login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:c8::9
Public Scan
Submitted URL: https://lyse.safe-access.com/company/employee/17760567/notes/
Effective URL: https://login.microsoftonline.com/22ca942f-06c2-4f38-9407-0e447dedbb67/saml2?SAMLRequest=fVHLbsIwELz3KyLf%2FYhxYmKRICSEhNReWtpDL5V...
Submission: On September 17 via manual from MY — Scanned from DE
Effective URL: https://login.microsoftonline.com/22ca942f-06c2-4f38-9407-0e447dedbb67/saml2?SAMLRequest=fVHLbsIwELz3KyLf%2FYhxYmKRICSEhNReWtpDL5V...
Submission: On September 17 via manual from MY — Scanned from DE
Summary
This website contacted 8 IPs
in 5 countries
across 9 domains to perform 28 HTTP transactions.
The main IP is 2603:1026:3000:c8::9, located in
Dublin, Ireland and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 9.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 31st 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 31st 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 3 | 2606:4700::68... 2606:4700::6812:f30 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 10 | 79.160.226.248 79.160.226.248 | 29695 (ALTIBOX_A...) (ALTIBOX_AS Norway) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2603:1026:300... 2603:1026:3000:c8::9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 9 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 40.126.32.72 40.126.32.72 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 3 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 2603:1026:300... 2603:1026:3000:d0::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 28 | 8 |
3
2606:4700::6812:f30
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| lyse.safe-access.com | |
| novaauth.safe-access.com |
10
79.160.226.248
(Stavanger, Norway)
ASN29695 (ALTIBOX_AS Norway, NO)
PTR: 79.160.226.248.static.lyse.net
ASN29695 (ALTIBOX_AS Norway, NO)
PTR: 79.160.226.248.static.lyse.net
| c2w.cloud |
2
2603:1026:3000:c8::9
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
3
2606:2800:233:1cb7:261b:1f9c:2074:3c
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msauthimages.net |
1
2603:1026:3000:d0::6
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autologon.microsoftazuread-sso.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
c2w.cloud
1 redirects
c2w.cloud |
128 KB |
| 9 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 838 |
322 KB |
| 3 |
msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3246 |
129 KB |
| 3 |
safe-access.com
3 redirects
lyse.safe-access.com novaauth.safe-access.com — Cisco Umbrella Rank: 564802 |
2 KB |
| 2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9 |
18 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
37 KB |
| 1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1140 |
1 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 59 |
|
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
| 28 | 9 |
| Domain | Requested by | |
|---|---|---|
| 10 | c2w.cloud |
1 redirects
c2w.cloud
|
| 9 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
| 3 | aadcdn.msauthimages.net | |
| 2 | login.microsoftonline.com |
aadcdn.msauth.net
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | lyse.safe-access.com | 2 redirects |
| 1 | autologon.microsoftazuread-sso.com | |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | fonts.googleapis.com |
c2w.cloud
|
| 1 | novaauth.safe-access.com | 1 redirects |
| 28 | 10 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.c2w.cloud Go Daddy Secure Certificate Authority - G2 |
2024-06-06 - 2025-07-01 |
a year | crt.sh |
| upload.video.google.com WR2 |
2024-08-12 - 2024-11-04 |
3 months | crt.sh |
| *.gstatic.com WR2 |
2024-08-12 - 2024-11-04 |
3 months | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-08-31 - 2025-02-28 |
6 months | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-07-30 - 2025-07-30 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2024-08-28 - 2025-02-28 |
6 months | crt.sh |
| aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-04 - 2025-05-30 |
a year | crt.sh |
| autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-08-29 - 2025-02-28 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/22ca942f-06c2-4f38-9407-0e447dedbb67/saml2?SAMLRequest=fVHLbsIwELz3KyLf%2FYhxYmKRICSEhNReWtpDL5VxHLCU2KnttKVf3xCERC8cd3dmd2Z2sfzp2uRL%2B2CcLUGKCEi0Va429lCC190GzsGyelgE2bW9WA3xaJ%2F156BDTEaiDeI8KMHgrXAymCCs7HQQUYmX1dOjoIgIGYL2cVwPbij9fU7vXXTKtSBZj6eMlXGSd4yxDwLj1h2MRZ1R3gXXRGdbYzVSrsOUKlkw2kCSKwpZM5vDghEOiWaM17re73OOzwIoSLbrEnzwbC7TjEsmG0qzjORyRGYpnatc1WSmKMt5U5D9CA9h0FsborSxBJRQBkkBU74jM0GIYBzlafoOkrdrmKMRUE3JiYnrk43znYz3rZ87pobNBBXaRhNPoLo6V%2FQbqdYNNR5kuBjB0w4sFW5PQSP5O3gta5Qu8M3p6lL9f2H1Bw%3D%3D&RelayState=07172f13-fb27-4f0a-a6e9-30c6e80dbc15&locale=no
Frame ID: B06E598296F46C1E26ECE2C5E26E8CF7
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://lyse.safe-access.com/company/employee/17760567/notes/
HTTP 302
https://lyse.safe-access.com/accounts/manager/login/check/?next=/company/employee/17760567/notes/ HTTP 302
https://novaauth.safe-access.com/session/?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZXh0IjoiaHR0cHM6Ly9seX... HTTP 302
https://c2w.cloud/uas/saml2/SingleSignOnService?SAMLRequest=tVNLc5swEL77VzDcQYAxD43tGTfuwzOuzQ... HTTP 302
https://c2w.cloud/uas/authn/*/view?_id=115a2c7f-4b7c-4892-b8a2-dd1dcc23b1ea&entityID=https%3A%... Page URL
- https://login.microsoftonline.com/22ca942f-06c2-4f38-9407-0e447dedbb67/saml2?SAMLRequest=fVHLbsIwELz3KyLf%2FYh... Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz und Cookies
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://lyse.safe-access.com/company/employee/17760567/notes/
HTTP 302
https://lyse.safe-access.com/accounts/manager/login/check/?next=/company/employee/17760567/notes/ HTTP 302
https://novaauth.safe-access.com/session/?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZXh0IjoiaHR0cHM6Ly9seXNlLnNhZmUtYWNjZXNzLmNvbS9hY2NvdW50cy9tYW5hZ2VyL2xvZ2luL2NoZWNrLz9uZXh0PS9jb21wYW55L2VtcGxveWVlLzE3NzYwNTY3L25vdGVzLyIsInNjb3BlIjoiZjc0OTU4ZjUtMTlhMi00YmYxLWE0MjYtNGM4ZmU2ZDBjYWUzX21hbmFnZXIiLCJuZXh0X2ZhaWwiOiJodHRwczovL2x5c2Uuc2FmZS1hY2Nlc3MuY29tL2FjY291bnRzL21hbmFnZXIvbG9naW4vY2hlY2svP25leHQ9L2NvbXBhbnkvZW1wbG95ZWUvMTc3NjA1Njcvbm90ZXMvIiwianRpIjoiMGJkZWM5NmYtYjRjYy00MGY3LTlmN2UtN2Y1MWQyMDJlNmI2In0.ymxsD74x34bTEczaWxyVLP3FLL7oySpDIzJGsTAatvc HTTP 302
https://c2w.cloud/uas/saml2/SingleSignOnService?SAMLRequest=tVNLc5swEL77VzDcQYAxD43tGTfuwzOuzQS3h14ya7E4mgGJaoXT%2FvsCSZvkkNyqm6TvsfuttCRom45venuvbvFnj2RnjvOrbRTx6Wrl9kZxDSSJK2iRuBW83Hzd88gPeGe01UI37ivS%2BxwgQmOlViNpt125x8PH%2FfHz7nCXxFW9yDCa51GeZinmeVrHCYSLLEkwzKIgn0MlwvNI%2FI6GBo2VO0iOe8cpjL7KCs1hcFy5Bequwa0WTllMRkQ97hRZUHYgBVHsBbkXpqdgzoOAx%2BmPEbUd%2BpcK7KR8b21HnDERPfii0X3FeiA2NhixUqpLg6W8qKMq0VylwJFfPOXxQapqQLwfxPkRRPzL6VR4xbE8jRKbv%2FHcaEV9i%2BZJ%2Ftvt%2Frkkpa8Aw8x8gho9EAKJfKHbqTpGHavTOF9k9cILc4i8%2BFyHHsRR4sUiqzGpAgE4v2tBwQUNA0HMXU8hLkcBPoVl1v%2FHrUULFVhgS%2FbS7Nm%2B4%2BMId9tCN1L8ns7H9UmbFuzbkYZ%2BOJ3IyqsnKO8VdShkLbFy%2F8lsmkY%2F3BgEO7wSa3p0HbaezR6Lef0T1n8A&RelayState=https%3A%2F%2Flyse.safe-access.com%2Faccounts%2Fmanager%2Flogin%2Fcheck%2F%3Fnext%3D%2Fcompany%2Femployee%2F17760567%2Fnotes%2F&Signature=Vv72outzQny5pW3s5%2BtN1M04B1biixkMrprNSepZrZMrpFo99exlaR79BYO8S7hSJwp%2F8x8gcFBGuZAqUrDJmYJ6TXv0LjtnWJlsDJ7i%2BYTnvzaCa5qZpMXaqmuYkwKN5Z67htBLjoMWK461T3t2%2BJhb6lGC0tzPla0pmKk91EeQ64FfUcXI4JjWaDzXIYHVNC2x6vKc5bVUywfdUDcWvVir206kyvdfksBK66Bqf3Dld3THAZl%2FKdGuikfceTMbjloh%2FNMkpbOY%2BdCvPCtQPqRJdZ5%2Bq6RzPLRQFa4B57vYBIFnaPpcTNhiR5T4WwpeQ8YZLX0sD3CInKuJZy%2BaOg%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256 HTTP 302
https://c2w.cloud/uas/authn/*/view?_id=115a2c7f-4b7c-4892-b8a2-dd1dcc23b1ea&entityID=https%3A%2F%2Fnovaauth.safe-access.com%2Fsaml%2Fsp%2Ff74958f5-19a2-4bf1-a426-4c8fe6d0cae3_manager%2Fmetadata%2F&locale=no Page URL
- https://login.microsoftonline.com/22ca942f-06c2-4f38-9407-0e447dedbb67/saml2?SAMLRequest=fVHLbsIwELz3KyLf%2FYhxYmKRICSEhNReWtpDL5VxHLCU2KnttKVf3xCERC8cd3dmd2Z2sfzp2uRL%2B2CcLUGKCEi0Va429lCC190GzsGyelgE2bW9WA3xaJ%2F156BDTEaiDeI8KMHgrXAymCCs7HQQUYmX1dOjoIgIGYL2cVwPbij9fU7vXXTKtSBZj6eMlXGSd4yxDwLj1h2MRZ1R3gXXRGdbYzVSrsOUKlkw2kCSKwpZM5vDghEOiWaM17re73OOzwIoSLbrEnzwbC7TjEsmG0qzjORyRGYpnatc1WSmKMt5U5D9CA9h0FsborSxBJRQBkkBU74jM0GIYBzlafoOkrdrmKMRUE3JiYnrk43znYz3rZ87pobNBBXaRhNPoLo6V%2FQbqdYNNR5kuBjB0w4sFW5PQSP5O3gta5Qu8M3p6lL9f2H1Bw%3D%3D&RelayState=07172f13-fb27-4f0a-a6e9-30c6e80dbc15&locale=no Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://lyse.safe-access.com/company/employee/17760567/notes/ HTTP 302
- https://lyse.safe-access.com/accounts/manager/login/check/?next=/company/employee/17760567/notes/ HTTP 302
- https://novaauth.safe-access.com/session/?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZXh0IjoiaHR0cHM6Ly9seXNlLnNhZmUtYWNjZXNzLmNvbS9hY2NvdW50cy9tYW5hZ2VyL2xvZ2luL2NoZWNrLz9uZXh0PS9jb21wYW55L2VtcGxveWVlLzE3NzYwNTY3L25vdGVzLyIsInNjb3BlIjoiZjc0OTU4ZjUtMTlhMi00YmYxLWE0MjYtNGM4ZmU2ZDBjYWUzX21hbmFnZXIiLCJuZXh0X2ZhaWwiOiJodHRwczovL2x5c2Uuc2FmZS1hY2Nlc3MuY29tL2FjY291bnRzL21hbmFnZXIvbG9naW4vY2hlY2svP25leHQ9L2NvbXBhbnkvZW1wbG95ZWUvMTc3NjA1Njcvbm90ZXMvIiwianRpIjoiMGJkZWM5NmYtYjRjYy00MGY3LTlmN2UtN2Y1MWQyMDJlNmI2In0.ymxsD74x34bTEczaWxyVLP3FLL7oySpDIzJGsTAatvc HTTP 302
- https://c2w.cloud/uas/saml2/SingleSignOnService?SAMLRequest=tVNLc5swEL77VzDcQYAxD43tGTfuwzOuzQS3h14ya7E4mgGJaoXT%2FvsCSZvkkNyqm6TvsfuttCRom45venuvbvFnj2RnjvOrbRTx6Wrl9kZxDSSJK2iRuBW83Hzd88gPeGe01UI37ivS%2BxwgQmOlViNpt125x8PH%2FfHz7nCXxFW9yDCa51GeZinmeVrHCYSLLEkwzKIgn0MlwvNI%2FI6GBo2VO0iOe8cpjL7KCs1hcFy5Bequwa0WTllMRkQ97hRZUHYgBVHsBbkXpqdgzoOAx%2BmPEbUd%2BpcK7KR8b21HnDERPfii0X3FeiA2NhixUqpLg6W8qKMq0VylwJFfPOXxQapqQLwfxPkRRPzL6VR4xbE8jRKbv%2FHcaEV9i%2BZJ%2Ftvt%2Frkkpa8Aw8x8gho9EAKJfKHbqTpGHavTOF9k9cILc4i8%2BFyHHsRR4sUiqzGpAgE4v2tBwQUNA0HMXU8hLkcBPoVl1v%2FHrUULFVhgS%2FbS7Nm%2B4%2BMId9tCN1L8ns7H9UmbFuzbkYZ%2BOJ3IyqsnKO8VdShkLbFy%2F8lsmkY%2F3BgEO7wSa3p0HbaezR6Lef0T1n8A&RelayState=https%3A%2F%2Flyse.safe-access.com%2Faccounts%2Fmanager%2Flogin%2Fcheck%2F%3Fnext%3D%2Fcompany%2Femployee%2F17760567%2Fnotes%2F&Signature=Vv72outzQny5pW3s5%2BtN1M04B1biixkMrprNSepZrZMrpFo99exlaR79BYO8S7hSJwp%2F8x8gcFBGuZAqUrDJmYJ6TXv0LjtnWJlsDJ7i%2BYTnvzaCa5qZpMXaqmuYkwKN5Z67htBLjoMWK461T3t2%2BJhb6lGC0tzPla0pmKk91EeQ64FfUcXI4JjWaDzXIYHVNC2x6vKc5bVUywfdUDcWvVir206kyvdfksBK66Bqf3Dld3THAZl%2FKdGuikfceTMbjloh%2FNMkpbOY%2BdCvPCtQPqRJdZ5%2Bq6RzPLRQFa4B57vYBIFnaPpcTNhiR5T4WwpeQ8YZLX0sD3CInKuJZy%2BaOg%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256 HTTP 302
- https://c2w.cloud/uas/authn/*/view?_id=115a2c7f-4b7c-4892-b8a2-dd1dcc23b1ea&entityID=https%3A%2F%2Fnovaauth.safe-access.com%2Fsaml%2Fsp%2Ff74958f5-19a2-4bf1-a426-4c8fe6d0cae3_manager%2Fmetadata%2F&locale=no
28 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
view
c2w.cloud/uas/authn/*/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
c2w.cloud/uas/template/default/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
c2w.cloud/uas/webjars/jquery/3.7.1/ |
85 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
view.js
c2w.cloud/uas/template/default/resource/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script.js
c2w.cloud/uas/template/default/resource/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
xhr.js
c2w.cloud/uas/template/default/resource/script/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lyse.js
c2w.cloud/uas/template/default/resource/ |
16 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo
c2w.cloud/uas/template/default/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/22ca942f-06c2-4f38-9407-0e447dedbb67/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.ico
c2w.cloud/uas/template/default/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_NXCGegEOpKB5nrI5GnSS3g2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
439 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-de.min_ko72obxvu9yj3q3_akvs9q2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
63 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
397 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon
aadcdn.msauthimages.net/c1c6b6c8-7oyhcwtmza5b680gg8tnxsdv779pm4iua1qys2xnras/logintenantbranding/0/ |
2 KB 3 KB |
Other
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msauthimages.net/c1c6b6c8-7oyhcwtmza5b680gg8tnxsdv779pm4iua1qys2xnras/logintenantbranding/0/ |
123 KB 124 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-7oyhcwtmza5b680gg8tnxsdv779pm4iua1qys2xnras/logintenantbranding/0/ |
3 KB 3 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/22ca942f-06c2-4f38-9407-0e447dedbb67/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834 boolean| __convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| c2w.cloud/uas | Name: uas.master Value: _fe7fd74bbb8e092d4509fef06bd34fae068e1b61 |
|
| c2w.cloud/uas | Name: JSESSIONID Value: 23F43466CD784DF6C27D346D98EE76E6 |
|
| .safe-access.com/ | Name: __cf_bm Value: jcLx0DVsEnV0QIPAsgqb5GdXZi8hJLgH7n0tMkJXwkk-1726542046-1.0.1.1-T9RCdByenRFXZAHlDEQ6Sx9UoigJaKUDWZ5nOsYd27_D28SsyEoDiSkemJ44vH9ocPxuswDpoGZ.Isf0SVmTmQ |
|
| novaauth.safe-access.com/ | Name: sessionid Value: x8y1b29gz407dkaywliybc0u12ack2mx |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AVwAL5TKIsIGOE-UBw5Efe27Z-pSByhk-dRIk5FGy-crg71cAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYvegGyBlUJlruQrAu3MBH9WwgGX5MKCIoYVI400905f9SK6XBNvjf35ZuZHKPvSlzS-d4ZARYoEyCUy76swwPRXApRaKFRpFsI-SjVnpfHm8gAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYa_nONK823kdWljbfZZfxVuSPDslBAyVni0OmCRNFvnDM4FR3l2UbYyVbJWgl4We3Q5hKphEst_E5_nHpsAigi_QLN26bJ2hiiGki2yqKi_n41L1fns7FJemNmWM1SnS0PlnggNH9qV1MuB4YPqBsgGn7qIP3VMdoIDwPF1JQ4d8gAA |
|
| .login.microsoftonline.com/ | Name: esctx-pfxIsehTtlI Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYjtlB-c6H9Txbjxzmd5r-Fi6MfG5zVQt9xloD8qvBm3uVu5QaefiCiAGE7yH4moAGZWSrSspzPUYFmRydKERk5GRf4IgKoNYsprnugHfZTeaCObNCtaNR7dS6Gm-MKgg6FBLLXolFnTjL5O3PQlvHzSAA |
|
| login.microsoftonline.com/ | Name: fpc Value: AhFxV9aQGwZOgPpmpb0deBL6OUudAQAAAODnet4OAAAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: 1d0a2d85bdf74b07ba30bff417920997 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1726542049&co=1 |
|
| autologon.microsoftazuread-sso.com/ | Name: fpc Value: Ai8HPsc7yK1FnqstUZ8FJZs |
|
| autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
c2w.cloud
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
lyse.safe-access.com
novaauth.safe-access.com
2603:1026:3000:c8::9
2603:1026:3000:d0::6
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:f30
2620:1ec:bdf::45
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
40.126.32.72
79.160.226.248
11787ea1ee5103aee10e2a1f3cca3742553bd21e6e4085a549bb9a99feb2c9d8
156bd836d36a57f4c5fe72e4d2d0acd14d0ae6a0acf0bb38c5bd2d9d5c5990e7
187e5e01afffd2ba50aeb251bd940e7046129f154b5e62aa497856da046cce74
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
2d2fb454a2548bcc866ce532f4c5cee984fd2b8d383e5264c988b977a671cdc4
3d191f4a5990cd803939be4cd9392a4e67ee7f441f5aa08e1da62e268dfcc69b
423268a6e49b6edfdf7e94ed1e10dbd61f0b71280e882a767befc092f83a8008
5a443054b8ffcd4200d858ca863846e72bbcd8bc90049ae713670a532b7a5e1d
729b9bf98f3edbbbe47c947a08b87b8f434a2e9277230b12129889787fe3c507
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9e237344b18f7f0084cce23f540de53ae79136d9dac59c4f438439266fdbab83
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b9df4bf16fcb24c8da35cf1a1e891f5a4c8d4bceb89a7cf1ffd5a0f29a6d43ba
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
d9d4a64b3de41b8daa9a2f67a1539f8adfabd62568ffca4c0f3194a699c7edf7
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77180ce5a2fc5dba86aaf8621d09f584459bf4f3b0694838f79f6e1df77733b
eab827002477c7abf8e4840d6aa81c82d48c8da7925a702b17ca8fe5b66165ca
fa471804022b5da95ee9976d78ed549273c0a592365dd8564597ce87428ab5bd
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a