login.microsoftonline.com Open in urlscan Pro
20.190.190.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cathaypacific-smartit.onbmc.com/smartit/app/incident/IDGFP16CFVMZHASDSYJBSCST9KD392
Effective URL:
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8l...
Submission: On November 08 via api (November 8th 2023, 1:24:04 pm UTC) from US — Scanned from SG

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 20.190.190.130, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 19.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 3rd 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.220.218.56 52.220.218.56	16509 (AMAZON-02) (AMAZON-02)
2	20.190.190.130 20.190.190.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.213.70 13.107.213.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	4

3 52.220.218.56 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-218-56.ap-southeast-1.compute.amazonaws.com

cathaypacific-smartit.onbmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-rsso1.onbmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.190.130 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.70 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	onbmc.com 1 redirects cathaypacific-smartit.onbmc.com sg-rsso1.onbmc.com	4 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 19	27 KB
1	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 982	48 KB
0	live.com Failed login.live.com Failed
0	msftauth.net Failed aadcdn.msftauth.net Failed
9	5

	Domain	Requested by
2	login.microsoftonline.com	aadcdn.msauth.net
2	sg-rsso1.onbmc.com	1 redirects
1	aadcdn.msauth.net	login.microsoftonline.com
1	cathaypacific-smartit.onbmc.com
0	login.live.com Failed	login.microsoftonline.com
0	aadcdn.msftauth.net Failed	login.microsoftonline.com
9	6

This site contains no links.

Subject Issuer	Validity	Valid
*.onbmc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-12`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-07-03` - `2024-07-03`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-10-29` - `2024-10-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2&sso_reload=true
Frame ID: 01F8EB4EACA7672821D49B1527DB7B76
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cathaypacific-smartit.onbmc.com/smartit/app/incident/IDGFP16CFVMZHASDSYJBSCST9KD392 Page URL
https://sg-rsso1.onbmc.com/rsso/start Page URL
https://sg-rsso1.onbmc.com/rsso/start HTTP 302
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0m... Page URL
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0m... Page URL

Page Statistics

9
Requests

56 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

78 kB
Transfer

196 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cathaypacific-smartit.onbmc.com/smartit/app/incident/IDGFP16CFVMZHASDSYJBSCST9KD392 Page URL
https://sg-rsso1.onbmc.com/rsso/start Page URL
https://sg-rsso1.onbmc.com/rsso/start HTTP 302
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2 Page URL
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://sg-rsso1.onbmc.com/rsso/start HTTP 302
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 401 IDGFP16CFVMZHASDSYJBSCST9KD392 Show response
cathaypacific-smartit.onbmc.com/smartit/app/incident/ 1 KB
2 KB 554ms
122ms Document
text/html 52.220.218.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cathaypacific-smartit.onbmc.com/smartit/app/incident/IDGFP16CFVMZHASDSYJBSCST9KD392
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.220.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-218-56.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 0d2bc649466528f2eccdba9b0bea5940822223647b0b8c919f3f7c742685e716

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: keep-alive
Content-Length: 1342
Content-Type: text/html;charset=UTF-8
Date: Wed, 08 Nov 2023 13:24:00 GMT

POST
H/1.1 200 start Show response
sg-rsso1.onbmc.com/rsso/ 1 KB
1 KB 509ms
113ms Document
text/html 52.220.218.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sg-rsso1.onbmc.com/rsso/start

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.220.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-218-56.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ab89edae794157ad835a08b887e82a3822765413271b764b5d847fe41ce1a1c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com https://www.gstatic.com 'nonce-sZV0f1nxHbm1EDkz+aOpTg=='; object-src 'none'; worker-src 'self' blob:; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cathaypacific-smartit.onbmc.com
Referer: https://cathaypacific-smartit.onbmc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' https://www.google.com https://www.gstatic.com 'nonce-sZV0f1nxHbm1EDkz+aOpTg=='; object-src 'none'; worker-src 'self' blob:; frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Wed, 08 Nov 2023 13:24:00 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/
Redirect Chain

https://sg-rsso1.onbmc.com/rsso/start
https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNT...

20 KB
10 KB

1823ms
595ms

Document
text/html

20.190.190.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.190.190.130 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d9256a22d49b12ad1602326fb2490fa7e644850681bcec049cbfb89c37c39914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://sg-rsso1.onbmc.com
Referer: https://sg-rsso1.onbmc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 9319
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Nov 2023 13:24:02 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server: 2.1.16693.3 - KRSLR1 ProdSlices
x-ms-request-id: 99db6b9b-0f27-4c3d-bd04-74daca72d900

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: script-src 'self' https://www.google.com https://www.gstatic.com; object-src 'none'; worker-src 'self' blob:; frame-ancestors 'self'
Date: Wed, 08 Nov 2023 13:24:00 GMT
Location: https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 136 KB
48 KB 798ms
135ms Script
application/x-javascript 13.107.213.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 954ca1cc229daa74bda398b3a9bf1f240387dbf0489f94fc699b1fb3d33ff36b

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 13:24:03 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 48778
x-ms-lease-status: unlocked
last-modified: Tue, 17 Oct 2023 10:43:33 GMT
etag: 0x8DBCEFDE8C332CE
x-azure-ref: 20231108T132403Z-tx6d01u4h50dm4b5qu6adp9v0s00000000w000000000nkx1
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e94706d3-c01e-0033-68a4-116b64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/ 38 KB
17 KB 462ms
462ms Document
text/html 20.190.190.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.190.190.130 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7f44e479af2ff202c65d12e6a92c4d78ddf499225be165872c1666e5e21d0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/f62aca8c-2ba2-417b-a0c1-ab3f1020ccc4/saml2?SAMLRequest=nVNdb9MwFP0rkd8dfyR0mdVWKqsQlQZEa%2BGBl8lxb1pLiR18ncH%2BPU4GbBJlD9w320fH58Neou67QW3GeHZ38G0EjNmPvnOo5oMVGYNTXqNF5XQPqKJR%2B82HWyVzrobgoze%2BI9luuyL3VVFVvFxUtJTXC1oKDvS6lJJWiytRveFtyY0k2RcIaL1bkcRAsguzQxxh5zBqFxOKy4IKQXl1EIWSpeI8rwr%2BlWTbpNU6HWeyc4wDKsY6f7Iu760JHn0bveusg9z4nrULqY2uDJWNlkndVUM1N4LqpmgFl9wYU7LJdNL4zgcDcyYr0uoOITnEWiPaB%2Fizc2HqX4G8te5o3en19JonEKr3h0NN60%2F7w0XODSKEyeSNdzj2EPYQHqyBz3e3z7bxRAOiF7l3TW9mv9OaBTCQNAdmdDzrx0Eb21pDU3FHsp7Yl5NjNUceXhT%2FunL9WxJZ43A%2FkV3gX7IX1M93Depj4ttta99Z8%2Fg%2Fby2V0%2Bv4b7TIxbxjj7SdoWp0OMCkDI4k23Sd%2F34TQMdUZQwjEPakjv39FdY%2FAQ%3D%3D&RelayState=_83880468-4296-410e-9422-8671850f40c2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14841
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Nov 2023 13:24:03 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server: 2.1.16693.3 - KRC ProdSlices
x-ms-request-id: b0360cb8-3a9f-430c-827c-374519b2db00

GET converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
0

GET ConvergedLogin_PCore_iyeAEQ1Rwvv9lqq0Wh5nUw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 0
0

GET ux.converged.login.strings-zh-hans.min_1xpgq6jd83cizbzllwgi0w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
0

GET Me.htm
login.live.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_iyeAEQ1Rwvv9lqq0Wh5nUw2.js

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-zh-hans.min_1xpgq6jd83cizbzllwgi0w2.js

Domain: login.live.com
URL: https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sg-rsso1.onbmc.com/rsso	1969-12-31 23:59:59	Name: route Value: 1699449841.707.11757.162085
cathaypacific-smartit.onbmc.com/	1969-12-31 23:59:59	Name: route Value: 1699449841.153.11757.330573
cathaypacific-smartit.onbmc.com/	1969-12-31 23:59:59	Name: onbmc_pool Value: !saE53Foxo58JtPH2UiugeXARjXRPlXds5/Uza0mrVcoMCMMxIMlct5Q8jnYHJSSi7zxaq3H4UelxnQ==
sg-rsso1.onbmc.com/	1969-12-31 23:59:59	Name: onbmc_pool Value: !e0ipVD063rOOHjb2UiugeXARjXRPlfsdMOuJeREqhDLuHkBR4KazIPjfeDQEhxwYwZwZm59hXtu2og==
login.microsoftonline.com/	1970-01-20 16:47:21	Name: fpc Value: ApTQgVTnWKNDvUwCnQ-BGHw
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 16:04:09	Name: SSOCOOKIEPULLED Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cathaypacific-smartit.onbmc.com/smartit/app/incident/IDGFP16CFVMZHASDSYJBSCST9KD392 Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
cathaypacific-smartit.onbmc.com
login.live.com
login.microsoftonline.com
sg-rsso1.onbmc.com
aadcdn.msftauth.net
login.live.com
13.107.213.70
20.190.190.130
52.220.218.56
0d2bc649466528f2eccdba9b0bea5940822223647b0b8c919f3f7c742685e716
954ca1cc229daa74bda398b3a9bf1f240387dbf0489f94fc699b1fb3d33ff36b
ab89edae794157ad835a08b887e82a3822765413271b764b5d847fe41ce1a1c3
d9256a22d49b12ad1602326fb2490fa7e644850681bcec049cbfb89c37c39914
e7f44e479af2ff202c65d12e6a92c4d78ddf499225be165872c1666e5e21d0aa

login.microsoftonline.com Open in urlscan Pro 20.190.190.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

56 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

4 IPs

2 Countries

78 kBTransfer

196 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

9 Cookies

1 Console Messages

Indicators

login.microsoftonline.com Open in urlscan Pro
20.190.190.130 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

56 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

78 kB
Transfer

196 kB
Size

9
Cookies

9 HTTP transactions
0 data transactions