login.microsoftonline.com
Open in
urlscan Pro
2603:1036:3000:18::1
Public Scan
Effective URL: https://login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/authorize?client_id=c76cbbaf-c189-405a-af05-264...
Submission: On January 13 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 16th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 20.211.64.12 20.211.64.12 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 2603:1036:300... 2603:1036:3000:18::1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b | 15133 (EDGECAST) (EDGECAST) | |
1 | 40.126.24.148 40.126.24.148 | () () | |
23 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app-bemesportal-prod-rfi.azurewebsites.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943 |
271 KB |
9 |
azurewebsites.net
app-bemesportal-prod-rfi.azurewebsites.net |
2 MB |
4 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
32 KB |
1 |
live.com
login.live.com |
|
23 | 4 |
Domain | Requested by | |
---|---|---|
9 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
9 | app-bemesportal-prod-rfi.azurewebsites.net |
app-bemesportal-prod-rfi.azurewebsites.net
|
4 | login.microsoftonline.com |
app-bemesportal-prod-rfi.azurewebsites.net
aadcdn.msftauth.net |
1 | login.live.com |
login.microsoftonline.com
|
23 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01 |
2023-08-01 - 2024-06-27 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-16 - 2024-11-16 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2023-11-10 - 2024-11-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/authorize?client_id=c76cbbaf-c189-405a-af05-264c07fce245&scope=https%3A%2F%2Frfi.bemes.net%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapp-bemesportal-prod-rfi.azurewebsites.net&client-request-id=1dc5bff9-4fe7-4fc5-975a-0fe87d568dd6&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.1&client_info=1&code_challenge=HJpp5xjcQtRcjLASKSOQAHK5ay-dPcbv28DHu4EzwWI&code_challenge_method=S256&nonce=ff7da63e-4ee6-466c-bc11-c4c309732a5b&state=eyJpZCI6IjZhZjdjZTA4LTE5YmQtNDczNi1hNjZhLWM1MTljMjNmNGZiZCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: 7322A0A159CA8FCFB760908460DD1014
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://app-bemesportal-prod-rfi.azurewebsites.net/ Page URL
- https://login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/authorize?client_id=c76cbba... Page URL
- https://login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/authorize?client_id=c76cbba... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://app-bemesportal-prod-rfi.azurewebsites.net/ Page URL
- https://login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/authorize?client_id=c76cbbaf-c189-405a-af05-264c07fce245&scope=https%3A%2F%2Frfi.bemes.net%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapp-bemesportal-prod-rfi.azurewebsites.net&client-request-id=1dc5bff9-4fe7-4fc5-975a-0fe87d568dd6&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.1&client_info=1&code_challenge=HJpp5xjcQtRcjLASKSOQAHK5ay-dPcbv28DHu4EzwWI&code_challenge_method=S256&nonce=ff7da63e-4ee6-466c-bc11-c4c309732a5b&state=eyJpZCI6IjZhZjdjZTA4LTE5YmQtNDczNi1hNjZhLWM1MTljMjNmNGZiZCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
- https://login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/authorize?client_id=c76cbbaf-c189-405a-af05-264c07fce245&scope=https%3A%2F%2Frfi.bemes.net%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fapp-bemesportal-prod-rfi.azurewebsites.net&client-request-id=1dc5bff9-4fe7-4fc5-975a-0fe87d568dd6&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.1&client_info=1&code_challenge=HJpp5xjcQtRcjLASKSOQAHK5ay-dPcbv28DHu4EzwWI&code_challenge_method=S256&nonce=ff7da63e-4ee6-466c-bc11-c4c309732a5b&state=eyJpZCI6IjZhZjdjZTA4LTE5YmQtNDczNi1hNjZhLWM1MTljMjNmNGZiZCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
app-bemesportal-prod-rfi.azurewebsites.net/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.d942059a4725a69a.js
app-bemesportal-prod-rfi.azurewebsites.net/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.dba393eaf624b87e.js
app-bemesportal-prod-rfi.azurewebsites.net/ |
137 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.442004980883602a.js
app-bemesportal-prod-rfi.azurewebsites.net/ |
42 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.45bc0e9cfbb635fc.js
app-bemesportal-prod-rfi.azurewebsites.net/ |
5 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.4d27da0df1ccf75a.css
app-bemesportal-prod-rfi.azurewebsites.net/ |
1 MB 317 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d-dinexp-webfont.94016f93dc45d523.woff2
app-bemesportal-prod-rfi.azurewebsites.net/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.4d27da0df1ccf75a.css
app-bemesportal-prod-rfi.azurewebsites.net/ |
1 MB 317 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ClientAppConfigSettings
app-bemesportal-prod-rfi.azurewebsites.net/portal/ |
255 B 621 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instance
login.microsoftonline.com/common/discovery/ |
980 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/v2.0/.well-known/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/e380e61d-1ab4-4f70-be25-595b9e0c585e/oauth2/v2.0/ |
41 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_sN7sQ2KF_Z5xeg6T-3PHlw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
420 KB 116 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_uwo3eukwj1jimmqictgmkq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
52 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_560f3c6ac4b56ef7114c.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 838 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_9772c805c34de2cabc91.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
0 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.app-bemesportal-prod-rfi.azurewebsites.net/ | Name: ARRAffinity Value: 91307984de86ffd763baddac01380610718d6d550e39c3a82529cd1a2f82d3ab |
|
.app-bemesportal-prod-rfi.azurewebsites.net/ | Name: ARRAffinitySameSite Value: 91307984de86ffd763baddac01380610718d6d550e39c3a82529cd1a2f82d3ab |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AWYAHeaA47QacE--JVlbngxYXq-7bMeJwVpArwUmTAf84kVmAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-ni_4IcQHSG6wrzEhWfJVYVaxzdqF_Zy-slLfVqdQ34LZfqor-m7-a3aCtajLt9RcfOoX7BgYqR13he1FmtI-QzdjlN4Zym-YZJ90IpWMHLcgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-aYD2AlKMPzhkOt6StBM8AKBpvRexOBKqWckXM4a_wjnJtZZzduNE5mVxcXb9d5w4o1gK71zef622dGdNZ9ChdRCVnKhaoHPfbcP3BfhiEvFkl9tNTKfa1zeTCoTPvhr2hCuQ-QDI4Ctk8DTZo-sumNBEbc93MffmqinK0rCKI_kgAA |
|
.login.microsoftonline.com/ | Name: esctx-sxXrgubipKw Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-a1yJio-LcxQVvt_jzBvyTsUwXBlvY2SJ47t2PJRyv2f8_VAwwoHnMq_ri3J8otssM2vCkSwJIwWf25agOtwG7AG7HgieO-cTrAAjK5Ndu2ynYLYDDrt_vhxU1St1W2jS7glExHi24zNzrOD4rWkPhCAA |
|
login.microsoftonline.com/ | Name: fpc Value: AlUXlnIA6SNEtcBkURWT_uro1w-xAQAAAF6INN0OAAAA |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
app-bemesportal-prod-rfi.azurewebsites.net
login.live.com
login.microsoftonline.com
20.211.64.12
2603:1036:3000:18::1
2606:2800:21f:1b88:6342:f8de:86c:e98b
40.126.24.148
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1cb5f9906fe2c16a54e58ff060cd390f19d75225449dd9fcd76e0a60495de678
238dba9b29e291f48d9644d4038fdde908d3aee2aeeb63ef5c5d917e08dfe5a2
37119e9799d67c0beeaf93167c0006be310cb8afa32bd6666f427a799ffad845
3fd4de4b26a7acec23971755c0e54a144f523b8322c669293fced93b587de41f
3fe50342f539d712ce76e2de4dc987e110861764aab336a3e30ecd5bbdebc728
4429c189d47cc2e869a79ac4c08e6e1da143f35fd8619e1adc62ee7847c30574
4462972c2a5803e7d1f2a615de0bd091f122882ab61bc807072de72ee8370424
45ebebdec2e08443505458e83ac6027c7cc905f858f5f308a4da92d1328c584c
53e8e0c0a306c52f71a8a638d0a8bab9b7d42b95fbbeff6bc54101373d2ab4b2
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89
71045787f5f45e095b46288fdd4b84dc46e70039f3997a0ad343a92785d1fecd
76bab09f1b2e908c9c7d49e8cb991a80812348e6c7d13a23e56942780cdc7f4d
8ac165d1b8d2458ffd282e8a76f1a4e591389bc12ed94d6c3b403d550babd922
97372b742ef639eebe0770b48ea4ecbaf5fa99052a1f8f397a8aa6e054d35859
d41d33ad303a1fa42980c98dadcc179a828a5b9cf5535ccda5e67f74799a67c1