![](/screenshots/ee686591-7f9d-4be0-8d15-913335c4c2b4.png)
login.microsoftonline.com
Open in
urlscan Pro
20.190.159.19
Public Scan
Effective URL: https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHCQqxuluKaCG1xKARDCzYu...
Submission: On September 29 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 8 | 104.18.11.73 104.18.11.73 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:400d:80c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:6ea0:cb0... 2a02:6ea0:cb00::2 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
2 | 104.18.10.73 104.18.10.73 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:1f18:24e... 2600:1f18:24e6:b900:c17a:225d:3c44:ae3e | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 20.190.159.19 20.190.159.19 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
1 | 40.126.31.71 40.126.31.71 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 9 |
ASN13335 (CLOUDFLARENET, US)
surveyor-capital.cmgecm.com | |
surveyor-capital.id.cmgecm.com |
ASN13335 (CLOUDFLARENET, US)
surveyor-capital.id.cmgecm.com |
ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
cmgecm.com
4 redirects
surveyor-capital.cmgecm.com surveyor-capital.id.cmgecm.com |
2 MB |
5 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1143 |
175 KB |
2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3296 |
167 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23 |
106 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 94 |
|
1 |
datadoghq.com
rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3716 |
|
1 |
headwayapp.co
cdn.headwayapp.co — Cisco Umbrella Rank: 28489 |
7 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 |
1 KB |
19 | 8 |
Domain | Requested by | |
---|---|---|
5 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
5 | surveyor-capital.id.cmgecm.com |
3 redirects
surveyor-capital.cmgecm.com
|
5 | surveyor-capital.cmgecm.com |
1 redirects
surveyor-capital.cmgecm.com
|
2 | aadcdn.msftauthimages.net | |
2 | login.microsoftonline.com |
surveyor-capital.cmgecm.com
login.microsoftonline.com |
1 | login.live.com |
login.microsoftonline.com
|
1 | rum-http-intake.logs.datadoghq.com |
surveyor-capital.cmgecm.com
|
1 | cdn.headwayapp.co |
surveyor-capital.cmgecm.com
|
1 | fonts.googleapis.com |
surveyor-capital.cmgecm.com
|
19 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cmgecm.com Cloudflare Inc ECC CA-3 |
2022-08-01 - 2023-08-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
1529036741.rsc.cdn77.org R3 |
2022-08-19 - 2022-11-17 |
3 months | crt.sh |
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-09-01 - 2023-09-01 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-06-09 - 2023-06-09 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 01 |
2022-07-07 - 2023-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHCQqxuluKaCG1xKARDCzYue0KWPIjuBwG%2Fn5MenhKsHS5zr11y16hdJZPYpjTvb%2BEhxkwkSdnPYrDzZrO0Ysg0aDw0gGKpMTV8Otc8JKJKYYUVLD0I%2FMzIhEhJhM8Jbvtmho99mw%2F1pq13V61bQNSd3Uzdq3qVS71nJIbiJiBNc18phBn2HlM0qdcYpwXrC94%2F4ediONO8OaWkm2OYbxMC3Wf0oSiqmy4M750RsWAYUzBW%2BOhVMFVcMzUqIAVrNVd0eqmKXqddWuuede2e5lnqpZslAyv858Gj7ODeAXx0Si4vjx%2Ft8I5PsJziIWSk0nSlkaXyt2BcosfYjjIVYNCujkiZLUcxZItbl72l9vFV5nDflfVp%2BY3ehIXedu77e9gjXomZyE6mb5%2FjLqsl4rRxbi0CnDS2EHrCIg5qLXh72kEmWBNU5yBkmpz9N%2F884%2FZ%2FAMAAP%2F%2FAwA%3D&RelayState=7Pe8_mzuQfiexhOibNAu1kCZ&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JuFfcZ60ca7z6Sje8Eiz8f2xA7z8%2Fg4uHdbXQWk66XYuGf4aAv2akVmE%2BBBrRPo%2Fqi%2B1DN051knN4EX0XxTCvT1ZSI4uUTPTnOrrWJrVzPd0gDSpZXXZQcbKWfEdNfk7gvtjRmPFB2UBhhT%2B%2Fqn%2Fn1J1oSZsPv42iTz7u7WMeOiW4OtK2sGF1y91%2F3R031NtgY6RS5l5Kep0xqkihQW5%2BjuyIGwc59vttDfL0g6djeJXI2RcjkQ3WBm%2FNjND6GwgWgMAsWkL33td5M8C52V6F5vB1BqupaVdJ1KCpbSfgWBj%2FDtLejdhMoGpO%2F%2B%2BrAgZdDQKiK3PbljhqO2mxXCKN4KG36o6kn06oIjjurXBgzPNn3q7cpfliDOhMQAZ2blKF4QMIGgtuWPiVhzLGODbeqrZM5zb5uskmnSvF6hhyn5WMwfL%2F1xjB1UVQxT8OCeWJfkKw5GxPLFABtjLaK%2BLOkziHfxjojgvg6NRQsl7znyMlLxre53JwL3M0S8l9tCPmp1LdkREgIIKj53nVe7bcqRR4%2FXulw9WXbd2%2Bw%2FnSS9zulVl9vdQ3F5%2F9jvpvBEJSyq46bqzk74%2FJweAMDWCvsFWiK51aLTIR1fq1dGcrnU3hy6xAlHH6KL2jjE3EMTQ8LedAe8Gu32jvXiOi6PHDLcdcmTid3WpuTFl2UxqmEI%3D&sso_reload=true
Frame ID: 7AD201E885B757A22F1B74CFBA84C0A3
Requests: 18 HTTP requests in this frame
Screenshot
![](/screenshots/ee686591-7f9d-4be0-8d15-913335c4c2b4.png)
Page Title
Sign in to your accountPage URL History Show full URLs
-
http://surveyor-capital.cmgecm.com/
HTTP 301
https://surveyor-capital.cmgecm.com/ Page URL
-
https://surveyor-capital.id.cmgecm.com/connect/authorize?client_id=cmg-app&redirect_uri=https%3A%2F%2Fsurveyor-capi...
HTTP 302
https://surveyor-capital.id.cmgecm.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcmg-... HTTP 302
https://surveyor-capital.id.cmgecm.com/External/Challenge?provider=Saml2P&returnUrl=%2Fconnect%2Fauthorize%2Fcallba... HTTP 303
https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHC... Page URL
- https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHC... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://surveyor-capital.cmgecm.com/
HTTP 301
https://surveyor-capital.cmgecm.com/ Page URL
-
https://surveyor-capital.id.cmgecm.com/connect/authorize?client_id=cmg-app&redirect_uri=https%3A%2F%2Fsurveyor-capital.cmgecm.com%2Foidc-login-callback&response_type=code&scope=openid%20email%20profile%20dl%3Afull%20mgmt_api%3Afull%20xc%3Afull&state=7c1345a0e1ee4228a7f2a6b19aec919d&code_challenge=WVSiLVD9sHlhbTmrSQa-yjoXqYmhV4voqwcfueZMMmY&code_challenge_method=S256
HTTP 302
https://surveyor-capital.id.cmgecm.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcmg-app%26redirect_uri%3Dhttps%253A%252F%252Fsurveyor-capital.cmgecm.com%252Foidc-login-callback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520dl%253Afull%2520mgmt_api%253Afull%2520xc%253Afull%26state%3D7c1345a0e1ee4228a7f2a6b19aec919d%26code_challenge%3DWVSiLVD9sHlhbTmrSQa-yjoXqYmhV4voqwcfueZMMmY%26code_challenge_method%3DS256 HTTP 302
https://surveyor-capital.id.cmgecm.com/External/Challenge?provider=Saml2P&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcmg-app%26redirect_uri%3Dhttps%253A%252F%252Fsurveyor-capital.cmgecm.com%252Foidc-login-callback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520dl%253Afull%2520mgmt_api%253Afull%2520xc%253Afull%26state%3D7c1345a0e1ee4228a7f2a6b19aec919d%26code_challenge%3DWVSiLVD9sHlhbTmrSQa-yjoXqYmhV4voqwcfueZMMmY%26code_challenge_method%3DS256 HTTP 303
https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHCQqxuluKaCG1xKARDCzYue0KWPIjuBwG%2Fn5MenhKsHS5zr11y16hdJZPYpjTvb%2BEhxkwkSdnPYrDzZrO0Ysg0aDw0gGKpMTV8Otc8JKJKYYUVLD0I%2FMzIhEhJhM8Jbvtmho99mw%2F1pq13V61bQNSd3Uzdq3qVS71nJIbiJiBNc18phBn2HlM0qdcYpwXrC94%2F4ediONO8OaWkm2OYbxMC3Wf0oSiqmy4M750RsWAYUzBW%2BOhVMFVcMzUqIAVrNVd0eqmKXqddWuuede2e5lnqpZslAyv858Gj7ODeAXx0Si4vjx%2Ft8I5PsJziIWSk0nSlkaXyt2BcosfYjjIVYNCujkiZLUcxZItbl72l9vFV5nDflfVp%2BY3ehIXedu77e9gjXomZyE6mb5%2FjLqsl4rRxbi0CnDS2EHrCIg5qLXh72kEmWBNU5yBkmpz9N%2F884%2FZ%2FAMAAP%2F%2FAwA%3D&RelayState=7Pe8_mzuQfiexhOibNAu1kCZ&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JuFfcZ60ca7z6Sje8Eiz8f2xA7z8%2Fg4uHdbXQWk66XYuGf4aAv2akVmE%2BBBrRPo%2Fqi%2B1DN051knN4EX0XxTCvT1ZSI4uUTPTnOrrWJrVzPd0gDSpZXXZQcbKWfEdNfk7gvtjRmPFB2UBhhT%2B%2Fqn%2Fn1J1oSZsPv42iTz7u7WMeOiW4OtK2sGF1y91%2F3R031NtgY6RS5l5Kep0xqkihQW5%2BjuyIGwc59vttDfL0g6djeJXI2RcjkQ3WBm%2FNjND6GwgWgMAsWkL33td5M8C52V6F5vB1BqupaVdJ1KCpbSfgWBj%2FDtLejdhMoGpO%2F%2B%2BrAgZdDQKiK3PbljhqO2mxXCKN4KG36o6kn06oIjjurXBgzPNn3q7cpfliDOhMQAZ2blKF4QMIGgtuWPiVhzLGODbeqrZM5zb5uskmnSvF6hhyn5WMwfL%2F1xjB1UVQxT8OCeWJfkKw5GxPLFABtjLaK%2BLOkziHfxjojgvg6NRQsl7znyMlLxre53JwL3M0S8l9tCPmp1LdkREgIIKj53nVe7bcqRR4%2FXulw9WXbd2%2Bw%2FnSS9zulVl9vdQ3F5%2F9jvpvBEJSyq46bqzk74%2FJweAMDWCvsFWiK51aLTIR1fq1dGcrnU3hy6xAlHH6KL2jjE3EMTQ8LedAe8Gu32jvXiOi6PHDLcdcmTid3WpuTFl2UxqmEI%3D Page URL
- https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHCQqxuluKaCG1xKARDCzYue0KWPIjuBwG%2Fn5MenhKsHS5zr11y16hdJZPYpjTvb%2BEhxkwkSdnPYrDzZrO0Ysg0aDw0gGKpMTV8Otc8JKJKYYUVLD0I%2FMzIhEhJhM8Jbvtmho99mw%2F1pq13V61bQNSd3Uzdq3qVS71nJIbiJiBNc18phBn2HlM0qdcYpwXrC94%2F4ediONO8OaWkm2OYbxMC3Wf0oSiqmy4M750RsWAYUzBW%2BOhVMFVcMzUqIAVrNVd0eqmKXqddWuuede2e5lnqpZslAyv858Gj7ODeAXx0Si4vjx%2Ft8I5PsJziIWSk0nSlkaXyt2BcosfYjjIVYNCujkiZLUcxZItbl72l9vFV5nDflfVp%2BY3ehIXedu77e9gjXomZyE6mb5%2FjLqsl4rRxbi0CnDS2EHrCIg5qLXh72kEmWBNU5yBkmpz9N%2F884%2FZ%2FAMAAP%2F%2FAwA%3D&RelayState=7Pe8_mzuQfiexhOibNAu1kCZ&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JuFfcZ60ca7z6Sje8Eiz8f2xA7z8%2Fg4uHdbXQWk66XYuGf4aAv2akVmE%2BBBrRPo%2Fqi%2B1DN051knN4EX0XxTCvT1ZSI4uUTPTnOrrWJrVzPd0gDSpZXXZQcbKWfEdNfk7gvtjRmPFB2UBhhT%2B%2Fqn%2Fn1J1oSZsPv42iTz7u7WMeOiW4OtK2sGF1y91%2F3R031NtgY6RS5l5Kep0xqkihQW5%2BjuyIGwc59vttDfL0g6djeJXI2RcjkQ3WBm%2FNjND6GwgWgMAsWkL33td5M8C52V6F5vB1BqupaVdJ1KCpbSfgWBj%2FDtLejdhMoGpO%2F%2B%2BrAgZdDQKiK3PbljhqO2mxXCKN4KG36o6kn06oIjjurXBgzPNn3q7cpfliDOhMQAZ2blKF4QMIGgtuWPiVhzLGODbeqrZM5zb5uskmnSvF6hhyn5WMwfL%2F1xjB1UVQxT8OCeWJfkKw5GxPLFABtjLaK%2BLOkziHfxjojgvg6NRQsl7znyMlLxre53JwL3M0S8l9tCPmp1LdkREgIIKj53nVe7bcqRR4%2FXulw9WXbd2%2Bw%2FnSS9zulVl9vdQ3F5%2F9jvpvBEJSyq46bqzk74%2FJweAMDWCvsFWiK51aLTIR1fq1dGcrnU3hy6xAlHH6KL2jjE3EMTQ8LedAe8Gu32jvXiOi6PHDLcdcmTid3WpuTFl2UxqmEI%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://surveyor-capital.cmgecm.com/ HTTP 301
- https://surveyor-capital.cmgecm.com/
- https://surveyor-capital.id.cmgecm.com/connect/authorize?client_id=cmg-app&redirect_uri=https%3A%2F%2Fsurveyor-capital.cmgecm.com%2Foidc-login-callback&response_type=code&scope=openid%20email%20profile%20dl%3Afull%20mgmt_api%3Afull%20xc%3Afull&state=7c1345a0e1ee4228a7f2a6b19aec919d&code_challenge=WVSiLVD9sHlhbTmrSQa-yjoXqYmhV4voqwcfueZMMmY&code_challenge_method=S256 HTTP 302
- https://surveyor-capital.id.cmgecm.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcmg-app%26redirect_uri%3Dhttps%253A%252F%252Fsurveyor-capital.cmgecm.com%252Foidc-login-callback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520dl%253Afull%2520mgmt_api%253Afull%2520xc%253Afull%26state%3D7c1345a0e1ee4228a7f2a6b19aec919d%26code_challenge%3DWVSiLVD9sHlhbTmrSQa-yjoXqYmhV4voqwcfueZMMmY%26code_challenge_method%3DS256 HTTP 302
- https://surveyor-capital.id.cmgecm.com/External/Challenge?provider=Saml2P&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcmg-app%26redirect_uri%3Dhttps%253A%252F%252Fsurveyor-capital.cmgecm.com%252Foidc-login-callback%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520dl%253Afull%2520mgmt_api%253Afull%2520xc%253Afull%26state%3D7c1345a0e1ee4228a7f2a6b19aec919d%26code_challenge%3DWVSiLVD9sHlhbTmrSQa-yjoXqYmhV4voqwcfueZMMmY%26code_challenge_method%3DS256 HTTP 303
- https://login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/saml2?SAMLRequest=fJLLTuQwEEX3fIXlfRLHCQqxuluKaCG1xKARDCzYue0KWPIjuBwG%2Fn5MenhKsHS5zr11y16hdJZPYpjTvb%2BEhxkwkSdnPYrDzZrO0Ysg0aDw0gGKpMTV8Otc8JKJKYYUVLD0I%2FMzIhEhJhM8Jbvtmho99mw%2F1pq13V61bQNSd3Uzdq3qVS71nJIbiJiBNc18phBn2HlM0qdcYpwXrC94%2F4ediONO8OaWkm2OYbxMC3Wf0oSiqmy4M750RsWAYUzBW%2BOhVMFVcMzUqIAVrNVd0eqmKXqddWuuede2e5lnqpZslAyv858Gj7ODeAXx0Si4vjx%2Ft8I5PsJziIWSk0nSlkaXyt2BcosfYjjIVYNCujkiZLUcxZItbl72l9vFV5nDflfVp%2BY3ehIXedu77e9gjXomZyE6mb5%2FjLqsl4rRxbi0CnDS2EHrCIg5qLXh72kEmWBNU5yBkmpz9N%2F884%2FZ%2FAMAAP%2F%2FAwA%3D&RelayState=7Pe8_mzuQfiexhOibNAu1kCZ&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JuFfcZ60ca7z6Sje8Eiz8f2xA7z8%2Fg4uHdbXQWk66XYuGf4aAv2akVmE%2BBBrRPo%2Fqi%2B1DN051knN4EX0XxTCvT1ZSI4uUTPTnOrrWJrVzPd0gDSpZXXZQcbKWfEdNfk7gvtjRmPFB2UBhhT%2B%2Fqn%2Fn1J1oSZsPv42iTz7u7WMeOiW4OtK2sGF1y91%2F3R031NtgY6RS5l5Kep0xqkihQW5%2BjuyIGwc59vttDfL0g6djeJXI2RcjkQ3WBm%2FNjND6GwgWgMAsWkL33td5M8C52V6F5vB1BqupaVdJ1KCpbSfgWBj%2FDtLejdhMoGpO%2F%2B%2BrAgZdDQKiK3PbljhqO2mxXCKN4KG36o6kn06oIjjurXBgzPNn3q7cpfliDOhMQAZ2blKF4QMIGgtuWPiVhzLGODbeqrZM5zb5uskmnSvF6hhyn5WMwfL%2F1xjB1UVQxT8OCeWJfkKw5GxPLFABtjLaK%2BLOkziHfxjojgvg6NRQsl7znyMlLxre53JwL3M0S8l9tCPmp1LdkREgIIKj53nVe7bcqRR4%2FXulw9WXbd2%2Bw%2FnSS9zulVl9vdQ3F5%2F9jvpvBEJSyq46bqzk74%2FJweAMDWCvsFWiK51aLTIR1fq1dGcrnU3hy6xAlHH6KL2jjE3EMTQ8LedAe8Gu32jvXiOi6PHDLcdcmTid3WpuTFl2UxqmEI%3D
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
surveyor-capital.cmgecm.com/ Redirect Chain
|
912 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-env.js
surveyor-capital.cmgecm.com/ |
2 KB 822 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
cdn.headwayapp.co/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.35b60ddc.js
surveyor-capital.cmgecm.com/static/js/ |
7 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.009094f3.css
surveyor-capital.cmgecm.com/static/css/ |
355 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
surveyor-capital.id.cmgecm.com/.well-known/ |
2 KB 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
openid-configuration
surveyor-capital.id.cmgecm.com/.well-known/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pub366768ea33c3bbfdf96cf4507f321034
rum-http-intake.logs.datadoghq.com/v1/input/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/ Redirect Chain
|
152 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/e50cfce0-04d7-4d33-9d22-12d2744baad7/ |
193 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_-V3xa2nmP3boz2dclcS4jg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
383 KB 109 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en-gb.min_voqwqgzlti1baex6bhwb-q2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 13 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/dbd5a2dd-gekg9pxxyz3fsdusqv9vdppe9085ljzdmywj7sr1fzq/logintenantbranding/0/ |
164 KB 164 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-gekg9pxxyz3fsdusqv9vdppe9085ljzdmywj7sr1fzq/logintenantbranding/0/ |
2 KB 3 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 784 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pcustomizationloader_6b8fffaf21337fcc397013 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
surveyor-capital.cmgecm.com/ | Name: mp_ebd87c57975381d0e91a1d2b25af8d25_mixpanel Value: %7B%22distinct_id%22%3A%20%221838876f8fd258-08d6a05ce27ede-133b347b-1d4c00-1838876f8ff653%22%2C%22%24device_id%22%3A%20%221838876f8fd258-08d6a05ce27ede-133b347b-1d4c00-1838876f8ff653%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
surveyor-capital.cmgecm.com/ | Name: _dd_s Value: rum=1&id=b3652257-4903-4676-9a0a-e3041e47e151&created=1664441841967&expire=1664442741976&logs=1 |
|
surveyor-capital.id.cmgecm.com/ | Name: Saml2.7Pe8_mzuQfiexhOibNAu1kCZ Value: CfDJ8JeBuUu8ifJDrT1N2dqMcYi-dI_BjuGybdmT5xna8WllUOwYdAlIQTdoOsZIS5k-ImExQ6a9DNbM43NGA5U5WKUGJD2qA-jwyN4LtH-qdDpgmBoneXXnFfSjp4UH_qHWxX0zsfIgzIsuuFoJ1Jmc6dhhBmo5jpZrB7HBkuR0uoQDdQKmEHocb8JcFREpIfnIWYc2PhhzdHwVpxd8W0V6ai6L-JaNhPi46R1DExMtWpkFwoohO70a3bOod085BKn91eviyeAHtPfNqJFLl7B0JdzTe1Qkr-2ZbOtbyhoMedu7DwvxtAYRB8awJFN21P4Lc2bYuZWlYQndwWx66ILKcPxSKanZb6D_h_ogTN3xPYdIdL_X5IC0uzeOAWA1sa-mUpZGLgVw2h2K_fWUmCtM7yoZIiwo-bHgzofBy993lUcrpxH3Tf6oqxoAFZc0Cfo07zM1Qg7z_UxM5SlC1er0X64Q_nD_GccPBaVYsTznF0kHy-QZejnjHoPwTEU-_h0tIlWI5kmXssVEcLZ8MLPtTsN22buZX8sU6b34T5CO_brSlHzPKmnJrSRD52vtRAoKrVTyy0XF7ZzJQtY6lMaVdjw9NblHkW3-gTUrRrqx3j0TLpq_HkfFXydDnpaZm98JCP1Q4gBVqkb7xmWA6iUXtTbjsNgsOA2oq-7mDM_sjc-RmGuS2p5B90pSfJ5upD-Ucik649QocYkePEnmTvHhNQUjduoSptCVgT3jyVOw14uS9CB5FN0lIOKEU5Hu48aHPw.. |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.ARcA4PwM5dcEM02dIhLSdEuq1-dNmtH73v5Dtw1MPzqp5IMXAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrAnfEbofv-BMwKHJrx8HkdvJwLYpIM4QpX6CblyIATArKChz9p4Nki7NCMADmF-bryVyThOd-kh3gA4JOAV6x5eLLOE9bIKG_XwmVbNQ8T34gAA |
|
login.microsoftonline.com/ | Name: fpc Value: Av_lSYb4sDlKsLY0v_SPNdnlxTY5AQAAAPNUx9oOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrjBRg2e0Nt7nmd22hAdRrBgUS-H3-EdrkGvEEnqxw0U69-6rmPI-eabg1EdG0HudrdGCwDOK1Vsu-q8bsNjZ0H5quqo-XxZOJfpa4vXbeyUlNb6zvKbMCkn6sG7dtdtLkMvDTWh1SVYOk-6Jpb6tOQv3LXbJgrdt37QVKB7dgk-AgAA |
|
.login.live.com/ | Name: uaid Value: ed1357ff31344b928adde071809628f1 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1664441844&co=1 |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | object-src 'none'; frame-ancestors *; sandbox allow-forms allow-downloads allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-modals; base-uri 'self' |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Security-Policy | object-src 'none'; frame-ancestors *; sandbox allow-forms allow-downloads allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-modals; base-uri 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
cdn.headwayapp.co
fonts.googleapis.com
login.live.com
login.microsoftonline.com
rum-http-intake.logs.datadoghq.com
surveyor-capital.cmgecm.com
surveyor-capital.id.cmgecm.com
104.18.10.73
104.18.11.73
152.199.23.37
20.190.159.19
2600:1f18:24e6:b900:c17a:225d:3c44:ae3e
2620:1ec:bdf::45
2a00:1450:400d:80c::200a
2a02:6ea0:cb00::2
40.126.31.71
038854c1db8658c2d0f918c047c4f335bd11c07c4ab2686ce1a780113e3591a3
0ab9463f7c596b99b96aa0101830ff912e3881449952b4b14d53fcedf82ba91b
0cec3bfee730b885a41601b77b8cb91905731c433e34fbfd65c5e114b3654448
11ee56bc04e26b968b8042066ddb973a3d420f12be3909103f056ec3f05957b3
321e0f87df9db5dd7e7529c9fe12a053a934c141d00a19466736d1134d95aa15
374590b5732f3220bb82a7edad74eaaec7291da3b47195e9a9fb8f252f44721a
59690534a93db64bdf7a47118c13a350be1ec64321db75b45478c084b1c8991d
83e9ea98d426a3e59ef0e2f7d4a2269b261cf0b9a891bcb98fb25e070ead9946
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55
c3884c02996923d5be8f0150d8e407562f87fb48d034080740d899682967bb3f
cade7642990c21fdd82c12120811658c6ee6f3892194c88d50a8c6c01f44017d
d0ee4e9144f91720c9e859bb6df636099fe73476c68a0a367a228de2f6b100c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855