login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:c8::7
Public Scan
Effective URL: https://login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/saml2?sso_reload=true
Submission: On June 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 212.184.196.203 212.184.196.203 | 3320 (DTAG Inte...) (DTAG Internet service provider operations) | |
2 | 2603:1026:300... 2603:1026:3000:c8::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.159.73 20.190.159.73 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
18 | 5 |
ASN3320 (DTAG Internet service provider operations, DE)
eds.p.ebscohost.com.login.bibproxy.whu.edu | |
login.bibproxy.whu.edu |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1015 |
351 KB |
3 |
whu.edu
1 redirects
eds.p.ebscohost.com.login.bibproxy.whu.edu login.bibproxy.whu.edu |
2 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
27 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 63 |
|
0 |
microsoftazuread-sso.com
Failed
autologon.microsoftazuread-sso.com Failed |
|
0 |
msauthimages.net
Failed
aadcdn.msauthimages.net Failed |
|
18 | 6 |
Domain | Requested by | |
---|---|---|
10 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
2 | login.microsoftonline.com | |
2 | login.bibproxy.whu.edu | |
1 | login.live.com |
login.microsoftonline.com
|
1 | eds.p.ebscohost.com.login.bibproxy.whu.edu | 1 redirects |
0 | autologon.microsoftazuread-sso.com Failed | |
0 | aadcdn.msauthimages.net Failed | |
18 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.bibproxy.whu.edu E5 |
2024-06-19 - 2024-09-17 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-27 - 2025-05-27 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-04-30 - 2025-04-30 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-09 - 2025-05-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/saml2?sso_reload=true
Frame ID: 1C0B2018222CA747DCE0F895AC65BB50
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://eds.p.ebscohost.com.login.bibproxy.whu.edu/
HTTP 302
https://login.bibproxy.whu.edu/login?qurl=https://eds.p.ebscohost.com%2f Page URL
- https://login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/saml2 Page URL
- https://login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/saml2?sso_reload=true Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://eds.p.ebscohost.com.login.bibproxy.whu.edu/
HTTP 302
https://login.bibproxy.whu.edu/login?qurl=https://eds.p.ebscohost.com%2f Page URL
- https://login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/saml2 Page URL
- https://login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/saml2?sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://eds.p.ebscohost.com.login.bibproxy.whu.edu/ HTTP 302
- https://login.bibproxy.whu.edu/login?qurl=https://eds.p.ebscohost.com%2f
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
login
login.bibproxy.whu.edu/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
saml2
login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
login.bibproxy.whu.edu/ |
24 B 148 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
saml2
login.microsoftonline.com/fd0fb888-81d0-4386-9462-8a094cc4592e/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
437 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
61 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/ |
186 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
illustration
aadcdn.msauthimages.net/c1c6b6c8-fyjf7ka0ozi2-vy74riprtnzkyjemskc-pcoxoeksbg/logintenantbranding/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-fyjf7ka0ozi2-vy74riprtnzkyjemskc-pcoxoeksbg/logintenantbranding/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ssoprobe
autologon.microsoftazuread-sso.com/fd0fb888-81d0-4386-9462-8a094cc4592e/winauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aadcdn.msauthimages.net
- URL
- https://aadcdn.msauthimages.net/c1c6b6c8-fyjf7ka0ozi2-vy74riprtnzkyjemskc-pcoxoeksbg/logintenantbranding/0/illustration?ts=637648938213036386
- Domain
- aadcdn.msauthimages.net
- URL
- https://aadcdn.msauthimages.net/c1c6b6c8-fyjf7ka0ozi2-vy74riprtnzkyjemskc-pcoxoeksbg/logintenantbranding/0/bannerlogo?ts=637649688665526030
- Domain
- autologon.microsoftazuread-sso.com
- URL
- https://autologon.microsoftazuread-sso.com/fd0fb888-81d0-4386-9462-8a094cc4592e/winauth/ssoprobe?client-request-id=6db15de3-39bc-42ec-9c0a-b1e8a5a51595&_=1719166533464
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e491413 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.microsoftonline.com/ | Name: esctx-BNvVlwKR8o Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYEs79ulFqMT-P-xpTiKQUwF0zxaZnoj8LPBSV3oectfXV5_w5SK-0ejFwQoVgclqYTSF-bKLtjPXl-6oY0oMAFiZ_okp3tkAqdDcYs3WzpffgqZDkzwU8lw3GIhNjAIConvICH5LnbZrd5TGRhquVbyAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQwAiLgP_dCBhkOUYooJTMRZLjzmAi5M6tRApg0sxtHO3usMAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYzTrs755W6egRNPra5raMFq7BeXVCfhwxiOc-4IbMp4Fp04DLtNRc_AZrdy-4aLU7yg93HHXuWUcGJk0YygiF4Tb4jrwkvpstBW2eqXEmVOkgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYlP01Od_S_DN8N3DjQPGBa1eC38of5U0M1WYZlaZ116zEfjQK6tMneYNdLdm48r-i8xFG2SKsdRU4hWlsEvT3IeSkrC80Z-eZVy2ApZG7J3w8aOhdUQZSu-wB0QVCCAGaT40ycQWIuwgfgh8SZrvql96d9587Rx3LheERH-mQf-IgAA |
|
.login.microsoftonline.com/ | Name: esctx-zyIO4jgBSoQ Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYP16XlsJemZHcdRN51FIOcegnVejH_b1WePMaI-DmXdXuP98OrVS8OTwoHTx2oKQ0ankY0NxaeGUVaP5Lq7M9R4rfA1dL3oUrybMdO5LB6h0QK0IXyzJItxGYk8P75NzcM2zRb2QhrYEq4LQQGBIYESAA |
|
login.microsoftonline.com/ | Name: fpc Value: Ar2BLi2LuT1NsL3KO6qtJQo1tDkkAQAAAENdCt4OAAAA |
|
login.microsoftonline.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: e5615d8f-7236-4c0a-ba44-c06a744338bf |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: 2113a16fa295477d88d8229a5e8bd458 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1719166531&co=1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
eds.p.ebscohost.com.login.bibproxy.whu.edu
login.bibproxy.whu.edu
login.live.com
login.microsoftonline.com
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
20.190.159.73
212.184.196.203
2603:1026:3000:c8::7
2620:1ec:bdf::45
23804c857c0f312172654571928d8945eb9585b94f6d4be9c59a37eae054c0fd
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ce71d63155e8f60a29131726f86a904c79a152571fe3e83d2e60e5e7cb30e036
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59df3c04e48e1fc3919ab3edb72df10fda693ad33e4ec4ceb59b05e49403e0c
ff6c4857f6f1ae8d2c56a40cc68c6263b805aff89a08ec297fff38714d122544