login.microsoftonline.com Open in urlscan Pro
20.190.160.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.zixcentral.com/u/456c7b4c/-Gs2o_z77BGDCxX1hnsoMg?u=https%3A%2F%2Fwww.yammer.com%2Fsmartbank.com%2Fthreads%2F180...
Effective URL:
https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-0000-0ff1-ce00-00000000...
Submission: On July 05 via manual (July 5th 2022, 12:27:59 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 20.190.160.22, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 21.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 25th 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	199.30.234.131 199.30.234.131	13380 (ASN-CUST) (ASN-CUST)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2 3	2620:1ec:a92:... 2620:1ec:a92::159	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.190.160.22 20.190.160.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2620:1ec:49::45 2620:1ec:49::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.159.64 20.190.159.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	152.199.23.72 152.199.23.72	15133 (EDGECAST) (EDGECAST)
1	2603:1026:300... 2603:1026:3000:150::a	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	9

4 199.30.234.131 (United States) 1 redirects

ASN13380 (ASN-CUST, US)

link.zixcentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:a92::159 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.yammer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.190.160.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.64 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.23.72 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:3000:150::a (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 1169	196 KB
4	zixcentral.com 1 redirects link.zixcentral.com — Cisco Umbrella Rank: 60440	8 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 21	108 KB
3	yammer.com 2 redirects www.yammer.com — Cisco Umbrella Rank: 4169	11 KB
2	msauthimages.net aadcdn.msauthimages.net — Cisco Umbrella Rank: 4212	150 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	31 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1417	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 62
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	30 KB
24	9

	Domain	Requested by
10	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
4	link.zixcentral.com	1 redirects link.zixcentral.com
3	login.microsoftonline.com	www.yammer.com login.microsoftonline.com aadcdn.msauth.net
3	www.yammer.com	2 redirects
2	aadcdn.msauthimages.net
2	maxcdn.bootstrapcdn.com	link.zixcentral.com
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	code.jquery.com	link.zixcentral.com
24	9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.zixcentral.com Entrust Certification Authority - L1K	`2022-02-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.yammer.com Microsoft Azure TLS Issuing CA 05	`2022-03-08` - `2023-03-03`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-05-25` - `2023-05-25`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02	`2022-05-11` - `2023-05-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-0000-0ff1-ce00-000000000000&msafed=0&nonce=c0b492524d6c3e3c9654bdab58986049c6695e6468797830bf1d3b3f34a0863f&redirect_uri=https%3A%2F%2Fpersona.yammer.com%2Foffice_sessions%3Fuser_acquisition_source%3Do365&resource=https%3A%2F%2Fwww.yammer.com%2F&response_mode=form_post&response_type=id_token+code&scope=open_id&site_id=501393&state=d835e644af8d57afe00351b7c362be47c4ea50b2fb6b1dcc72118cf4fe856340&sso_reload=true
Frame ID: 73EF2324A451F299EA31F43A5EF4EF56
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://link.zixcentral.com/u/456c7b4c/-Gs2o_z77BGDCxX1hnsoMg?u=https%3A%2F%2Fwww.yammer.com%2Fsmartbank... Page URL
https://link.zixcentral.com/filter HTTP 302
https://www.yammer.com/smartbank.com/threads/1804576053444608?allow_app_redirect=1&from=email&messa... Page URL
https://www.yammer.com/smartbank.com/threads/1804576053444608?allow_app_redirect=1&from=email&messa... HTTP 302
https://www.yammer.com/smartbank.com/ HTTP 302
https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-000... Page URL
https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-000... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

527 kB
Transfer

1262 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.zixcentral.com/u/456c7b4c/-Gs2o_z77BGDCxX1hnsoMg?u=https%3A%2F%2Fwww.yammer.com%2Fsmartbank.com%2Fthreads%2F1804576053444608%3Fallow_app_redirect%3D1%26from%3Demail%26message_id%3D1804576053444608%26trk_elmnt%3Dgoto%26trk_event%3Dde_thrd_clk%26trk_fst_thrd_id%3D1804576053444608%26trk_is_storyline%3Dfalse%26trk_network%3D19496591360%26trk_nmbr_lks%3D0%26trk_nmbr_rplys%3D0%26trk_nmbr_thrds%3D1%26trk_notif_id%3Da1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229%26trk_outlook_origin%3Dglam_static%26trk_thrd_clckd_id%3D1804576053444608%26trk_thrd_pstn%3Dfst%26trk_user%3D1334666379264 Page URL
https://link.zixcentral.com/filter HTTP 302
https://www.yammer.com/smartbank.com/threads/1804576053444608?allow_app_redirect=1&from=email&message_id=1804576053444608&trk_elmnt=goto&trk_event=de_thrd_clk&trk_fst_thrd_id=1804576053444608&trk_is_storyline=false&trk_network=19496591360&trk_nmbr_lks=0&trk_nmbr_rplys=0&trk_nmbr_thrds=1&trk_notif_id=a1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229&trk_outlook_origin=glam_static&trk_thrd_clckd_id=1804576053444608&trk_thrd_pstn=fst&trk_user=1334666379264 Page URL
https://www.yammer.com/smartbank.com/threads/1804576053444608?allow_app_redirect=1&from=email&message_id=1804576053444608&trk_elmnt=goto&trk_event=de_thrd_clk&trk_fst_thrd_id=1804576053444608&trk_is_storyline=false&trk_network=19496591360&trk_nmbr_lks=0&trk_nmbr_rplys=0&trk_nmbr_thrds=1&trk_notif_id=a1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229&trk_outlook_origin=glam_static&trk_thrd_clckd_id=1804576053444608&trk_thrd_pstn=fst&trk_user=1334666379264 HTTP 302
https://www.yammer.com/smartbank.com/ HTTP 302
https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-0000-0ff1-ce00-000000000000&msafed=0&nonce=c0b492524d6c3e3c9654bdab58986049c6695e6468797830bf1d3b3f34a0863f&redirect_uri=https%3A%2F%2Fpersona.yammer.com%2Foffice_sessions%3Fuser_acquisition_source%3Do365&resource=https%3A%2F%2Fwww.yammer.com%2F&response_mode=form_post&response_type=id_token+code&scope=open_id&site_id=501393&state=d835e644af8d57afe00351b7c362be47c4ea50b2fb6b1dcc72118cf4fe856340 Page URL
https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-0000-0ff1-ce00-000000000000&msafed=0&nonce=c0b492524d6c3e3c9654bdab58986049c6695e6468797830bf1d3b3f34a0863f&redirect_uri=https%3A%2F%2Fpersona.yammer.com%2Foffice_sessions%3Fuser_acquisition_source%3Do365&resource=https%3A%2F%2Fwww.yammer.com%2F&response_mode=form_post&response_type=id_token+code&scope=open_id&site_id=501393&state=d835e644af8d57afe00351b7c362be47c4ea50b2fb6b1dcc72118cf4fe856340&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://link.zixcentral.com/filter HTTP 302
https://www.yammer.com/smartbank.com/threads/1804576053444608?allow_app_redirect=1&from=email&message_id=1804576053444608&trk_elmnt=goto&trk_event=de_thrd_clk&trk_fst_thrd_id=1804576053444608&trk_is_storyline=false&trk_network=19496591360&trk_nmbr_lks=0&trk_nmbr_rplys=0&trk_nmbr_thrds=1&trk_notif_id=a1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229&trk_outlook_origin=glam_static&trk_thrd_clckd_id=1804576053444608&trk_thrd_pstn=fst&trk_user=1334666379264

Request Chain 7

https://www.yammer.com/smartbank.com/threads/1804576053444608?allow_app_redirect=1&from=email&message_id=1804576053444608&trk_elmnt=goto&trk_event=de_thrd_clk&trk_fst_thrd_id=1804576053444608&trk_is_storyline=false&trk_network=19496591360&trk_nmbr_lks=0&trk_nmbr_rplys=0&trk_nmbr_thrds=1&trk_notif_id=a1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229&trk_outlook_origin=glam_static&trk_thrd_clckd_id=1804576053444608&trk_thrd_pstn=fst&trk_user=1334666379264 HTTP 302
https://www.yammer.com/smartbank.com/ HTTP 302
https://login.microsoftonline.com/0f6c4390-5675-4dd8-ace7-4244d9315122/oauth2/authorize?client_id=00000005-0000-0ff1-ce00-000000000000&msafed=0&nonce=c0b492524d6c3e3c9654bdab58986049c6695e6468797830bf1d3b3f34a0863f&redirect_uri=https%3A%2F%2Fpersona.yammer.com%2Foffice_sessions%3Fuser_acquisition_source%3Do365&resource=https%3A%2F%2Fwww.yammer.com%2F&response_mode=form_post&response_type=id_token+code&scope=open_id&site_id=501393&state=d835e644af8d57afe00351b7c362be47c4ea50b2fb6b1dcc72118cf4fe856340

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK -Gs2o_z77BGDCxX1hnsoMg Show response
link.zixcentral.com/u/456c7b4c/ 3 KB
3 KB 793ms
129ms Document
text/html 199.30.234.131
ASN-CUST

General

Domain/Path	Expires	Name / Value
link.zixcentral.com/	1969-12-31 23:59:59	Name: BIGipServer~ETP~link Value: !ax3RwnYV6mdvn6l9SUdMxUUdjcUbe5TxTy6Zt47PxbPK51accKAEm2bj8zsX3/VyOi4WIajSKvwpm0E=
.yammer.com/	1970-01-20 13:02:40	Name: yamtrak_id Value: 5bf0d63b-c44a-4878-b9c7-674871c6535d
www.yammer.com/	1970-01-20 04:17:07	Name: deep_link Value: -1
www.yammer.com/	1970-01-20 04:18:30	Name: return_to Value: https%3A%2F%2Fwww.yammer.com%2Fsmartbank.com%2Fthreads%2F1804576053444608%3Ffrom%3Demail%26message_id%3D1804576053444608%26trk_elmnt%3Dgoto%26trk_event%3Dde_thrd_clk%26trk_fst_thrd_id%3D1804576053444608%26trk_is_storyline%3Dfalse%26trk_network%3D19496591360%26trk_nmbr_lks%3D0%26trk_nmbr_rplys%3D0%26trk_nmbr_thrds%3D1%26trk_notif_id%3Da1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229%26trk_outlook_origin%3Dglam_static%26trk_thrd_clckd_id%3D1804576053444608%26trk_thrd_pstn%3Dfst%26trk_user%3D1334666379264
.yammer.com/	1970-01-20 04:17:05	Name: saml_return_to Value: https%3A%2F%2Fwww.yammer.com%2Fsmartbank.com%2Fthreads%2F1804576053444608%3Ffrom%3Demail%26message_id%3D1804576053444608%26trk_elmnt%3Dgoto%26trk_event%3Dde_thrd_clk%26trk_fst_thrd_id%3D1804576053444608%26trk_is_storyline%3Dfalse%26trk_network%3D19496591360%26trk_nmbr_lks%3D0%26trk_nmbr_rplys%3D0%26trk_nmbr_thrds%3D1%26trk_notif_id%3Da1642c7425628a54c5a462ef641ebf93c18697112b0479b93d88a525d86fd229%26trk_outlook_origin%3Dglam_static%26trk_thrd_clckd_id%3D1804576053444608%26trk_thrd_pstn%3Dfst%26trk_user%3D1334666379264
www.yammer.com/	1969-12-31 23:59:59	Name: mobile_view Value: disabled
www.yammer.com/	1969-12-31 23:59:59	Name: login_csrf_token Value: d835e644af8d57afe00351b7c362be47c4ea50b2fb6b1dcc72118cf4fe856340
.www.yammer.com/	1970-01-20 13:02:40	Name: _session Value: BAh7CEkiD3Nlc3Npb25faWQGOgZFVEkiJWYzNWMyZWIxYzVmYjZiZTllYjYxYmIxMzA4OTMwZTlhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMVFPVi9XOG9DdUR6bEo3dGRKUFFIL0laa2gxa0VIV245eEhFQmphQ3Y3M1E9BjsARkkiC21vYmlsZQY7AEZG--b0033f5c88becd65b7598e584da6559bf04c2f29
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 04:17:04	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 05:00:16	Name: buid Value: 0.AVkAkENsD3VW2E2s50JE2TFRIgUAAAAAAPEPzgAAAAAAAABZAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr6M5N1oQmUrSUxVI74sXEW2DS8NleMwdPH98FgnB5OsxvRiaGAU1jH-U_3o-4fDBbiC-HCdODf82ypGWasYH7DWVBeiSPIZrHt1Q6HcXdseYgAA
login.microsoftonline.com/	1970-01-20 05:00:16	Name: fpc Value: AmHjtp5mn7hOowfv1VH8zpMLkh3UAQAAAEwlVtoOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrPTXE4yHMxItFHM-ovBN02XIC7LWEX8uUBhATR6Vf7M0JjxqjRmxbvlYh_hyDbd67QSzzj8EliMJBncOSKLMCp7ZTApsU9WRAcIxph5bQ2NhDw11hcO-_T5ossUyVvoUcbP_Kyi50Uc1DlFsyGVM9gDv6i4ON_RiaK5SPyU5sCS4gAA
.login.microsoftonline.com/	1970-01-20 13:38:40	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: fd0fe8e8b4c241daaee3bd63ac19cdbb
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1657024077&co=1
autologon.microsoftazuread-sso.com/	1970-01-20 05:00:16	Name: fpc Value: AtrjNET95oVAqUqMOGl4TWY
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

login.microsoftonline.com Open in urlscan Pro 20.190.160.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

56 %IPv6

9 Domains

9 Subdomains

9 IPs

3 Countries

527 kBTransfer

1262 kBSize

21 Cookies

3 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

21 Cookies

1 Console Messages

Indicators

login.microsoftonline.com Open in urlscan Pro
20.190.160.22 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

527 kB
Transfer

1262 kB
Size

21
Cookies

24 HTTP transactions
0 data transactions