login.microsoftonline.com
Open in
urlscan Pro
20.190.159.4
Public Scan
Effective URL: https://login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/saml2?sso_reload=true
Submission: On March 03 via manual from US — Scanned from FR
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 40.79.130.128 40.79.130.128 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 15.197.181.212 15.197.181.212 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 99.86.91.15 99.86.91.15 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 34.227.249.45 34.227.249.45 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a04:4e42::282 2a04:4e42::282 | 54113 (FASTLY) (FASTLY) | |
1 | 13.224.189.35 13.224.189.35 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 20.190.159.4 20.190.159.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:4f:1... 2620:1ec:4f:1::44 | () () | |
23 | 8 |
ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com
sso.precisely.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-15.cdg50.r.cloudfront.net
ok11static.oktacdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-249-45.compute-1.amazonaws.com
login.saas.precisely.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
cdn.appdynamics.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
precisely.com
sso.precisely.com login.saas.precisely.com |
3 MB |
3 |
oktacdn.com
ok11static.oktacdn.com — Cisco Umbrella Rank: 15907 |
105 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23 |
110 KB |
2 |
data3sixty.com
2 redirects
ypo.data3sixty.com |
846 B |
1 |
msauth.net
aadcdn.msauth.net |
112 KB |
1 |
appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3631 |
19 KB |
1 |
polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2232 |
752 B |
0 |
live.com
Failed
login.live.com Failed |
|
0 |
eum-appdynamics.com
Failed
col.eum-appdynamics.com Failed |
|
23 | 9 |
Domain | Requested by | |
---|---|---|
12 | login.saas.precisely.com |
sso.precisely.com
login.saas.precisely.com |
3 | ok11static.oktacdn.com |
sso.precisely.com
|
2 | login.microsoftonline.com | |
2 | ypo.data3sixty.com | 2 redirects |
1 | aadcdn.msauth.net |
login.microsoftonline.com
|
1 | cdn.appdynamics.com |
login.saas.precisely.com
|
1 | cdn.polyfill.io |
login.saas.precisely.com
|
1 | sso.precisely.com | |
0 | login.live.com Failed |
login.microsoftonline.com
|
0 | col.eum-appdynamics.com Failed |
login.saas.precisely.com
|
23 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.precisely.com Go Daddy Secure Certificate Authority - G2 |
2022-03-06 - 2023-04-07 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-03 - 2024-01-02 |
a year | crt.sh |
login.cas.cloud.precisely.com R3 |
2023-03-02 - 2023-05-31 |
3 months | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-10 - 2024-01-11 |
a year | crt.sh |
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-17 - 2023-07-22 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-12-01 - 2023-12-01 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-01-27 - 2024-01-27 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/saml2?sso_reload=true
Frame ID: 3BB1320725F3C66D875A9A3D27B7AE4E
Requests: 8 HTTP requests in this frame
Frame:
https://login.saas.precisely.com/loading
Frame ID: 90B71DF5B8808E4E758972781E8FE811
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://ypo.data3sixty.com/asset/286085F4-5AB1-423E-B52B-446E98ED6CAF
HTTP 302
https://ypo.data3sixty.com/sso?ReturnUrl=%2Fasset%2F286085F4-5AB1-423E-B52B-446E98ED6CAF HTTP 302
https://sso.precisely.com/oauth2/ausbrq45dzurflN4K4x6/v1/authorize?client_id=0oa4n6e0qaAOe7STr4x7&resp... Page URL
- https://login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/saml2 Page URL
- https://login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/saml2?sso_reload=true Page URL
Detected technologies
Prototype (JavaScript Frameworks) ExpandDetected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
AppDynamics (Analytics) Expand
Detected patterns
- adrum
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ypo.data3sixty.com/asset/286085F4-5AB1-423E-B52B-446E98ED6CAF
HTTP 302
https://ypo.data3sixty.com/sso?ReturnUrl=%2Fasset%2F286085F4-5AB1-423E-B52B-446E98ED6CAF HTTP 302
https://sso.precisely.com/oauth2/ausbrq45dzurflN4K4x6/v1/authorize?client_id=0oa4n6e0qaAOe7STr4x7&response_type=code&scope=openid%20profile%20email%20infogix&redirect_uri=https%3A%2F%2Fypo.data3sixty.com%2Fsso%2Fopenid&state=eo1q8&nonce=3vohi&response_mode=form_post&idp=0oa5ypiat3onLC1H54x7 Page URL
- https://login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/saml2 Page URL
- https://login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/saml2?sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://ypo.data3sixty.com/asset/286085F4-5AB1-423E-B52B-446E98ED6CAF HTTP 302
- https://ypo.data3sixty.com/sso?ReturnUrl=%2Fasset%2F286085F4-5AB1-423E-B52B-446E98ED6CAF HTTP 302
- https://sso.precisely.com/oauth2/ausbrq45dzurflN4K4x6/v1/authorize?client_id=0oa4n6e0qaAOe7STr4x7&response_type=code&scope=openid%20profile%20email%20infogix&redirect_uri=https%3A%2F%2Fypo.data3sixty.com%2Fsso%2Fopenid&state=eo1q8&nonce=3vohi&response_mode=form_post&idp=0oa5ypiat3onLC1H54x7
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
authorize
sso.precisely.com/oauth2/ausbrq45dzurflN4K4x6/v1/ Redirect Chain
|
9 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
ok11static.oktacdn.com/assets/js/ |
289 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.39bafdc039f29c609c4419c0c0eea770.css
ok11static.oktacdn.com/assets/css/sections/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok11static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading
login.saas.precisely.com/ Frame 90B7 |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.js
cdn.polyfill.io/v3/ Frame 90B7 |
276 B 752 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.af5237f834baefd8.css
login.saas.precisely.com/ Frame 90B7 |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.d288382bd47c6961.js
login.saas.precisely.com/ Frame 90B7 |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.09a1e4c199517e4e.js
login.saas.precisely.com/ Frame 90B7 |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.7a80fe33317f5a8b.js
login.saas.precisely.com/ Frame 90B7 |
323 KB 324 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.4f09928f68f69e1e.js
login.saas.precisely.com/ Frame 90B7 |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.0b928554752e3f01.js
login.saas.precisely.com/ Frame 90B7 |
46 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.json
login.saas.precisely.com/assets/i18n/ Frame 90B7 |
14 KB 14 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
login.saas.precisely.com/loginServices/v2/ Frame 90B7 |
199 B 978 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
login.saas.precisely.com/loginServices/v2/themes/ Frame 90B7 |
2 B 778 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Precisely-Light.76377efba4087256.woff
login.saas.precisely.com/ Frame 90B7 |
58 KB 59 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fr.json
login.saas.precisely.com/assets/i18n/ Frame 90B7 |
16 KB 16 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
cdn.appdynamics.com/ Frame 90B7 |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-GTJ/ Frame 90B7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
saml2
login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/ |
156 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
saml2
login.microsoftonline.com/9257cbd5-1c78-49a6-8006-0c3d549de3a0/ |
201 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
401 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
login.live.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- col.eum-appdynamics.com
- URL
- https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-GTJ/adrum
- Domain
- login.live.com
- URL
- https://login.live.com/Me.htm?v=3
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sso.precisely.com/ | Name: JSESSIONID Value: B2DA45B402ED909DE5263D97FAE14784 |
|
sso.precisely.com/ | Name: t Value: red-bright |
|
sso.precisely.com/ | Name: DT Value: DI1TKGbdCQ_RP2Ap-LOZJF6AA |
|
.precisely.com/ | Name: ADRUM Value: s=1677873500213&r=https%3A%2F%2Flogin.saas.precisely.com%2Floading%3F0 |
|
login.microsoftonline.com/ | Name: fpc Value: AgFqg0ahQQlKpDUxeSkaHCk |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
cdn.appdynamics.com
cdn.polyfill.io
col.eum-appdynamics.com
login.live.com
login.microsoftonline.com
login.saas.precisely.com
ok11static.oktacdn.com
sso.precisely.com
ypo.data3sixty.com
col.eum-appdynamics.com
login.live.com
13.224.189.35
15.197.181.212
20.190.159.4
2620:1ec:4f:1::44
2a04:4e42::282
34.227.249.45
40.79.130.128
99.86.91.15
030289a6472888f8a4a1999172411776300188b1d15debc7d875bc33215a7fcd
066307e44b95766429d228870854b5600e6a456736b99dd4ddc92a04567caab8
1c481902350dcc19fc7599b0e22030c130cdb907d0491b7b591d343cfe716158
356f223460fe5d1838aefa3cccfcc4454df6ab96e61113d494564a374e38176e
357520d2a36b00eae6c913472dd592f60bfc612612394597b5302983b3642e0f
4261859f4fad6f7453f5cff90e79c4d870a5796f4ac69ed2f7a75e45fb903536
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ffb3d819731e1ce3c24b30d44448e6cda0327dfd65d93293a85aa9c7d9f2657
5018a92e33bf8969cfd55269d73acdf9361c7bbd3b05dc8c50fdf9edbec88988
52668d3d7d36c7cc528f1ddec5b25a2f54eb54f27e012dd436c38e7317d85671
62001c694bb883aaa50d69cec8f9682c6b0b00c1ad707963de6225f990bc5cc0
669e82d6dad83301467d456206f19f41f8c88e3d96eff5a26267f72dd84a9604
6ec8901d05fc3de25c4fa8086a1d677d1ccc10f42abd7cd3588678f5759450f0
74b410f5b96d97cebd9ec29841b6529ff4cf3b0225c26a891b0acf79cc09d36c
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
89ff3d13bfe1b4bb3adb535cf919acb0d4eccade34b2dc5d007b72d115ea8cf2
e60ca473f176b75a664817645872b60d4e376924873696fc830dfb5aef6cee6f
f657534cffeaeeecbb4c143f81838615d9098f0cc26a76fb8551133d534a64fe