login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:c8::9
Public Scan
Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3...
Submission: On June 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.60.246.196 20.60.246.196 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 3 | 20.105.88.92 20.105.88.92 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2603:1026:300... 2603:1026:3000:c8::9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
1 | 40.126.31.67 40.126.31.67 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.159.4 20.190.159.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
34 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
buzzeasyagentuiqa.blob.core.windows.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
buzzeasy.com
pedro.buzzeasy.com |
2 MB |
13 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1089 |
326 KB |
3 |
geomant.cloud
2 redirects
geoauth-qa.geomant.cloud |
5 KB |
2 |
live.com
login.live.com — Cisco Umbrella Rank: 67 |
|
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
27 KB |
1 |
windows.net
buzzeasyagentuiqa.blob.core.windows.net |
709 B |
34 | 6 |
Domain | Requested by | |
---|---|---|
15 | pedro.buzzeasy.com |
pedro.buzzeasy.com
|
13 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
3 | geoauth-qa.geomant.cloud |
2 redirects
pedro.buzzeasy.com
|
2 | login.live.com |
login.microsoftonline.com
aadcdn.msftauth.net |
2 | login.microsoftonline.com |
pedro.buzzeasy.com
aadcdn.msftauth.net |
1 | buzzeasyagentuiqa.blob.core.windows.net |
pedro.buzzeasy.com
|
34 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.live.com |
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pedro.buzzeasy.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-05-08 - 2025-05-08 |
a year | crt.sh |
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-04-12 - 2025-04-07 |
a year | crt.sh |
*.geomant.cloud R3 |
2024-04-20 - 2024-07-19 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-27 - 2025-05-27 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-09 - 2025-05-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Frame ID: A5A932D398F7EDCC5E1786C1FE7BA952
Requests: 33 HTTP requests in this frame
Frame:
https://login.live.com/Me.htm?v=3
Frame ID: 2F8EDE8F07DED86A8D23D3C74B8B59CA
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
- https://pedro.buzzeasy.com/ Page URL
-
https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedr...
HTTP 302
https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzz... HTTP 302
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&... Page URL
- https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&... Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Erstellen Sie jetzt eins!
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://pedro.buzzeasy.com/ Page URL
-
https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedro.buzzeasy.com%2F&response_type=code&scope=openid+profile+email+phone&state=99c89e05a97648c6b375112504c5d808&code_challenge=Roj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY&code_challenge_method=S256&response_mode=query&acr_values=idp%3Aaad.oidc
HTTP 302
https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzzeasy-agentui%26redirect_uri%3Dhttps%253A%252F%252Fpedro.buzzeasy.com%252F%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%2520phone%26state%3D99c89e05a97648c6b375112504c5d808%26code_challenge%3DRoj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Aaad.oidc HTTP 302
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0 Page URL
- https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedro.buzzeasy.com%2F&response_type=code&scope=openid+profile+email+phone&state=99c89e05a97648c6b375112504c5d808&code_challenge=Roj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY&code_challenge_method=S256&response_mode=query&acr_values=idp%3Aaad.oidc HTTP 302
- https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzzeasy-agentui%26redirect_uri%3Dhttps%253A%252F%252Fpedro.buzzeasy.com%252F%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%2520phone%26state%3D99c89e05a97648c6b375112504c5d808%26code_challenge%3DRoj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Aaad.oidc HTTP 302
- https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
pedro.buzzeasy.com/ |
1 KB 907 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
pedro.buzzeasy.com/ |
166 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configuration.js
pedro.buzzeasy.com/ |
334 B 653 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-D0quAZSV.js
pedro.buzzeasy.com/assets/ |
104 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
useTranslation-DUywjPnJ.js
pedro.buzzeasy.com/assets/ |
310 KB 126 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18next-BIll90s5.js
pedro.buzzeasy.com/assets/ |
215 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenterContent-C1psah9S.js
pedro.buzzeasy.com/assets/ |
919 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
extensions-HnHIZori.js
pedro.buzzeasy.com/assets/ |
126 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-BFPLXnTm.js
pedro.buzzeasy.com/assets/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthProvider-BJlOzhtC.js
pedro.buzzeasy.com/assets/ |
199 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
useForceUpdate-CZ_jML9b.js
pedro.buzzeasy.com/assets/ |
120 B 439 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AntDesignAppProvider-BYqqi-HH.js
pedro.buzzeasy.com/assets/ |
151 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-CYtPq5Yx.js
pedro.buzzeasy.com/assets/ |
228 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IdleAndBreakInfo-fh073N8i.js
pedro.buzzeasy.com/assets/ |
3 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pedro.buzzeasy.com.json
buzzeasyagentuiqa.blob.core.windows.net/themes/ |
267 B 709 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
pedro.buzzeasy.com/ |
3 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
geoauth-qa.geomant.cloud/.well-known/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/common/oauth2/v2.0/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/common/oauth2/v2.0/ |
43 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
436 KB 119 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_3dydi2elnbeygkwjiyb5qw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
61 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 837 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ Frame 2F8E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 772 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c814 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
geoauth-qa.geomant.cloud/signin-oidc-aad | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Fq75u2LXdZGp2UHUBA9_WTcXxHiqpcOJ8JZHV2BgzvMr56cKiFtJ40CWij0E8YI_iF54yChzEmw-YvmGUHDkF7YBuvw2-29zpa7aBn1UUby6BQF9oBpPRW3RkstWY-x5Tdv_I70wM0xYYYIcgCSimRnXQ8YUgrp0_9oyh17U2tD__zek64KQZqDtFG2zuvtF7AnUp1ECrw-oVVOs-A9SCuxCQEJQog55AblsFUj7wnLUxFYWMD4dOMn1tlDo4uXUiMY3lUc-JGbXAgQOzVGagI Value: N |
|
geoauth-qa.geomant.cloud/signin-oidc-aad | Name: .AspNetCore.Correlation.siUawK4sz8pfmMwnxk-tR-ZvpPU6VD8qG69s6ytvp-Q Value: N |
|
.login.microsoftonline.com/ | Name: esctx-x9LTF6nAnA Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8ykf70oCPqgjGRq-ZyESMIagItIwNB7EN8733eUEBBVF_6nApmByg2jVTApXf3ZqXAsZb6uR5WraQRzEdHMHt9Rr66tu3VQpFNq0Mc4OXNnhPQFs68PO0_mY2Yr8NZhrODhn38lxSYMqGzEe4QCag8iAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AV8AWNTRDkeMtEiwuCFJcWgMJ523gRv_EBRGgcxaw9xkpAwPAQA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8hnViZ5oBX_QZVgnT1t9kgZ9FdTxgrArxNH1tUBd2JtYtYbZP0atCEn9i8ev4WQHFduwhkWCKrUEzu2muc5kRK1yqm6T1M7m1zBlExPVIln0gAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8efHxS_z9l7VCfcexZ9SOvxgMlYxis73EYzfjyjx7EiwDtVeavzHioqTuIcDGrdDrsytRHeQND8ExzD9sGrPzGrdSBHTC51A-qA3PUoCj9V_eAudO-LtPPmCSSDllhDAlEid8CZXHsQp_nHAAQEAX1wqcuoOkBRp3i0NaXasgXVsgAA |
|
.login.microsoftonline.com/ | Name: esctx-ipxTVGxnkw Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8t16Gz9iovj1CODyrFyHReR_dP8jFYOhe8DLkWV00sJug0BvT6cvV-bJirEsTUQgpdGcAJr9Sla9vvxSHugcQx9RJTxd7oEaivIp_toI3-MTRq60CbG91wxs7_jmFtx4Wj30-5fsEIjS9_5c-CTKYiCAA |
|
login.microsoftonline.com/ | Name: fpc Value: AoEQ1RxRQGlNqE2ja8Es7cqmHR6hAQAAAKTX990OAAAA |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1717952678&co=1 |
|
.login.live.com/ | Name: uaid Value: dc03ca3371b546bf925519591c9d6700 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
buzzeasyagentuiqa.blob.core.windows.net
geoauth-qa.geomant.cloud
login.live.com
login.microsoftonline.com
pedro.buzzeasy.com
20.105.88.92
20.190.159.4
20.60.246.196
2603:1026:3000:c8::9
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
40.126.31.67
005d4dc734921543c6e001977ccf6843d978852416bdda73f0cc02e608a770a1
0316061656cb245fdc388ba35f17188b4717c8a3635f4705a467eec971494053
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0d4e8553eb097766c70436fc66396ca29a1427f864d56fce985638f38741596c
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0fa7e1ecc5739bbe1d0792489023edc6d484b9cf28e7423d4cd73fdfd2093439
2542f7fb5455a138fcd45061343931f411b0eff9decc24e7e88e1d5283690584
31255776b2ffd83b971ac97ae52f69be8ea369dbfaeff42a7004bc4231e2312d
3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78
4359dcdbb96db103aa5576f35629d5a3c4a6ba80ff4b96f9c33c3dc7f02cb278
46d053e6b4ab84bd1c8a179dd4519da1cbf394207037253baca4ed945dcde527
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
7a597190a993aa0189a529ec1719ac48f93a0cc61c4215fa0f99cc5d5c351e85
86b399e33c31e114025af4c623913cf58cff7ce2729e635bbe8e2f2de5db9405
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9f797469ab6a7eac6a66fc38d21f38ab7f0edc663b5c4cc4072d9ad66b6f6049
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b276515cb8ba565056ffc0c55b9fb8130ed169d1bdc7225fbced902de0368a32
bec4432f9122421b8aa36a9f6e2e74afd2befb2fdf35ccc5a20f8c7dfba7d20e
befd325a8edac9052f14eca910cd1f999635ef29bc12452a07cd2f7171596be9
c411971990cade07d9f6f4994a3d24c00a918e5297f58838d26b4890bac4c721
c82cde4ccce49c7f96e9935186de8efd8840e37e2d5b9f51114f6db7a83b9c0c
c9a7e09337c7eaa0d7159a76f54f45884ef8c10490f28d7bb1dec161d4d04846
d8b0fed6144f0c0fd14e2b788389d772f425374b104043a02fc73c69c3770f69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93303eb3fa5ca223f198b17f1b92e8368aaf3d986f7b9695059e2555cd0dcf9
efa537593f7ac65d20256f56427e32c156a1547cbf332815f4da0e54f0bcdf45
f154944bb0ccf7a06c0f5772ec0812b91b65ca64572ac716a8c198b933679bdf