urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
52.126.195.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://useitc.unanet.biz/
Effective URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBU...
Submission: On August 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 52.126.195.80, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 10270.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2023. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 3.132.86.182 16509 (AMAZON-02)
2 52.126.195.80 8070 (MICROSOFT...)
7 2606:2800:233... 15133 (EDGECAST)
1 2001:489a:340... ()
11 4
Apex Domain
Subdomains		 Transfer
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1032
266 KB
3 unanet.biz
useitc.unanet.biz
2 KB
2 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 10270
26 KB
1 msftauthimages.us
aadcdn.msftauthimages.us
10 KB
11 4
Domain Requested by
7 aadcdn.msftauth.net login.microsoftonline.us
aadcdn.msftauth.net
3 useitc.unanet.biz 2 redirects
2 login.microsoftonline.us aadcdn.msftauth.net
1 aadcdn.msftauthimages.us
11 4

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
unanet.biz
Amazon RSA 2048 M01		 2023-05-23 -
2024-06-20		 a year crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2023-05-27 -
2024-05-27		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-01-31 -
2024-01-31		 a year crt.sh
aadcdn.msftauthimages.us
Microsoft Azure TLS Issuing CA 06		 2023-06-02 -
2024-05-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Frame ID: 8D27F77863C5429D2F6F493C84DCB3A3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://useitc.unanet.biz/ HTTP 301
    https://useitc.unanet.biz/useitc/ Page URL
  2. https://useitc.unanet.biz/useitc/action/home HTTP 302
    https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JM... Page URL
  3. https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JM... Page URL

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

302 kB
Transfer

999 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://useitc.unanet.biz/ HTTP 301
    https://useitc.unanet.biz/useitc/ Page URL
  2. https://useitc.unanet.biz/useitc/action/home HTTP 302
    https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome Page URL
  3. https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://useitc.unanet.biz/ HTTP 301
  • https://useitc.unanet.biz/useitc/
Request Chain 1
  • https://useitc.unanet.biz/useitc/action/home HTTP 302
  • https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
useitc.unanet.biz/useitc/
Redirect Chain
  • https://useitc.unanet.biz/
  • https://useitc.unanet.biz/useitc/
330 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
https://useitc.unanet.biz/useitc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.132.86.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-86-182.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ac468d0623bd12ea863ff6b9530bab2e0ba7cf04d70ce54fd09e2ab16a69e79e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
330
content-type
text/html; charset=UTF-8
date
Fri, 04 Aug 2023 18:47:56 GMT
etag
W/"330-1591402252000"
last-modified
Sat, 06 Jun 2020 00:10:52 GMT
server
nginx/1.22.1

Redirect headers

content-length
169
content-type
text/html
date
Fri, 04 Aug 2023 18:47:56 GMT
location
https://useitc.unanet.biz/useitc/
server
nginx/1.22.1
saml2
login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/
Redirect Chain
  • https://useitc.unanet.biz/useitc/action/home
  • https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iity...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.80 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2c23cfcc68688415d6ecdf234e5ff91197d6de907cfe82e921c3ce05b03469b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://useitc.unanet.biz/useitc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9210
Content-Type
text/html; charset=utf-8
Date
Fri, 04 Aug 2023 18:47:57 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.15984.6 - USGVA ProdSlices
x-ms-request-id
832d98e9-9680-4932-831e-14ad27517400

Redirect headers

cache-control
no-cache, no-store
content-length
0
content-script-type
text/javascript
content-type
text/html;charset=UTF-8
date
Fri, 04 Aug 2023 18:47:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome
pragma
no-cache
server
nginx/1.22.1
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:57 GMT
content-encoding
gzip
content-md5
Mwomsrfm/E5wVC4ntDZsmw==
age
1819134
x-cache
HIT
content-length
48719
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 10:42:34 GMT
server
ECAcc (frc/4D07)
etag
0x8DB82C4B39B426F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bb78137b-401e-002e-4b78-b6613a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/ 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.80 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
832a68fb5a51398cd2228713618794a5a0b0d3150fc083c0854c3d9b88b23a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14581
Content-Type
text/html; charset=utf-8
Date
Fri, 04 Aug 2023 18:47:57 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
x-ms-ests-server
2.1.15984.6 - USGVA ProdSlices
x-ms-request-id
dcea1624-39d7-4fe5-b443-37e047426600
converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE2) /
Resource Hash
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:57 GMT
content-encoding
gzip
content-md5
51nXYTkRfeACFNqVw7bA7Q==
age
6747570
x-cache
HIT
content-length
20105
x-ms-lease-status
unlocked
last-modified
Wed, 17 May 2023 19:53:45 GMT
server
ECAcc (frc/4CE2)
etag
0x8DB57106C9FE01F
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d33a21e2-101e-0001-51a5-892088000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		413 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFE) /
Resource Hash
8341ffbd25a1b2899756fd73fd44f7fb67279b78ae0fe052ac48bee38149fe4c

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:57 GMT
content-encoding
gzip
content-md5
k/Oc9R0V5Eizi5+vLEqamw==
age
1452862
x-cache
HIT
content-length
116827
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 16:43:16 GMT
server
ECAcc (frc/4CFE)
etag
0x8DB84896C439313
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8982aa83-801e-0082-29cd-b92bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_teq2a9w5a9dvhiycdifrpa2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_teq2a9w5a9dvhiycdifrpa2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/b22f297b-3010-4a07-a75c-752d1557669c/saml2?SAMLRequest=hVLLbtswEPwVgXdJFC2JMmE5cGMENZC2Rqz00EtBUauEAEW6XMp9fH1V2Q7SQ9Pr7uzOzsyubn4MJjqBR%2B1sTbKEkgiscp22TzV5bO7iitysVygHw45iM4Zn%2BwDfRsAQTYMWxblTk9Fb4SRqFFYOgCIocdh8uBcsoeLoXXDKGRJtEMGHierWWRwH8AfwJ63g8eG%2BJs8hHFGk6Yigg0pGKy2EpNW%2FLpVUqj%2BjqXFP2qYnaXQnA5BoO12jrQyzguuSGZQMWnmHrg%2FOGm0hGTFtGevZkrfxgmY0ziXlseSFinnBuqwoeFkuVTqrItGd8wpm0TXppcGJbLetydeKtWWrgJaq4FyqjgPNabZkclG0La8mD3eII%2BwsBmlDTRhli5hWMc2brBI5F0WZLPPFFxLtL9a80%2FZs%2BVs%2BtmcQivdNs4%2F3nw4NiT5fo5sA5BKUmNn964TeXiyvsZD1%2F0JYpa8pXj7j47Rzt907o9XPaGOM%2B37rYUrnxbfJykGGf5%2BRJdlc0V3cz1AxWjyC0r2GjqTrC%2B%2FfP7j%2BDQ%3D%3D&RelayState=%2Fuseitc%2Faction%2Fhome&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C96) /
Resource Hash
129d8b4779013ada24a3e2d35018b67e51fef2923673e1cb198cb0dca6389af2

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:57 GMT
content-encoding
gzip
content-md5
p4ZSANiQnrwy3VNx3PISTA==
age
1822472
x-cache
HIT
content-length
15915
x-ms-lease-status
unlocked
last-modified
Thu, 13 Jul 2023 00:30:58 GMT
server
ECAcc (frc/4C96)
etag
0x8DB83386D961238
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d2e00c54-101e-0007-4570-b6c649000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF7) /
Resource Hash
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:57 GMT
content-encoding
gzip
content-md5
2bI1Berv2EWLfhOTg8ynrg==
age
4289302
x-cache
HIT
content-length
32254
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jun 2023 17:22:33 GMT
server
ECAcc (frc/4CF7)
etag
0x8DB6C32C6A12948
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1e526848-e01e-0018-3001-a04682000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.us/6ebb54f4-fauwkqsiorlkcsbgvzljmgn1jsficer7jms5hjxk0gu/logintenantbranding/0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.us/6ebb54f4-fauwkqsiorlkcsbgvzljmgn1jsficer7jms5hjxk0gu/logintenantbranding/0/bannerlogo?ts=636906914828203376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0, Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ab59e0706e64ed2bdbd25864335bdc27f61f019a6600f368f234e6ac0314572e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:48:01 GMT
last-modified
Thu, 08 Oct 2020 18:58:33 GMT
server
Microsoft-IIS/10.0, Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
VUTXAJMpwS9ZXV8lUlmQoA==
etag
0x8D86BBC27C085EB
vary
Origin
x-cache
TCP_HIT
content-type
image/*
x-azure-ref
04kfNZAAAAACb5YNob+KJSLKQhIloCb2Yc24wMS1mZHYyLTY4YzZjOGZkYjYtZ3F6NHoAYTU4YzI3NzQtMTZhZi00MGM1LTg1ZTgtMDRiMjBmZmZhODY2
x-ms-request-id
22fe73b0-101e-0057-4700-c7ddff000000
x-ms-version
2009-09-19
content-length
9963
convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_sb6jQxfN8f3sA8faKcsD7Q2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB2) /
Resource Hash
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:58 GMT
content-encoding
gzip
content-md5
Adc2Toi5EeUeXRIO4fBe3g==
age
4289303
x-cache
HIT
content-length
35820
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jun 2023 17:22:35 GMT
server
ECAcc (frc/4CB2)
etag
0x8DB6C32C761F807
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
adad6379-001e-0048-2601-a00508000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Aug 2023 18:47:58 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
5706680
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frc/4CA2)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b2ae10f3-901e-0060-141d-935c76000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1 boolean| __convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13

10 Cookies

Domain/Path Name / Value
useitc.unanet.biz/ Name: AWSALB
Value: ASiKDzOiNnjmj+aNb5ufO/stfCSYSvCAj1oCGLcKiy+VrOzYDADd0+H5xlTl+6NEngzFI0I8UwkA0Kmc/3vjNpZE5Y+3pYtNux2HBiUlTYg4tlTjy4G+0HhSVkBW
useitc.unanet.biz/ Name: AWSALBCORS
Value: ASiKDzOiNnjmj+aNb5ufO/stfCSYSvCAj1oCGLcKiy+VrOzYDADd0+H5xlTl+6NEngzFI0I8UwkA0Kmc/3vjNpZE5Y+3pYtNux2HBiUlTYg4tlTjy4G+0HhSVkBW
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.us/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.CwMAeykvshAwB0qnXHUtFVdmnPhhjiEF2NRNkSFlYAx_tVACAAA.AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5m2bUNu7W96bX_VBZ6RfkINBkamWpEGSbI7NKM0a-myfE-y9KDw3zxTJDiOs0tVt4dcuUhOoPt4Kf5WcqeVM1plte6ismBxSHKaGVATCCO2YcgAA
.login.microsoftonline.us/ Name: esctx
Value: PAQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mzcZnUN1m54iSS1lgTiMc8s2oeZUDQg2TxLYSIkc-1fyKom0AkVDAza3fRQQ6c1CwHyDivASl7_jnF2nOkaQ85wFOX71XWBel88jnbmwzARQc_-Dwxe776Ac3cc6qdhC4o8FdwowOIASflT5GP37ITAZWplBZuIMxKRVFAIuDSgKPgQ9c7U4JkjjltYvdCRflrm1W6oHmRerJDk8syNx8UG-FQop4HYupdnOdD70nsx8gAA
login.microsoftonline.us/ Name: fpc
Value: AhPRdEgLpb9Itdf9pGibRE--2vsQAQAAAN0-X9wOAAAA
.login.microsoftonline.us/ Name: brcap
Value: 0