login.microsoftonline.com
Open in
urlscan Pro
20.190.160.22
Public Scan
Effective URL: https://login.microsoftonline.com/f42ecac6-5fde-483a-919b-ee6245b66c54/saml2?SAMLRequest=nVLLjtMwFN3PV0TeOw83dVurrVSmQlQaIJoWFmxGj...
Submission: On October 20 via automatic, source certstream-suspicious — Scanned from IT
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 15.197.225.128 15.197.225.128 | 16509 (AMAZON-02) (AMAZON-02) | |
2 8 | 216.52.6.97 216.52.6.97 | 30282 (AS-INAPCD...) (AS-INAPCDN-OCY) | |
2 | 20.190.160.22 20.190.160.22 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 13.107.246.64 13.107.246.64 | () () | |
1 | 152.199.21.175 152.199.21.175 | () () | |
16 | 5 |
ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
support.aocompanies.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
onbmc.com
2 redirects
aoc-dwp.onbmc.com chi-rsso1.onbmc.com — Cisco Umbrella Rank: 228856 |
10 KB |
6 |
msauth.net
aadcdn.msauth.net |
50 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9 |
16 KB |
1 |
msftauth.net
aadcdn.msftauth.net |
20 KB |
1 |
aocompanies.com
1 redirects
support.aocompanies.com |
313 B |
0 |
live.com
Failed
login.live.com Failed |
|
16 | 6 |
Domain | Requested by | |
---|---|---|
6 | aadcdn.msauth.net |
login.microsoftonline.com
|
5 | aoc-dwp.onbmc.com | 1 redirects |
3 | chi-rsso1.onbmc.com | 1 redirects |
2 | login.microsoftonline.com |
aadcdn.msauth.net
|
1 | aadcdn.msftauth.net |
login.microsoftonline.com
|
1 | support.aocompanies.com | 1 redirects |
0 | login.live.com Failed |
login.microsoftonline.com
|
16 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.onbmc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-30 - 2025-03-12 |
7 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-09-03 - 2025-03-03 |
6 months | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-07-30 - 2025-07-30 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/f42ecac6-5fde-483a-919b-ee6245b66c54/saml2?SAMLRequest=nVLLjtMwFN3PV0TeOw83dVurrVSmQlQaIJoWFmxGjnM9tZTYwdcZ4O9xMgwUqcwC72wfnXsed42ya3uxG8LZ3sPXATAk37vWopg%2BNmTwVjiJBoWVHaAIShx37%2B8ES3PRexecci1JDvsNeVAMpM5ZSSUrNC3ZnNPlYqmp5rxpVnW%2BqPmMJJ%2FBo3F2QyIDuUmunAPiAAeLQdoQYSNjkVOWn3ImipWYLdKSl19Iso9ijZVhYjuH0KPIstY9Gpt2RnmHTgdnW2MhVa7LdMlAScXpXDdAy%2BVM0lWxqikAZ%2BW85lzNy2x0zUjy1nkFUygbomWLEC1iJRHNE7y8XNVe%2FYrkjbGNsY%2Bv51c%2Fg1C8O50qWn08nq6T7hDBjzZvncWhA38E%2F2QUfLq%2F%2B2NcnQ31iK5Ina07NVke75kHBVG2z6RTNFbWkO00ZT16FVPY%2FqLz1yXLFylki%2F3DyPabdp1dEF6M6MWHSHPYV6416sf%2FbFdso5Ph3%2BgiLaYX01A9QcVgsQdltIGGJLu2dd9uPcgQuwt%2BAJJtb57V%2Fr35258%3D&RelayState=_c2eaf024-a21f-4256-878f-f66dd9b07b63
Frame ID: 9E7AB07614ECC0BE846593A284664AFB
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Accesso all'accountPage URL History Show full URLs
-
https://support.aocompanies.com/
HTTP 301
https://aoc-dwp.onbmc.com/ Page URL
-
https://aoc-dwp.onbmc.com/dwp
HTTP 302
https://aoc-dwp.onbmc.com/dwp/ Page URL
- https://chi-rsso1.onbmc.com/rsso/start Page URL
-
https://chi-rsso1.onbmc.com/rsso/start
HTTP 302
https://login.microsoftonline.com/f42ecac6-5fde-483a-919b-ee6245b66c54/saml2?SAMLRequest=nVLLjtMwFN3PV0TeOw83d... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://support.aocompanies.com/
HTTP 301
https://aoc-dwp.onbmc.com/ Page URL
-
https://aoc-dwp.onbmc.com/dwp
HTTP 302
https://aoc-dwp.onbmc.com/dwp/ Page URL
- https://chi-rsso1.onbmc.com/rsso/start Page URL
-
https://chi-rsso1.onbmc.com/rsso/start
HTTP 302
https://login.microsoftonline.com/f42ecac6-5fde-483a-919b-ee6245b66c54/saml2?SAMLRequest=nVLLjtMwFN3PV0TeOw83dVurrVSmQlQaIJoWFmxGjnM9tZTYwdcZ4O9xMgwUqcwC72wfnXsed42ya3uxG8LZ3sPXATAk37vWopg%2BNmTwVjiJBoWVHaAIShx37%2B8ES3PRexecci1JDvsNeVAMpM5ZSSUrNC3ZnNPlYqmp5rxpVnW%2BqPmMJJ%2FBo3F2QyIDuUmunAPiAAeLQdoQYSNjkVOWn3ImipWYLdKSl19Iso9ijZVhYjuH0KPIstY9Gpt2RnmHTgdnW2MhVa7LdMlAScXpXDdAy%2BVM0lWxqikAZ%2BW85lzNy2x0zUjy1nkFUygbomWLEC1iJRHNE7y8XNVe%2FYrkjbGNsY%2Bv51c%2Fg1C8O50qWn08nq6T7hDBjzZvncWhA38E%2F2QUfLq%2F%2B2NcnQ31iK5Ina07NVke75kHBVG2z6RTNFbWkO00ZT16FVPY%2FqLz1yXLFylki%2F3DyPabdp1dEF6M6MWHSHPYV6416sf%2FbFdso5Ph3%2BgiLaYX01A9QcVgsQdltIGGJLu2dd9uPcgQuwt%2BAJJtb57V%2Fr35258%3D&RelayState=_c2eaf024-a21f-4256-878f-f66dd9b07b63 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://support.aocompanies.com/ HTTP 301
- https://aoc-dwp.onbmc.com/
- https://aoc-dwp.onbmc.com/dwp HTTP 302
- https://aoc-dwp.onbmc.com/dwp/
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
aoc-dwp.onbmc.com/ Redirect Chain
|
145 B 564 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
aoc-dwp.onbmc.com/dwp/ Redirect Chain
|
1 KB 1008 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
aoc-dwp.onbmc.com/ |
3 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
start
chi-rsso1.onbmc.com/rsso/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
aoc-dwp.onbmc.com/ |
3 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
saml2
login.microsoftonline.com/f42ecac6-5fde-483a-919b-ee6245b66c54/ Redirect Chain
|
39 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
chi-rsso1.onbmc.com/ |
3 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
74 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_64Z6dmvJd_mCK0LlAXyiHg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
0 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-it.min_bgun7cuufinrhhwjpprqew2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
login.live.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
117 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watson
login.microsoftonline.com/common/handlers/ |
265 B 550 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.live.com
- URL
- https://login.live.com/Me.htm?v=3
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
chi-rsso1.onbmc.com/rsso | Name: hroute Value: 1729390778.295.108860.671464 |
|
aoc-dwp.onbmc.com/dwp | Name: JSESSIONID Value: A404D4C897B332EFDE7963C0630BAF10 |
|
aoc-dwp.onbmc.com/ | Name: route Value: 1729390776.555.108848.603754 |
|
aoc-dwp.onbmc.com/ | Name: onbmc_pool Value: !dC0K6rrpHEe06c8Tr17Qd5AA49mfQpo/wRKIWsISzpqjVUJhuUheNVQ/O8jD4ZMtpSMvVQb4MGwlVak= |
|
chi-rsso1.onbmc.com/ | Name: onbmc_pool Value: !BBzXJyD54BT03c4Tr17Qd5AA49mfQjy/CwoKPziLb4/8MVdNfZyNtylxi6VPs3aQY/CxMZIDXF1kfyM= |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQMAxsou9N5fOkiRm-5iRbZsVAysPNkOdetPrqfTQRUxMF4BAQA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeQ3aI51EfhPIxnsH7UoFQ0vwto-It7Qe_MnGx8YpJruYsEo5R4mzUsKgVMUVxHbR71Vz1dNP7TDb_Bz4yuPm5fdPBp4nWZAzuaBklf1Fe8csgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeylSpq6JDbfvLTlmmTCohR2nhI2zMCqzDSoczSuvnn26G4jacXWz47daTRXhNgyMHgKBuUyTf7cOJpIh-1q55ZFX-8_bMXz-wrav54zUOIQyGbAnQl6pb_vafl8Utojt6v66mz-vxQl1BzH0bf6iRyRdw8jdQAHj1SnZ-7lo8nHkgAA |
|
.login.microsoftonline.com/ | Name: esctx-YZLXNWcKKww Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFep3Yy_1_bAQI-eUVAcm-ylWVjIS9SHFq498rosnbwdtmbkb4STd2k3c-KtTtjo3KvMEaJAVEjeVm022ssdWHeIzFIqppIdD-8XQaEgmw30R2eILZpeUUSvU4a8Af3StKsCna7IXIQOQLOBUzPUcj33SAA |
|
login.microsoftonline.com/ | Name: fpc Value: AhAaRes7m1hDgol8cOFtOomaVilvAQAAALlfpt4OAAAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
aoc-dwp.onbmc.com
chi-rsso1.onbmc.com
login.live.com
login.microsoftonline.com
support.aocompanies.com
login.live.com
13.107.246.64
15.197.225.128
152.199.21.175
20.190.160.22
216.52.6.97
1e3ebe850a88e5c084316737e7d4a0485cfcf93da0e18ab3babbf9245ec6790c
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
315d12ce0925ddedd5011bb8e20b6c91e89eb08c62045a74051ee97342f8efe5
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
485edadea1830d830bc6dcb4b939b5457b6f41340bedecbee8df9c24083ccea2
4a4cf58da7a0952e95d349b1c361108fdfa0d2da879f139380526cc62db3ca09
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0