sso.godaddy.com
Open in
urlscan Pro
23.3.120.209
Public Scan
Submitted URL: http://autodiscover.jdrentalcars.com/
Effective URL: https://sso.godaddy.com/?domain=jdrentalcars.com&realm=pass&app=o365&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d...
Submission: On September 19 via api from US — Scanned from US
Effective URL: https://sso.godaddy.com/?domain=jdrentalcars.com&realm=pass&app=o365&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d...
Submission: On September 19 via api from US — Scanned from US
Summary
This website contacted 4 IPs
in 1 countries
across 5 domains to perform 15 HTTP transactions.
The main IP is 23.3.120.209, located in
and
belongs to .
The main domain is sso.godaddy.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 17th 2021. Valid for: a year.
This is the only time sso.godaddy.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 17th 2021. Valid for: a year.
This is the only time sso.godaddy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2603:1036:206... 2603:1036:206:41::8 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 2603:1036:302... 2603:1036:302:40d7::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 2 | 40.126.24.147 40.126.24.147 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 23.3.120.209 23.3.120.209 | () () | |
| 9 | 23.34.59.19 23.34.59.19 | () () | |
| 15 | 4 |
1
2603:1036:206:41::8
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autodiscover.jdrentalcars.com |
1
2603:1036:302:40d7::2
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| outlook.office365.com |
2
40.126.24.147
(Boydton, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
wsimg.com
img6.wsimg.com |
158 KB |
| 2 |
godaddy.com
sso.godaddy.com |
103 KB |
| 2 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 23 |
58 KB |
| 1 |
office365.com
1 redirects
outlook.office365.com — Cisco Umbrella Rank: 48 |
7 KB |
| 1 |
jdrentalcars.com
1 redirects
autodiscover.jdrentalcars.com |
550 B |
| 15 | 5 |
| Domain | Requested by | |
|---|---|---|
| 9 | img6.wsimg.com |
sso.godaddy.com
|
| 2 | sso.godaddy.com |
login.microsoftonline.com
sso.godaddy.com |
| 2 | login.microsoftonline.com | 1 redirects |
| 1 | outlook.office365.com | 1 redirects |
| 1 | autodiscover.jdrentalcars.com | 1 redirects |
| 15 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-08-18 - 2023-08-18 |
a year | crt.sh |
| sso.godaddy.com Go Daddy Secure Certificate Authority - G2 |
2021-09-17 - 2022-10-19 |
a year | crt.sh |
| *.wsimg.com Starfield Secure Certificate Authority - G2 |
2021-09-24 - 2022-10-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.godaddy.com/?domain=jdrentalcars.com&realm=pass&app=o365&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d455&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9bNNQAIT94tQkhUKEGMKGoi4gOX7Pduy8SAxJnD-aqCWh0HYA2Y5dO47zXMdOGgbUkbFCYqBIDAwMGZmqIvEzIWXKUAmJAYFgqFCREFNHGrEw9obTSTfdfTdolEa5RfhPPDtzFpomYnVjlv6Tf3k-sfDoe7jzLblz_3rynXjlcHUPJDpt3-gFaldX_X5aJ-4YpKwg8Po5jiNh0CXESRPTtHVDkDKzniNDldsHYArAEQDjiCwJMsYIZwUkYx5DiYdpWYOqjA2dRUbGZEUeCSyWMyKLNZzRTAkiGUmfI5eW82Fg8TMjvv3Q-BOJm8R3H3ikH-zRT4CiBwWlX9sslQpNWA9Fx1MLw45d3_YbjUbpdFCrBVE4qIsDoY3glqcKphcso2ZFga38HZitKe4Itp2Cw686o9vrTr2yMRLzyHLzw27RdW-VraIthxj7StboQSQKxoagmrWM0RB0bFfX5DX1nqvhal3NYoRW1OpwTJ_p6dc0c3qUS3oTmiGe0bPb0yj4GgU_oxcgnYvF5hNUkrpGnUTBy7lTKM_fHn_alFK1_Y_Prn55uggmc1x7ZPfKKlfZXure1SzZUtYdje8Yg2Fh1BgsDcpQJU3e2dI6A3IT5tAuA3YZ5oCJx-gElaKLK-iIAb8Z8PgcdRA_A87pefB-gTq5-OPwxZsPk1e_qn8B0
Frame ID: 6E97110E368891ABEC2B4F8E67FD5AA5
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://autodiscover.jdrentalcars.com/
HTTP 301
https://outlook.office365.com/owa/?realm=jdrentalcars.com&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
-
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir...
HTTP 302
https://sso.godaddy.com/?domain=jdrentalcars.com&realm=pass&app=o365&client-request-id=75e37e0d-e180... Page URL
Detected technologies
Prototype
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Polyfill
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /polyfill\.min\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://autodiscover.jdrentalcars.com/
HTTP 301
https://outlook.office365.com/owa/?realm=jdrentalcars.com&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d455&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=jdrentalcars.com&nonce=637991983179290620.7b0a79ec-1e5f-4213-9754-9b95bf601716&state=DctBDsIgEEBR0Lu4kpaBwjiLxrMMME00rSS01uvL4v3d10qpa3fptO1RGD0SAT08IDmy0dkBk2UkyQYkLGZy4A1hmAwlCmmJFhCi7u99rD8en0143eZ3afI5eM3c9iHX7XaWmb9HLa8911PaHw Page URL
-
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d455&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=jdrentalcars.com&nonce=637991983179290620.7b0a79ec-1e5f-4213-9754-9b95bf601716&state=DctBDsIgEEBR0Lu4kpaBwjiLxrMMME00rSS01uvL4v3d10qpa3fptO1RGD0SAT08IDmy0dkBk2UkyQYkLGZy4A1hmAwlCmmJFhCi7u99rD8en0143eZ3afI5eM3c9iHX7XaWmb9HLa8911PaHw&sso_reload=true
HTTP 302
https://sso.godaddy.com/?domain=jdrentalcars.com&realm=pass&app=o365&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d455&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9bNNQAIT94tQkhUKEGMKGoi4gOX7Pduy8SAxJnD-aqCWh0HYA2Y5dO47zXMdOGgbUkbFCYqBIDAwMGZmqIvEzIWXKUAmJAYFgqFCREFNHGrEw9obTSTfdfTdolEa5RfhPPDtzFpomYnVjlv6Tf3k-sfDoe7jzLblz_3rynXjlcHUPJDpt3-gFaldX_X5aJ-4YpKwg8Po5jiNh0CXESRPTtHVDkDKzniNDldsHYArAEQDjiCwJMsYIZwUkYx5DiYdpWYOqjA2dRUbGZEUeCSyWMyKLNZzRTAkiGUmfI5eW82Fg8TMjvv3Q-BOJm8R3H3ikH-zRT4CiBwWlX9sslQpNWA9Fx1MLw45d3_YbjUbpdFCrBVE4qIsDoY3glqcKphcso2ZFga38HZitKe4Itp2Cw686o9vrTr2yMRLzyHLzw27RdW-VraIthxj7StboQSQKxoagmrWM0RB0bFfX5DX1nqvhal3NYoRW1OpwTJ_p6dc0c3qUS3oTmiGe0bPb0yj4GgU_oxcgnYvF5hNUkrpGnUTBy7lTKM_fHn_alFK1_Y_Prn55uggmc1x7ZPfKKlfZXure1SzZUtYdje8Yg2Fh1BgsDcpQJU3e2dI6A3IT5tAuA3YZ5oCJx-gElaKLK-iIAb8Z8PgcdRA_A87pefB-gTq5-OPwxZsPk1e_qn8B0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://autodiscover.jdrentalcars.com/ HTTP 301
- https://outlook.office365.com/owa/?realm=jdrentalcars.com&vd=autodiscover HTTP 302
- https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=75e37e0d-e180-8018-5e29-18bf3414d455&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=jdrentalcars.com&nonce=637991983179290620.7b0a79ec-1e5f-4213-9754-9b95bf601716&state=DctBDsIgEEBR0Lu4kpaBwjiLxrMMME00rSS01uvL4v3d10qpa3fptO1RGD0SAT08IDmy0dkBk2UkyQYkLGZy4A1hmAwlCmmJFhCi7u99rD8en0143eZ3afI5eM3c9iHX7XaWmb9HLa8911PaHw
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
authorize
login.microsoftonline.com/common/oauth2/ Redirect Chain
|
151 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
sso.godaddy.com/ Redirect Chain
|
158 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gd-sage-bold.woff2
img6.wsimg.com/ux/fonts/gd-sage/1.0/ |
39 KB 40 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gdsherpa-vf.woff2
img6.wsimg.com/ux/fonts/sherpa/2.0/ |
43 KB 43 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uxcore2.min.css
img6.wsimg.com/wrhs/7c4a123069c201ce75da66eda7f84144/ |
197 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utilityheader.min.css
img6.wsimg.com/wrhs/fe8b24892f96760c9dd36b9e6673e085/ |
64 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hivemind-2.10.0.js
img6.wsimg.com/hivemind/ |
157 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
tcc.min.js
img6.wsimg.com/wrhs/8e29a782ee81c6268f25e0d63ec10ee1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
polyfill.min.js
img6.wsimg.com/poly/v3/ |
101 B 480 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uxcore2.min.js
img6.wsimg.com/wrhs/12263c72ff7a15ea28d22a713a26c1c9/ |
128 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor~uxcore2.min.js
img6.wsimg.com/wrhs/a1ec4030e9dc43d22a343bffd99b8514/ |
240 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
heartbeat.js
img6.wsimg.com/wrhs-next/0a3c9ed73591ea11f77b51a04edf210f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
utilityheader.min.js
img6.wsimg.com/wrhs/fa1f3e1460ed62b338ed22aea992b655/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login-panel.js
img6.wsimg.com/auth-assets/597609f2c431be85253547b5910ac601de541525/ |
570 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.js
sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ |
169 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- img6.wsimg.com
- URL
- https://img6.wsimg.com/wrhs/8e29a782ee81c6268f25e0d63ec10ee1/tcc.min.js
- Domain
- img6.wsimg.com
- URL
- https://img6.wsimg.com/wrhs-next/0a3c9ed73591ea11f77b51a04edf210f/heartbeat.js
- Domain
- img6.wsimg.com
- URL
- https://img6.wsimg.com/wrhs/fa1f3e1460ed62b338ed22aea992b655/utilityheader.min.js
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| outlook.office365.com/ | Name: ClientId Value: CE8FF51A5DA44885B5391DCCED7BE2CE |
|
| outlook.office365.com/ | Name: OIDC Value: 1 |
|
| outlook.office365.com/ | Name: domainName Value: jdrentalcars.com |
|
| outlook.office365.com/ | Name: OpenIdConnect.nonce.v3.glvDpjCerjaErWHuwmyKFsKdDbzY6WsdRg9IVxNEms8 Value: 637991983179290620.7b0a79ec-1e5f-4213-9754-9b95bf601716 |
|
| outlook.office365.com/ | Name: X-OWA-RedirectHistory Value: ArLym14B_NfyFlSa2gg |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AVsAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrWDDji_6Cb_dFuh7a6hyJh-JJJmtCsuDFA8F22Xl-U7SJ5PvuQFpqXdVpePhyAllaLxm7MmYE-JqAgYmMR2exR131b4EqPyMpvqtSneNFLEcgAA |
|
| .login.microsoftonline.com/ | Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrwKwy35VY7MvovEQrE1lwg7gilDfNz4P3W0bMHujd6nV1kHWV899Zam06OWoToLg7BZSefmLkQcZHE6wOKpte-AJ7Lq1l6l_6fcwBX9YRcnB7rP2p8vKLSYB448onV430KEWnUUOV2HfChpXaj_TjEBX6UmrpJM7uhK3VL8FSpUfJaVdx-YSwMdR9ROc6Pu-i9-skDI8eEwgNJ0DfiwPHrJc6vAtzp9nz7N2I9vTmJrAHwAoOklwVzApJSlgblSqtx294CEDxBnqyOydQur3QaM_0Ccp58mUNjQiiYvU8Tt5an2BUcljtXmAqcl-oyJkUJVgXNkG0_XoCvX15skEvoNHP0kqFNXxCnuUAhBw53Dm4M-4X28dNs9pcNgEY8dl6b4y8A7Ls4f42A9P4EC9NIAYU8DVUO8sKaV6WkIDezAERgWRT6geyZfW1k9ikotwCJn1vzdskERAQm5tmUeyHIgYbHxpYTzgxORJtvE2Q1gj1Dx4LU4L_M-uhv3j5r7Kk8AV7leOwg1e5LizZd5CVRyNdgF7WkpGaG7tn-yt7VJdaFY1EUHiuRHQn6eBjKA9lIAA |
|
| login.microsoftonline.com/ | Name: fpc Value: Aico-EovBSFKgTZGkDIFTl2erOTJAQAAAG6CutoOAAAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr4RNu9JmUNdqA7f7zx9q4exgADNppJblBVMPaWzfQUi8-EpaRApA_nCtorAt8vJbOgLB7IWLN5wtGm-Jdc16Agr7oFXOpDZrC4IoqJaESGJR-GIITeLVPlw-Cj_JFbdAxilbEVeTYvmfblC2S0q2Y8LrYeANdRBwiv32PCu3_Mr0gAA |
|
| .login.microsoftonline.com/ | Name: cltm Value: CgAQABoAIgQIDBAF |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
autodiscover.jdrentalcars.com
img6.wsimg.com
login.microsoftonline.com
outlook.office365.com
sso.godaddy.com
img6.wsimg.com
23.3.120.209
23.34.59.19
2603:1036:206:41::8
2603:1036:302:40d7::2
40.126.24.147
699e9286fbc8e62610639cc1c46069b0fdfbe6bf86619fb5ded2936f24fd8411