login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:d0:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://termstudio.microsoft.com/
Effective URL:
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=86ec06c1-0a51-4da8-87af-019...
Submission Tags: @phishunt_io
Submission: On January 12 via api (January 12th 2024, 6:01:56 am UTC) from DE — Scanned from DE

Summary HTTP 49 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 49 HTTP transactions. The main IP is 2603:1026:3000:d0::, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 24.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 28th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:710... 2a02:26f0:7100:aa2::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:18d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.25.164.192 20.25.164.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2603:1026:300... 2603:1026:3000:d0::	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	95.101.54.145 95.101.54.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.101.54.99 95.101.54.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef	15133 (EDGECAST) (EDGECAST)
1	20.190.159.64 20.190.159.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::63 2620:1ec:bdf::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
49	12

1 2a02:26f0:480:f::213:7ec9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

termstudio.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ep-termstudiowebapp-prod-h8bubughehdhbwa6.z01.azurefd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:aa2::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0217990f.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.25.164.192 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gql.termstudio.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:1026:3000:d0:: (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.145 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-145.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-99.deploy.static.akamaitechnologies.com

kd7qozk7mu3jczna2xha-ph0lf9-7864bf025-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqjiathaajekqce3yajaaab5s2bvoo-ph0lf9-e43e026a9-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.64 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	azurefd.net ep-termstudiowebapp-prod-h8bubughehdhbwa6.z01.azurefd.net	2 MB
8	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 2605	330 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 3609 kd7qozk7mu3jczna2xha-ph0lf9-7864bf025-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 3614 fiaqjiathaajekqce3yajaaab5s2bvoo-ph0lf9-e43e026a9-clienttons-s.akamaihd.net	1 KB
4	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 24	33 KB
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 7218	255 KB
2	akstat.io 0217990f.akstat.io — Cisco Umbrella Rank: 80010	414 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1998 c.go-mpulse.net — Cisco Umbrella Rank: 850	50 KB
2	microsoft.com termstudio.microsoft.com gql.termstudio.microsoft.com Failed browser.events.data.microsoft.com Failed	4 KB
1	live.com login.live.com — Cisco Umbrella Rank: 53
49	9

	Domain	Requested by
21	ep-termstudiowebapp-prod-h8bubughehdhbwa6.z01.azurefd.net	termstudio.microsoft.com
8	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
4	login.microsoftonline.com	ep-termstudiowebapp-prod-h8bubughehdhbwa6.z01.azurefd.net aadcdn.msftauth.net
2	aadcdn.msftauthimages.net
2	0217990f.akstat.io	s.go-mpulse.net
1	login.live.com	login.microsoftonline.com
1	fiaqjiathaajekqce3yajaaab5s2bvoo-ph0lf9-e43e026a9-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kd7qozk7mu3jczna2xha-ph0lf9-7864bf025-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	gql.termstudio.microsoft.com	ep-termstudiowebapp-prod-h8bubughehdhbwa6.z01.azurefd.net
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	termstudio.microsoft.com
1	termstudio.microsoft.com
0	browser.events.data.microsoft.com Failed	ep-termstudiowebapp-prod-h8bubughehdhbwa6.z01.azurefd.net
49	15

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
termstudio.microsoft.com Microsoft Azure ECC TLS Issuing CA 05	`2023-06-16` - `2024-06-10`	a year	crt.sh
*.azurefd.net Microsoft Azure TLS Issuing CA 02	`2024-01-01` - `2024-06-27`	6 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
gql.termstudio.microsoft.com DigiCert SHA2 Secure Server CA	`2023-09-22` - `2024-09-22`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-11-28` - `2024-11-28`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03	`2023-11-25` - `2024-11-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=86ec06c1-0a51-4da8-87af-0196501d5e65&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftermstudio.microsoft.com%2F&client-request-id=56bfd17a-276c-47dd-b084-a2a4af8d952e&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=fuheN1tYpDrOeBUNFfzpKbrqO5DJLxi2PYS-U205l5k&code_challenge_method=S256&nonce=a561b020-872e-4dd7-8ac7-44cb5c15732b&state=eyJpZCI6ImZlYzg4ZjcwLTk4MjctNDhiMS1hNjhiLWE3NDQwYzNiN2E1ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: 7FAEE7592FDCDBB8B0EC966AE1D97127
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://termstudio.microsoft.com/ Page URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=86ec06c... Page URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=86ec06c... Page URL

Page Statistics

49
Requests

86 %
HTTPS

69 %
IPv6

9
Domains

15
Subdomains

12
IPs

3
Countries

3120 kB
Transfer

4143 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz und Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://termstudio.microsoft.com/ Page URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=86ec06c1-0a51-4da8-87af-0196501d5e65&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftermstudio.microsoft.com%2F&client-request-id=56bfd17a-276c-47dd-b084-a2a4af8d952e&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=fuheN1tYpDrOeBUNFfzpKbrqO5DJLxi2PYS-U205l5k&code_challenge_method=S256&nonce=a561b020-872e-4dd7-8ac7-44cb5c15732b&state=eyJpZCI6ImZlYzg4ZjcwLTk4MjctNDhiMS1hNjhiLWE3NDQwYzNiN2E1ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=86ec06c1-0a51-4da8-87af-0196501d5e65&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftermstudio.microsoft.com%2F&client-request-id=56bfd17a-276c-47dd-b084-a2a4af8d952e&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=fuheN1tYpDrOeBUNFfzpKbrqO5DJLxi2PYS-U205l5k&code_challenge_method=S256&nonce=a561b020-872e-4dd7-8ac7-44cb5c15732b&state=eyJpZCI6ImZlYzg4ZjcwLTk4MjctNDhiMS1hNjhiLWE3NDQwYzNiN2E1ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=ph0lf9jad HTTP 302
https://kd7qozk7mu3jczna2xha-ph0lf9-7864bf025-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 31

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=ph0lf9jad HTTP 302
https://fiaqjiathaajekqce3yajaaab5s2bvoo-ph0lf9-e43e026a9-clienttons-s.akamaihd.net/eum/results.txt

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
termstudio.microsoft.com/ 9 KB
4 KB 2899ms
2727ms Document
text/html 2a02:26f0:480:f::213:7ec9
AKAMAI-ASN1

General

Domain/Path	Expires	Name / Value
termstudio.microsoft.com/	1970-01-21 02:22:55	Name: MicrosoftApplicationsTelemetryDeviceId Value: d9f50bdf-b9bc-41e4-a1f3-d1fa3a3132a1
termstudio.microsoft.com/	1970-01-20 17:37:21	Name: ai_session Value: ScBGFYusEwcDcEyqi9RItT\|1705039310387\|1705039310387
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-ij79OaLS13s Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Ocem4vkqj3vYBXL3Quruf7VXwUmZMafcIBd-XPyMQwCjpn27KyGJHurh8pp1RhpBIy3TIA3WvhFncVXeUvfDWh_ubEFGQsNCCcdharZQnXl9lrbbDTIqkrQpaoifgHV7tG_K6IfTbZfRv--ZID3qViAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 17:37:19	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 18:20:31	Name: buid Value: 0.ARoAv4j5cvGGr0GRqy180BHbR8EG7IZRCqhNh68BllAdXmUaAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-efC-FxW0HNORViDe5mHGOHj_MG2nyeefZHh7MQRvEp-L65J4EViDyigYlurNiUvZC_1mxwyoo23SbbSUaRIS2fNoN7sjOH1m92MSOyz8JqsgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-O4knkZ5evBVu3cUJcwCcytCmZTiHmBhlikqHF8gf5IrJytYgb5Qnm97IhMrynQ_BRSWwvlPIH_uoqwhZOCpnJs490nGvTljNO8FbTAYrwiR_O4apcncqIp0Bnm4bINVGHdtczWLpDLeG25hjFQj3IbpfkpV6W5tiDcP6E26_w4QgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-PzqNXdEeHc Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-7g-_WuVrn3Z1O1Ck23bWcL05LaUMwwZ6DKqgETDZui6lNgQ3_rsKUhhAvSc-RUPX4UFRMcYOAUC-0-usBcml6zfBHVbmOZMRt05A4mOmZKUvSELS_O-7BtnaJxn-eqNoi8hLIB-TDn9SgE472ZvFWSAA
login.microsoftonline.com/	1970-01-20 18:20:31	Name: fpc Value: ArisVb9ZRWxEvfCC_1_eJI-Y911bAQAAAM_MMt0OAAAA
.microsoft.com/	1970-01-21 02:22:55	Name: MC1 Value: GUID=b22b1803283945eb8ee092dc2a1cdc50&HASH=b22b&LV=202401&V=4&LU=1705039311298
.microsoft.com/	1970-01-20 17:37:21	Name: MS0 Value: 1518035438bf4c42823ce228e363eda2
login.microsoftonline.com/	1970-01-21 02:22:55	Name: MicrosoftApplicationsTelemetryDeviceId Value: 07398c3a-7e29-4e43-a513-e80a1a74e14f
.login.microsoftonline.com/	1970-01-21 02:58:55	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 21e9f7678c644d25b1d376d226ed3f73
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1705039311&co=1

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

login.microsoftonline.com Open in urlscan Pro 2603:1026:3000:d0:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

49 Requests

86 %HTTPS

69 %IPv6

9 Domains

15 Subdomains

12 IPs

3 Countries

3120 kBTransfer

4143 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:d0:: Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

86 %
HTTPS

69 %
IPv6

9
Domains

15
Subdomains

12
IPs

3
Countries

3120 kB
Transfer

4143 kB
Size

17
Cookies

49 HTTP transactions
0 data transactions