7623-431fc0136523d221.js
tdportal.eftours.com/_next/static/chunks/ |
72 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
690-ba41406a24ac3674.js
tdportal.eftours.com/_next/static/chunks/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3302-5178e7ad27de4386.js
tdportal.eftours.com/_next/static/chunks/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
623-d6f6d0ae7d8c48a1.js
tdportal.eftours.com/_next/static/chunks/ |
727 KB 146 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7612-a94e4b8e989a54e4.js
tdportal.eftours.com/_next/static/chunks/ |
71 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4913-78d422e0d0579ef0.js
tdportal.eftours.com/_next/static/chunks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5278-440f34dd18df3598.js
tdportal.eftours.com/_next/static/chunks/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2352-d5d6c4283b882f4c.js
tdportal.eftours.com/_next/static/chunks/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9498-a77dedbf6c68f368.js
tdportal.eftours.com/_next/static/chunks/ |
229 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout-102ba4e07354a5bb.js
tdportal.eftours.com/_next/static/chunks/app/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error-5e43c2b46b9725f4.js
tdportal.eftours.com/_next/static/chunks/app/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8765-9d78db1297ab0ab6.js
tdportal.eftours.com/_next/static/chunks/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
not-found-c35b6af1195684db.js
tdportal.eftours.com/_next/static/chunks/app/ |
42 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
745-e33d6939c8e33bb9.js
tdportal.eftours.com/_next/static/chunks/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8581-20a64a13b796b811.js
tdportal.eftours.com/_next/static/chunks/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-7c2853b4ef675782.js
tdportal.eftours.com/_next/static/chunks/app/login/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
tdportal.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 7FC3 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
86b73f383d0d3371
tdportal.eftours.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7FC3 |
0 321 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login
tdportal.eftours.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
authorize
login.microsoftonline.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/oauth2/v2.0/ |
48 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
110 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
433 KB 119 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
54 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_4d4b76a02ae121e3b20c.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/c1c6b6c8-xbpr1czuqg3dnuqkfrk5rmw-zzill1w6xqwzbttakem/logintenantbranding/0/ |
238 KB 238 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-xbpr1czuqg3dnuqkfrk5rmw-zzill1w6xqwzbttakem/logintenantbranding/0/ |
7 KB 8 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/f0d1c6fd-dff0-486a-8e91-cfefefc7d98d/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 646 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tdportal.eftours.com
- URL
- https://tdportal.eftours.com/login?redirect=%2Ffavicon.png
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f boolean| __convergedlogin_pfetchsessionsprogress_4d4b76a02ae121e3b20c boolean| __convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb5721 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.eftours.com/ | Name: __cf_bm Value: RWPIKMxSPEsc.HyH7ZraKzwC4fMJWmeEg98C.lgSyf8-1711624994-1.0.1.1-Qmky40oNfwpp93jtYconJg1BHh22AMAYr8NOzZtaiMCThIip4EVRV9rQwAEJwYje625t2CsJ6Q5ReZRd89w6BzFAj4Fz54EN.ZeRbzABNm0 |
|
.eftours.com/ | Name: _cfuvid Value: YSIWkHlhrn.fjeVmjrYFHHvXcoaNTFhp2vmUGlFs13Y-1711624994379-0.0.1.1-604800000 |
|
.eftours.com/ | Name: cf_clearance Value: .LVW7JREUN9e6864vRKW6j.FQNcUK1EWuohsHpD3t9o-1711624995-1.0.1.1-FJG1RzClFdnp8YZ3z.IggmYFS1jPbEia9hs3vjbfPETKJkmifBlEqWR5YdGC1AuUksITOi63fNsdvO_HM8CB5g |
|
td-portal-p.auth.us-east-2.amazoncognito.com/ | Name: XSRF-TOKEN Value: d9177ef8-48ca-48e6-a4a8-7b3f14c1f145 |
|
td-portal-p.auth.us-east-2.amazoncognito.com/ | Name: csrf-state Value: BD-mIOWeAQRnNEIRsUM9EcTofErjD3ovyLZzJcBHKiWYEgN-LmWUciNZUcZ_zRCC2cJariVJYTkvZWuPKZ5cfc1tniV-kIvIgBBVmyssTJ5s6fq8It5K5Z0PPvgJqdC7z15rjJXlZneTIo71nqmtktBbYz8xFI90S7bO9sg2Quk |
|
td-portal-p.auth.us-east-2.amazoncognito.com/ | Name: csrf-state-legacy Value: BD-mIOWeAQRnNEIRsUM9EcTofErjD3ovyLZzJcBHKiWYEgN-LmWUciNZUcZ_zRCC2cJariVJYTkvZWuPKZ5cfc1tniV-kIvIgBBVmyssTJ5s6fq8It5K5Z0PPvgJqdC7z15rjJXlZneTIo71nqmtktBbYz8xFI90S7bO9sg2Quk |
|
.login.microsoftonline.com/ | Name: esctx-48kAAdJswU Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8Lsr2mcQX3pCQDnC-jlbhCtoKl0Sjc5DtsDZkBr2AkCuveYLi6QJM4sg4pTe2E1XaYcvMRWrN3y6bszHV9MqjMlTOqCFXT3tx38TqsS0YHyeu6SgnJ2rJvQaWMOOYZ7osQSMeWIcHiySwXDQzX-ZdOiAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.ARAA_cbR8PDfakiOkc_v78fZjbNFI53gen5OvCpUQ_GclR2XAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8AliCauwtNm-8JrHiJKHH5VBXUllv6cWtKv-kHuboNQGzDrXJCFp58hgF0Nk0nsohHXCeKkD65besahKRfMPzD-X7CkytgP6ZadeSOKCNzVMgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8HhD_5ddu4-CdL_x9Pw7cCysFJL4dzcjxTWQJhV6NxyHb2pyztjasw2fttx39HdjEXVXWZGLGGf7FFEHvAHJCE2LQDYHoUocWxHMluOwIY1LooMIZlj8tXnDp--5NN-PSaKi8rZmBOlu4bcMobbuirPULoVcdD0VdMVPL_ft2T50gAA |
|
.login.microsoftonline.com/ | Name: esctx-VOmT7Q4HcHU Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8UHB4OyAp_AEh8nZXrFzrcBUpLj496DIVbRPBCAriZyOfqqgSFEcGnnL92-pHLCyye0KBMQGsyAKFo9RTOApNQZqca_O8gggQi5xWublP5VR9nLSjxOWlFUm9SLjxERE4HtECk09PJ-k38K_3gFp81yAA |
|
login.microsoftonline.com/ | Name: fpc Value: Ag3itknPM49AslWWcGih0t9fqIyjAQAAACNKl90OAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: bc7daeef616f415ca24a481c49960278 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1711624997&co=1 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: AtOEIRhjNbtDqRTumKZ6c5I |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
td-portal-p.auth.us-east-2.amazoncognito.com
tdportal.eftours.com
tdportal.eftours.com
20.190.190.196
2600:1f16:9b9:9602:69f2:10f1:2eb5:fc96
2603:1036:3000:f8::1
2603:1036:3000:f8::3
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700::6811:d648
2620:1ec:46::40
0396b8c40c7de0289c95e74597d88e2f823cfa3df323cfedb84c0573990a94d6
0abb6657fa923189b3d00a40269286b5f4f726d12da33c4ef8f6b1a0eda2f3aa
0faf0946442abea3d24c58127b008b0eeb713278ccc25d095211d79e1c8f1108
1148958738142f3a6ff4c9cac3b69db371213123635d71c933818eafd5852cdd
12899ec10fdf39b40db977df97019877adde1836366dbefd3e1e7f0e93f18502
13db1fea6d5ef7fb7b4d2710c40f2b4e1c6a7a73b9f9e3e198e83210d7934e28
1a593c25442e0b30d379ee4a9c5c8772c70e097c4f92bfefe07baf8c168e79ee
1ca660f764b4d3873a88e81e8c016eeb3aa47d2d6348b88b58eb0c6491ebd314
23c9a94355b39e3ba4b626f8fabc7316fbf66776d5b0aac73abbbea6e3bd6a93
2f115fcdda141810b1b09ad88559c89e9f8694491ae1663ad78d20410d5cf266
30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c
33275cfe2928a1c89f4954a7d589c167bd328494bf2ee9c7af1f944283a1f9df
33c78f10bad582086bc129e8f0189ca23f999e822f53c6011075c377fbeb5518
3e205ed472a6d28f2f566e5b6234fa8e250667265409a8fb852a5d7b7a9401b4
43c9555d4cfd69f405e458370c806b608ddcb0d01fb251fe18c860dbfa7c930b
49bd3382f2d2c171947474fc65b701ded717bf69a6e88505b84da1d69b3c2f1e
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
536d744f667534c8c15fccd867ac387ac28986c54867d97f492800d1aa547338
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0
7a7431613d3312c7b976e8e6382904d5e4107fb4741a040c2cf8e3a573c11789
862be5bf18c170f2ec414f87eb87ac9fad57fa943bf23966ee7f0eb0f6bf839e
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b0b380ac1534e03d0416b7504aadd78a06653555df2f8eb524d68054a9df6f8
8c42381d17119927e4892a7b8369b7a01eb58588a3a3e453036d8816046e0ebe
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90c460fbcade6affa0f2e2c4789a156ddd8f024d1c01ad9977ffed5076feaaa5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
90f795a6ebc07b86385a32fd986cfaceef60f00d64e34d102882b942a1c7db91
9e32968df9bfa0b342699dbcf35428058dfbd4c264b79c0a2c27507fdb4a9dde
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b96a0f304b92f2f38b06111b35e7615fd4bf34dba4c2a9fdc47678205fe665a2
bb75a354894e75ade8eaaf1fd0746db3b8828b27d40c29a8a822d6a5c2d854d1
c0fae4680acbe7c709754344cc3d15feca356a1907d8d75fb1237f0c80a42a31
c3472d594bbad8d28658df0bb8e6575157800838de72b9b949ccfdd9d53eaebf
cc2845102cc2dac3cbfee30dac72812880375263a275f600ee8868426ee9a937
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d3fc5687c55764922910f52daed7a05ba09555ee8a480491bb5848a248efda3f
db49adac21508dc8ac1dfad2e10e7efe2f0beea6e98370bb1e76f70441e86a98
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c
e1a4813a590effe4a3b09c336cd179c21a38db00b9513db097ed547aa09ab7f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e597b6836f6398108dfdd4ffa0a27d0cc317fc5a16c2e90a068eb0ea64ce0815
fe5000b2502580ce55b30f6b53b7170a6b07c92da43dd2dc5493b48d2b9184cf