login.microsoftonline.com Open in urlscan Pro
40.126.31.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://194.156.153.11/
Effective URL:
https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba14...
Submission: On November 28 via manual (November 28th 2023, 9:45:17 am UTC) from CH — Scanned from CH

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 40.126.31.67, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 30th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	194.156.153.11 194.156.153.11	41514 (IFM-AS) (IFM-AS)
2 2	40.126.32.66 40.126.32.66	() ()
1 1	40.126.32.6 40.126.32.6	() ()
1	40.126.31.67 40.126.31.67	() ()
19	3

17 194.156.153.11 (Germany)

ASN41514 (IFM-AS, DE)

194.156.153.11	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.126.32.66 (None, ) 2 redirects

ASN- ()

myapps.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
account.activedirectory.windowsazure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.6 (None, ) 1 redirects

ASN- ()

launcher.myapps.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.67 (None, )

ASN- ()

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	microsoft.com 2 redirects myapps.microsoft.com launcher.myapps.microsoft.com	4 KB
1	microsoftonline.com login.microsoftonline.com
1	windowsazure.com 1 redirects account.activedirectory.windowsazure.com	316 B
0	msftauth.net Failed aadcdn.msftauth.net Failed
19	4

	Domain	Requested by
1	login.microsoftonline.com	194.156.153.11
1	launcher.myapps.microsoft.com	1 redirects
1	account.activedirectory.windowsazure.com	1 redirects
1	myapps.microsoft.com	1 redirects
0	aadcdn.msftauth.net Failed	login.microsoftonline.com
19	5

This site contains no links.

Subject Issuer	Validity	Valid
translations.ifm.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-02-21`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-08-30` - `2024-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=iWevF57aDe3KptFGFtJYDTM_ERJ7DvqkS4aVunieP_I&code_challenge_method=S256&response_mode=form_post&nonce=638367615169266021.OTJjZDNlZDEtMThmNC00YWM4LTgyY2EtOGJmNGU3NjUzMWQ0NGVkNjMyMDAtNmY2Ni00NjU4LWE5NzMtNDkyYzE1YTliMDdl&client_info=1&x-client-brkrver=IDWeb.2.13.2.0&state=CfDJ8C_A2l_Ee85HtEOhWdm_wF1DEufwqzU7R5OboIwSVF5nEl0n8Q9_kB-riNEAMseqCxW8eyJKCe_P9uyTsco-B25EBeK5n4Xx-i8i6q-2HRC3xgF21VrRNX-u7fTYgectlivqYAzlVPCRx0u8MOAyWTV2gMkErO1NOhu-818IJ3tKMXF8a8DyV7mhD7I7tUe-4eiZHqhfHQDhVec6xGBRiT536Gjq3D5_Il-VO4dhYa8_LeH3fXpY_4Sylvo1LNjQ7sLIf1r2WJQv7tNd8OTaVepSuSwri_bbkHLfcS5OnXuVsomw1P26cIy7qeHIlGZipWbeT46jU4i-bOdsDF8vLXT6rF0Z7yskYpgT6NaUAKAyvxm2ndxsNaoFreYPfT2Crfq7DJUAOiUl0uvsYmEQt_4R9DWPKZSsrLtm3bXsV9CdwAPz9mwtaA1bN5QSenWu4uGReqHfOuWNJ5-KZu9ui-n1-eFgifcbJ8aGRP38AShqE8I47BZzgM0b21_Dx2zEjJkskCX2dqBY-Q7ntPE3wIk&x-client-SKU=ID_NET6_0&x-client-ver=6.32.1.0
Frame ID: 61C2F6AD28982E432401F2F9F207D79B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://194.156.153.11/ Page URL
https://myapps.microsoft.com/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d... HTTP 302
https://account.activedirectory.windowsazure.com/applications/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4... HTTP 301
https://launcher.myapps.microsoft.com/api/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-... HTTP 302
https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

19
Requests

5 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

4783 kB
Transfer

4800 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://194.156.153.11/ Page URL
https://myapps.microsoft.com/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d-d7e83fc425ca HTTP 302
https://account.activedirectory.windowsazure.com/applications/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d-d7e83fc425ca HTTP 301
https://launcher.myapps.microsoft.com/api/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d-d7e83fc425ca HTTP 302
https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=iWevF57aDe3KptFGFtJYDTM_ERJ7DvqkS4aVunieP_I&code_challenge_method=S256&response_mode=form_post&nonce=638367615169266021.OTJjZDNlZDEtMThmNC00YWM4LTgyY2EtOGJmNGU3NjUzMWQ0NGVkNjMyMDAtNmY2Ni00NjU4LWE5NzMtNDkyYzE1YTliMDdl&client_info=1&x-client-brkrver=IDWeb.2.13.2.0&state=CfDJ8C_A2l_Ee85HtEOhWdm_wF1DEufwqzU7R5OboIwSVF5nEl0n8Q9_kB-riNEAMseqCxW8eyJKCe_P9uyTsco-B25EBeK5n4Xx-i8i6q-2HRC3xgF21VrRNX-u7fTYgectlivqYAzlVPCRx0u8MOAyWTV2gMkErO1NOhu-818IJ3tKMXF8a8DyV7mhD7I7tUe-4eiZHqhfHQDhVec6xGBRiT536Gjq3D5_Il-VO4dhYa8_LeH3fXpY_4Sylvo1LNjQ7sLIf1r2WJQv7tNd8OTaVepSuSwri_bbkHLfcS5OnXuVsomw1P26cIy7qeHIlGZipWbeT46jU4i-bOdsDF8vLXT6rF0Z7yskYpgT6NaUAKAyvxm2ndxsNaoFreYPfT2Crfq7DJUAOiUl0uvsYmEQt_4R9DWPKZSsrLtm3bXsV9CdwAPz9mwtaA1bN5QSenWu4uGReqHfOuWNJ5-KZu9ui-n1-eFgifcbJ8aGRP38AShqE8I47BZzgM0b21_Dx2zEjJkskCX2dqBY-Q7ntPE3wIk&x-client-SKU=ID_NET6_0&x-client-ver=6.32.1.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
194.156.153.11/ 38 KB
38 KB 312ms
84ms Document
text/html 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d45922b3cd58a60bcadd5791eea5e0c063c2ed5b0db5fac83a9bb1dac0ab0d36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 38902
content-type: text/html
date: Tue, 28 Nov 2023 09:45:10 GMT
etag: "0fbc7a2ba13d91:0"
last-modified: Mon, 19 Dec 2022 15:00:30 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 classic.json Show response
194.156.153.11/ 4 KB
4 KB 111ms
110ms XHR
application/json 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/classic.json?_dc=1701164711442

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

695f14bf36ae0c34efabce8bed57c763f41baf003cbdd1946eb4d0a997cdc12f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 15:00:28 GMT
server: Microsoft-IIS/10.0
etag: "0ce96a1ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 4292

GET
H2 200 GroupShare-all_1.css
194.156.153.11/classic/resources/ 325 KB
325 KB 149ms
147ms Stylesheet
text/css 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/classic/resources/GroupShare-all_1.css?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

367a24637966274b70e36ff6f588b98cfd4c91c0c91e32f6ac23b003b3b5a2e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 15:00:28 GMT
server: Microsoft-IIS/10.0
etag: "0ce96a1ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 332624

GET
H2 200 GroupShare-all_2.css
194.156.153.11/classic/resources/ 259 KB
260 KB 84ms
83ms Stylesheet
text/css 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

65e7c0161e9bb9d2990bb7a88c2bfc0c02175e074956fe346dc4d93784bc6f11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 15:00:28 GMT
server: Microsoft-IIS/10.0
etag: "0ce96a1ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 265681

GET
H2 200 GroupShare-all_3.css
194.156.153.11/classic/resources/ 67 KB
67 KB 236ms
234ms Stylesheet
text/css 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/classic/resources/GroupShare-all_3.css?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

69792e6f91700f6b3129e6231279b5c937c55f34d0ee15f99d8d211ac19e79e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 15:00:28 GMT
server: Microsoft-IIS/10.0
etag: "0ce96a1ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 68571

GET
H2 200 app.js Show response
194.156.153.11/classic/ 3 MB
3 MB 243ms
242ms Script
application/javascript 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/classic/app.js?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

74ef46beb23677bd8fa15d931be5a2ec101439a21374c32dedead42744cb9bb3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 15:00:04 GMT
server: Microsoft-IIS/10.0
etag: "0b24893ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 3110760

GET
H2 200 configs.js Show response
194.156.153.11/resources/ 258 B
338 B 263ms
261ms Script
application/javascript 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/configs.js?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dd1c774598ebe0bcb7b4a58dbd0d3e7758fa884251bcf04b7a9c169b3694bbf4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 20 Mar 2023 14:47:20 GMT
server: Microsoft-IIS/10.0
etag: "da27b1df3a5bd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 258

GET
H2 200 md5.min.js Show response
194.156.153.11/resources/ 4 KB
4 KB 265ms
264ms Script
application/javascript 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/md5.min.js?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

afe65e4c9ba4940a4d8830fd5b5bf05a2d734857a8c5e4a1dc982f9e929c556d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 14:48:08 GMT
server: Microsoft-IIS/10.0
etag: "0c483e8b813d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 3873

GET
H2 200 signalr.js Show response
194.156.153.11/resources/ 223 KB
223 KB 266ms
265ms Script
application/javascript 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/signalr.js?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7cedd8fdafb0c9f8a634aed1c6a76be98aa1829845e52030078ad04e15f509df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 14:48:08 GMT
server: Microsoft-IIS/10.0
etag: "0c483e8b813d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 228312

GET
H2 200 purify.min.js Show response
194.156.153.11/node_modules/dompurify/dist/ 21 KB
21 KB 272ms
272ms Script
application/javascript 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/node_modules/dompurify/dist/purify.min.js?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cdc8b22e0c84a6e5f1e15bf4ce705ee91ba156723b650bd91115d8f148f6a7e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:10 GMT
last-modified: Mon, 19 Dec 2022 15:00:28 GMT
server: Microsoft-IIS/10.0
etag: "0ce96a1ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 21946

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 locale-en.json
194.156.153.11/classic/resources/locale/login/ 479 B
581 B 82ms
81ms XHR
application/json 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/classic/resources/locale/login/locale-en.json?_dc=20221219155922

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/app.js?_dc=20221219155922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://194.156.153.11/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 19 Dec 2022 14:48:04 GMT
server: Microsoft-IIS/10.0
etag: "06a21e6b813d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 479

GET
H2 200 info.json
194.156.153.11/ 67 B
146 B 72ms
72ms XHR
application/json 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/info.json?_dc=1701164714809

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/app.js?_dc=20221219155922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://194.156.153.11/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 20 Mar 2023 14:46:47 GMT
server: Microsoft-IIS/10.0
etag: "8022decb3a5bd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 67

GET
H2 200 Calibri-Bold.woff
194.156.153.11/resources/fonts/ 371 KB
371 KB 128ms
127ms Font
font/x-woff 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/fonts/Calibri-Bold.woff

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922
Origin: https://194.156.153.11
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 19 Dec 2022 14:58:38 GMT
server: Microsoft-IIS/10.0
etag: "023660ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: font/x-woff
accept-ranges: bytes
content-length: 379636

GET
H2 200 Calibri.woff
194.156.153.11/resources/fonts/ 349 KB
349 KB 105ms
105ms Font
font/x-woff 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/fonts/Calibri.woff

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922
Origin: https://194.156.153.11
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 19 Dec 2022 14:58:40 GMT
server: Microsoft-IIS/10.0
etag: "0503761ba13d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: font/x-woff
accept-ranges: bytes
content-length: 357536

GET
H2 200 gs.login.logo.png
194.156.153.11/resources/images/ 3 KB
3 KB 86ms
85ms Image
image/png 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://194.156.153.11/resources/images/gs.login.logo.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://194.156.153.11/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 19 Dec 2022 14:48:08 GMT
server: Microsoft-IIS/10.0
etag: "0c483e8b813d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 3493

GET
H2 200 loginProvidersConfig.json
194.156.153.11/resources/ 242 B
321 B 82ms
82ms XHR
application/json 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/loginProvidersConfig.json?_dc=1701164714834&page=1&start=0&limit=25

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/app.js?_dc=20221219155922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://194.156.153.11/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 20 Mar 2023 15:32:30 GMT
server: Microsoft-IIS/10.0
etag: "9c42ce2e415bd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 242

GET
H/1.1

200
OK

Primary Request authorize
login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/
Redirect Chain

https://myapps.microsoft.com/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d-d7e83fc425ca
https://account.activedirectory.windowsazure.com/applications/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d-d7e83fc425ca
https://launcher.myapps.microsoft.com/api/signin/630dcfeb-e69e-48f8-bc97-8d340eea98db?tenantId=2782ef14-4849-46b4-b90d-d7e83fc425ca
https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi...

21 KB
0

709ms
111ms

Document
text/html

40.126.31.67

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=iWevF57aDe3KptFGFtJYDTM_ERJ7DvqkS4aVunieP_I&code_challenge_method=S256&response_mode=form_post&nonce=638367615169266021.OTJjZDNlZDEtMThmNC00YWM4LTgyY2EtOGJmNGU3NjUzMWQ0NGVkNjMyMDAtNmY2Ni00NjU4LWE5NzMtNDkyYzE1YTliMDdl&client_info=1&x-client-brkrver=IDWeb.2.13.2.0&state=CfDJ8C_A2l_Ee85HtEOhWdm_wF1DEufwqzU7R5OboIwSVF5nEl0n8Q9_kB-riNEAMseqCxW8eyJKCe_P9uyTsco-B25EBeK5n4Xx-i8i6q-2HRC3xgF21VrRNX-u7fTYgectlivqYAzlVPCRx0u8MOAyWTV2gMkErO1NOhu-818IJ3tKMXF8a8DyV7mhD7I7tUe-4eiZHqhfHQDhVec6xGBRiT536Gjq3D5_Il-VO4dhYa8_LeH3fXpY_4Sylvo1LNjQ7sLIf1r2WJQv7tNd8OTaVepSuSwri_bbkHLfcS5OnXuVsomw1P26cIy7qeHIlGZipWbeT46jU4i-bOdsDF8vLXT6rF0Z7yskYpgT6NaUAKAyvxm2ndxsNaoFreYPfT2Crfq7DJUAOiUl0uvsYmEQt_4R9DWPKZSsrLtm3bXsV9CdwAPz9mwtaA1bN5QSenWu4uGReqHfOuWNJ5-KZu9ui-n1-eFgifcbJ8aGRP38AShqE8I47BZzgM0b21_Dx2zEjJkskCX2dqBY-Q7ntPE3wIk&x-client-SKU=ID_NET6_0&x-client-ver=6.32.1.0

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/app.js?_dc=20221219155922

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.31.67 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://194.156.153.11/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8906
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Nov 2023 09:45:17 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem: 1,50168,0,,
x-ms-ests-server: 2.1.16790.7 - NEULR1 ProdSlices
x-ms-request-id: 10250a98-c9d9-43db-9cff-bd8e92100602

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,cache-control,ms-client-request-id,x-ms-client-request-id,ms-client-session-id,x-ms-client-session-id,x-ms-correlation-id,x-ms-command-name,x-ms-effective-locale,request-id,correlation-context,traceparent,tracestate,content-type,x-ms-tenant-id,x-ms-user-id,x-ms-tenant-region,x-ms-tdbr
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Content-Length: 0
Content-Security-Policy: default-src 'self';img-src 'self' https: data:;font-src 'self' https: data:;script-src 'self' *.office.net *.office.com *.microsoft.com *.azure.com *.msedge.net *.office365.com *.msauth.net *.msftauth.net *.live.com https://unpkg.com;connect-src 'self' https:;style-src 'self' 'unsafe-inline'; frame-src 'self' https:;
Date: Tue, 28 Nov 2023 09:45:16 GMT
Location: https://login.microsoftonline.com/2782ef14-4849-46b4-b90d-d7e83fc425ca/oauth2/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&redirect_uri=https%3A%2F%2Flauncher.myapps.microsoft.com%2Fapi%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access&code_challenge=iWevF57aDe3KptFGFtJYDTM_ERJ7DvqkS4aVunieP_I&code_challenge_method=S256&response_mode=form_post&nonce=638367615169266021.OTJjZDNlZDEtMThmNC00YWM4LTgyY2EtOGJmNGU3NjUzMWQ0NGVkNjMyMDAtNmY2Ni00NjU4LWE5NzMtNDkyYzE1YTliMDdl&client_info=1&x-client-brkrver=IDWeb.2.13.2.0&state=CfDJ8C_A2l_Ee85HtEOhWdm_wF1DEufwqzU7R5OboIwSVF5nEl0n8Q9_kB-riNEAMseqCxW8eyJKCe_P9uyTsco-B25EBeK5n4Xx-i8i6q-2HRC3xgF21VrRNX-u7fTYgectlivqYAzlVPCRx0u8MOAyWTV2gMkErO1NOhu-818IJ3tKMXF8a8DyV7mhD7I7tUe-4eiZHqhfHQDhVec6xGBRiT536Gjq3D5_Il-VO4dhYa8_LeH3fXpY_4Sylvo1LNjQ7sLIf1r2WJQv7tNd8OTaVepSuSwri_bbkHLfcS5OnXuVsomw1P26cIy7qeHIlGZipWbeT46jU4i-bOdsDF8vLXT6rF0Z7yskYpgT6NaUAKAyvxm2ndxsNaoFreYPfT2Crfq7DJUAOiUl0uvsYmEQt_4R9DWPKZSsrLtm3bXsV9CdwAPz9mwtaA1bN5QSenWu4uGReqHfOuWNJ5-KZu9ui-n1-eFgifcbJ8aGRP38AShqE8I47BZzgM0b21_Dx2zEjJkskCX2dqBY-Q7ntPE3wIk&x-client-SKU=ID_NET6_0&x-client-ver=6.32.1.0
Strict-Transport-Security: max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff

GET
H2 200 fontawesome-webfont.woff2
194.156.153.11/resources/font-awesome/fonts/ 75 KB
75 KB 64ms
64ms Font
application/font-woff2 194.156.153.11
IFM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://194.156.153.11/resources/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: 194.156.153.11
URL: https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.156.153.11 , Germany, ASN41514 (IFM-AS, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://194.156.153.11/classic/resources/GroupShare-all_2.css?_dc=20221219155922
Origin: https://194.156.153.11
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:45:14 GMT
last-modified: Mon, 19 Dec 2022 14:48:08 GMT
server: Microsoft-IIS/10.0
etag: "0c483e8b813d91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
accept-ranges: bytes
content-length: 77160

GET BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			194.156.153.11/	1969-12-31 23:59:59	Name: session Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
account.activedirectory.windowsazure.com
launcher.myapps.microsoft.com
login.microsoftonline.com
myapps.microsoft.com
aadcdn.msftauth.net
194.156.153.11
40.126.31.67
40.126.32.6
40.126.32.66
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
367a24637966274b70e36ff6f588b98cfd4c91c0c91e32f6ac23b003b3b5a2e8
65e7c0161e9bb9d2990bb7a88c2bfc0c02175e074956fe346dc4d93784bc6f11
695f14bf36ae0c34efabce8bed57c763f41baf003cbdd1946eb4d0a997cdc12f
69792e6f91700f6b3129e6231279b5c937c55f34d0ee15f99d8d211ac19e79e1
74ef46beb23677bd8fa15d931be5a2ec101439a21374c32dedead42744cb9bb3
7cedd8fdafb0c9f8a634aed1c6a76be98aa1829845e52030078ad04e15f509df
afe65e4c9ba4940a4d8830fd5b5bf05a2d734857a8c5e4a1dc982f9e929c556d
cdc8b22e0c84a6e5f1e15bf4ce705ee91ba156723b650bd91115d8f148f6a7e1
d45922b3cd58a60bcadd5791eea5e0c063c2ed5b0db5fac83a9bb1dac0ab0d36
dd1c774598ebe0bcb7b4a58dbd0d3e7758fa884251bcf04b7a9c169b3694bbf4

login.microsoftonline.com Open in urlscan Pro 40.126.31.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

5 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

3 IPs

1 Countries

4783 kBTransfer

4800 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

login.microsoftonline.com Open in urlscan Pro
40.126.31.67 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

5 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

4783 kB
Transfer

4800 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions