login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:10::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://interdigital-test.unycom-online.com/
Effective URL:
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpoju...
Submission: On August 30 via api (August 30th 2023, 1:38:07 am UTC) from US — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2603:1036:3000:10::1, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 12.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 7	194.187.94.247 194.187.94.247	21362 (KBC-EDS) (KBC-EDS)
3	2603:1036:300... 2603:1036:3000:10::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b	15133 (EDGECAST) (EDGECAST)
1	20.190.152.20 20.190.152.20	() ()
20	5

7 194.187.94.247 (Austria) 4 redirects

ASN21362 (KBC-EDS, AT)

interdigital-test.unycom-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1036:3000:10::1 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:21f:1b88:6342:f8de:86c:e98b (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.152.20 (None, )

ASN- ()

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 917	247 KB
7	unycom-online.com 4 redirects interdigital-test.unycom-online.com	24 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 12	27 KB
1	live.com login.live.com
0	microsoftazuread-sso.com Failed autologon.microsoftazuread-sso.com Failed
0	msftauthimages.net Failed aadcdn.msftauthimages.net Failed
20	6

	Domain	Requested by
10	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
7	interdigital-test.unycom-online.com	4 redirects interdigital-test.unycom-online.com
3	login.microsoftonline.com	aadcdn.msftauth.net
1	login.live.com	login.microsoftonline.com
0	autologon.microsoftazuread-sso.com Failed
0	aadcdn.msftauthimages.net Failed
20	6

This site contains no links.

Subject Issuer	Validity	Valid
*.unycom-online.com GeoTrust TLS RSA CA G1	`2022-12-06` - `2024-01-06`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-08-17` - `2024-08-17`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-07-04` - `2024-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444&sso_reload=true
Frame ID: D56BE8E7D66A857EBFD60D8BD4985093
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://interdigital-test.unycom-online.com/ Page URL
https://interdigital-test.unycom-online.com/ipms HTTP 302
https://interdigital-test.unycom-online.com/ipms/ HTTP 302
https://interdigital-test.unycom-online.com/ipms/AppIpms.jsp HTTP 302
https://interdigital-test.unycom-online.com/ipms/saml2/authenticate/idp HTTP 302
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvW... Page URL
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvW... Page URL

Page Statistics

20
Requests

85 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

292 kB
Transfer

916 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://interdigital-test.unycom-online.com/ Page URL
https://interdigital-test.unycom-online.com/ipms HTTP 302
https://interdigital-test.unycom-online.com/ipms/ HTTP 302
https://interdigital-test.unycom-online.com/ipms/AppIpms.jsp HTTP 302
https://interdigital-test.unycom-online.com/ipms/saml2/authenticate/idp HTTP 302
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444 Page URL
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://interdigital-test.unycom-online.com/ipms HTTP 302
https://interdigital-test.unycom-online.com/ipms/ HTTP 302
https://interdigital-test.unycom-online.com/ipms/AppIpms.jsp HTTP 302
https://interdigital-test.unycom-online.com/ipms/saml2/authenticate/idp HTTP 302
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
interdigital-test.unycom-online.com/ 2 KB
2 KB 549ms
126ms Document
text/html 194.187.94.247
KBC-EDS

General

Check archive.org

Show headers Download Go to

Full URL

https://interdigital-test.unycom-online.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.94.247 , Austria, ASN21362 (KBC-EDS, AT),

Reverse DNS

Software

Apache /

Resource Hash

a000db53297abc25a59add45d09e1b7d33890f1967d6a0cb34cd281c8ee71c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Connection: keep-alive, Keep-Alive
Content-Encoding: gzip
Content-Length: 708
Content-Security-Policy-Report-Only: default-src 'self' data:; connect-src 'self' https://*.cookielaw.org https://*.onetrust.com; script-src 'self' https://*.cookielaw.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:;frame-src 'self' https://login.eu1.birst.com/ unydav: ms-excel: ms-powerpoint: ms-word: mailto:; frame-ancestors 'self'; report-uri /ipms/csp_report
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 01:38:02 GMT
ETag: "65d-60391a5203dd7-gzip"
Keep-Alive: timeout=600, max=1000
Last-Modified: Wed, 23 Aug 2023 06:58:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding,User-Agent
X-ServiceTime: D=553 microseconds
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK clarivateLogo.png
interdigital-test.unycom-online.com/ 4 KB
5 KB 131ms
129ms Image
image/png 194.187.94.247
KBC-EDS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interdigital-test.unycom-online.com/clarivateLogo.png

Requested by

Host: interdigital-test.unycom-online.com
URL: https://interdigital-test.unycom-online.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.94.247 , Austria, ASN21362 (KBC-EDS, AT),

Reverse DNS

Software

Apache /

Resource Hash

b5080a554c1b117d60d7e38e5f312ddfb6217b1283add8b8da294a2a38f7427c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interdigital-test.unycom-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 01:38:03 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Content-Security-Policy-Report-Only: default-src 'self' data:; connect-src 'self' https://*.cookielaw.org https://*.onetrust.com; script-src 'self' https://*.cookielaw.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:;frame-src 'self' https://login.eu1.birst.com/ unydav: ms-excel: ms-powerpoint: ms-word: mailto:; frame-ancestors 'self'; report-uri /ipms/csp_report
Connection: keep-alive, Keep-Alive
Content-Length: 4435
x-xss-protection: 0
Last-Modified: Wed, 23 Aug 2023 06:58:55 GMT
Server: Apache
ETag: "1153-60391a5203dd7"
x-frame-options: SAMEORIGIN
Content-Type: image/png
X-ServiceTime: D=118 microseconds
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=600, max=999
Expires: Fri, 29 Sep 2023 01:38:03 GMT

GET
H/1.1 200
OK redirect.png
interdigital-test.unycom-online.com/ 10 KB
11 KB 268ms
126ms Image
image/png 194.187.94.247
KBC-EDS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interdigital-test.unycom-online.com/redirect.png

Requested by

Host: interdigital-test.unycom-online.com
URL: https://interdigital-test.unycom-online.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.94.247 , Austria, ASN21362 (KBC-EDS, AT),

Reverse DNS

Software

Apache /

Resource Hash

22882b94e0d422e5421076db8fc72aacbd7cd2a45806ab59c396b5076d8c7ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interdigital-test.unycom-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 01:38:03 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Content-Security-Policy-Report-Only: default-src 'self' data:; connect-src 'self' https://*.cookielaw.org https://*.onetrust.com; script-src 'self' https://*.cookielaw.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:;frame-src 'self' https://login.eu1.birst.com/ unydav: ms-excel: ms-powerpoint: ms-word: mailto:; frame-ancestors 'self'; report-uri /ipms/csp_report
Connection: keep-alive, Keep-Alive
Content-Length: 10369
x-xss-protection: 0
Last-Modified: Wed, 23 Aug 2023 06:58:55 GMT
Server: Apache
ETag: "2881-60391a52041bf"
x-frame-options: SAMEORIGIN
Content-Type: image/png
X-ServiceTime: D=116 microseconds
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=600, max=998
Expires: Fri, 29 Sep 2023 01:38:03 GMT

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/
Redirect Chain

https://interdigital-test.unycom-online.com/ipms
https://interdigital-test.unycom-online.com/ipms/
https://interdigital-test.unycom-online.com/ipms/AppIpms.jsp
https://interdigital-test.unycom-online.com/ipms/saml2/authenticate/idp
https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2...

20 KB
10 KB

249ms
82ms

Document
text/html

2603:1036:3000:10::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1036:3000:10::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fa2d38e1e80acb17fad247703c2303fd2351c31bd971b5b4605fdf4611d67a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://interdigital-test.unycom-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 9249
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Aug 2023 01:38:06 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.16150.3 - SCUS ProdSlices
x-ms-request-id: ff0f6fad-c1d2-412d-999d-3f69c99b0501

Redirect headers

Cache-Control: no-store
Connection: keep-alive, Keep-Alive
Content-Length: 0
Content-Security-Policy-Report-Only: default-src 'self' data:; connect-src 'self' https://*.cookielaw.org https://*.onetrust.com; script-src 'self' https://*.cookielaw.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:;frame-src 'self' https://login.eu1.birst.com/ unydav: ms-excel: ms-powerpoint: ms-word: mailto:; frame-ancestors 'self'; report-uri /ipms/csp_report default-src 'self' data:; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:;frame-src 'self' https://login.eu1.birst.com unydav: ms-excel: ms-powerpoint: ms-word: mailto:; frame-ancestors 'self'; report-uri /ipms/csp_report
Date: Wed, 30 Aug 2023 01:38:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=600, max=994
Location: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444
Server: Apache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains max-age=31536000 ; includeSubDomains
Vary: User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-ServiceTime: D=3327 microseconds
X-XSS-Protection: 0

GET
H2 200 BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 135 KB
48 KB 229ms
33ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/47EB) /
Resource Hash

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:06 GMT
content-encoding: gzip
content-md5: Mwomsrfm/E5wVC4ntDZsmw==
age: 4008834
x-cache: HIT
content-length: 48719
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 10:42:34 GMT
server: ECAcc (nyb/47EB)
etag: 0x8DB82C4B39B426F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dc148ecf-b01e-009c-716c-b6556b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H/1.1 200
OK reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 58ms
57ms Ping
application/json 2603:1036:3000:10::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1900&client-request-id=5a416d6e-0a11-49f1-95bd-c4cf1fcea27e&hpgrequestid=ff0f6fad-c1d2-412d-999d-3f69c99b0501

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1036:3000:10::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 30 Aug 2023 01:38:06 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
Content-Type: application/json; charset=utf-8
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 6a7624db-7270-4459-8d7e-e8f4662b7500
Cache-Control: no-store, no-cache
Content-Length: 265
x-ms-ests-server: 2.1.16150.3 - EUS ProdSlices
X-XSS-Protection: 0
Expires: -1

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/ 38 KB
16 KB 173ms
117ms Document
text/html 2603:1036:3000:10::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1036:3000:10::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cb4571400413155dd3cf08fff11d0f98674b54ba4b76026a1db70c3f9eb01d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14506
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Aug 2023 01:38:06 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.16150.3 - SCUS ProdSlices
x-ms-request-id: b0de0686-7a06-4e13-8dba-1a6e10061e01

GET
H2 200 converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 39ms
37ms Stylesheet
text/css 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/1D4A) /
Resource Hash: 09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:06 GMT
content-encoding: gzip
content-md5: 51nXYTkRfeACFNqVw7bA7Q==
age: 6341544
x-cache: HIT
content-length: 20105
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 19:53:45 GMT
server: ECAcc (nyb/1D4A)
etag: 0x8DB57106C9FE01F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 747ba2c8-e01e-007c-0a35-a12fdd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_2W3IEdsiCwViwvv0RWyRLg2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 413 KB
114 KB 42ms
41ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2W3IEdsiCwViwvv0RWyRLg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/476E) /
Resource Hash: 8f1560f9facec91e41523de1bb5653fa11d380bc9ea12c6e767201a37648d593

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:06 GMT
content-encoding: gzip
content-md5: iiwwqCrY1fKDPyF9U5dPEQ==
age: 1753444
x-cache: HIT
content-length: 116832
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 17:42:34 GMT
server: ECAcc (nyb/476E)
etag: 0x8DB9836D94D0787
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3f6ab198-001e-002c-13f0-ca6c57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 49 KB
14 KB 37ms
35ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vts8ra1it9l0lgwizaxzhg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/47A3) /
Resource Hash: a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:06 GMT
content-encoding: gzip
content-md5: F796jFOPcfyA2yQHgXtB1w==
age: 4008866
x-cache: HIT
content-length: 14540
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 00:30:58 GMT
server: ECAcc (nyb/47A3)
etag: 0x8DB83386DB332D7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e4c3add5-301e-0050-686c-b69d0f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 186ms
49ms Other
text/html 20.190.152.20

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e351b779-f6d5-4e50-8568-80e922d180ae/saml2?SAMLRequest=nZLLbtswEEV%2FheCeEvWyJcJy4DYIGiBFXEvpojuKGjsEpKHLoYz276v6gaSbLLojwTv3zszh6u7XOLATeLIOa55EkjNA43qLh5q%2FtA%2Bi5HfrFelxSI9qM4VX3MHPCSiwuRBJXV5qPnlUTpMlhXoEUsGoZvP1SaWRVEfvgjNu4GxDBD7MUZ8d0jSCb8CfrIGX3VPNX0M4kopjiwF8bw826EGEOSqa8Ldxo3A4WIRoPqo8z2J7HCn%2Bmx83zTNn97PSog7nQW5egztYjEZrvCO3D28OMWRF0i2Xldgv%2BkLkUEhRFotSlBKqNO2TUmo4u6ecPThv4Dx8zfd6IODs8b7mm923pey6aq4qoFuI3FR7UeW9EUmX6S7p8ySH5aylrSayJ3irJprgESloDDVPZZoJWYpMtjJRWalkEZWL4gdn2%2BvmPlm8EPlozd1FROpL227F9rlpOft%2BIzsL%2BJWjOqf79wA%2FNtY3anz9%2F4xGCLrXQa%2Fi902sr9d%2F%2F9b6Dw%3D%3D&RelayState=c268307d-261b-4efd-8266-6d8003061444&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.152.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_ad69b2c2408c2332edca.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 121ms
33ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_ad69b2c2408c2332edca.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2W3IEdsiCwViwvv0RWyRLg2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/46F4) /
Resource Hash: b85f390f8f63c126bf0b6ab72f161ba9793a7f49ead022c97c63ea03ef573a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:06 GMT
content-encoding: gzip
content-md5: DW8hm6vrNrL3sPWuwsGLoQ==
age: 2226213
x-cache: HIT
content-length: 32264
x-ms-lease-status: unlocked
last-modified: Tue, 01 Aug 2023 23:21:42 GMT
server: ECAcc (nyb/46F4)
etag: 0x8DB92E610FE3B9E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e0676489-301e-009f-1ba3-c6a60b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_ae8e0b1c20216cc1fee1.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 34ms
33ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae8e0b1c20216cc1fee1.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2W3IEdsiCwViwvv0RWyRLg2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/4767) /
Resource Hash: b44a061481079728bec82d167bc0c663c861e02f111d7ca1a8bc82e90135acce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:06 GMT
content-encoding: gzip
content-md5: VtWEdEV+G0a30zVTSLUE2A==
age: 1851643
x-cache: HIT
content-length: 5511
x-ms-lease-status: unlocked
last-modified: Fri, 04 Aug 2023 05:52:50 GMT
server: ECAcc (nyb/4767)
etag: 0x8DB94AF09CE2D1F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1877d322-001e-006f-200b-ca6395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 32ms
32ms Image
image/gif 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/468F) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:07 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 6341543
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nyb/468F)
etag: 0x8DB5C3F4982FD30
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 7624ca4f-e01e-005d-2535-a1af81000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 34ms
34ms Image
image/gif 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/46B8) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:07 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 6341543
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nyb/46B8)
etag: 0x8DB5C3F492F3EE5
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 2653c405-301e-0034-8035-a1f450000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET illustration
aadcdn.msftauthimages.net/dbd5a2dd-ds7ujg0gkcugxyzdy3ahzk4qg6tnzutgb9vebc751qi/logintenantbranding/0/ 0
0

GET bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-ds7ujg0gkcugxyzdy3ahzk4qg6tnzutgb9vebc751qi/logintenantbranding/0/ 0
0

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 33ms
32ms Image
image/gif 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2W3IEdsiCwViwvv0RWyRLg2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/468F) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:07 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 6341543
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nyb/468F)
etag: 0x8DB5C3F4982FD30
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 7624ca4f-e01e-005d-2535-a1af81000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 36ms
35ms Image
image/gif 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2W3IEdsiCwViwvv0RWyRLg2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyb/46B8) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 01:38:07 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 6341543
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nyb/46B8)
etag: 0x8DB5C3F492F3EE5
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 2653c405-301e-0034-8035-a1f450000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET ssoprobe
autologon.microsoftazuread-sso.com/e351b779-f6d5-4e50-8568-80e922d180ae/winauth/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aadcdn.msftauthimages.net
URL: https://aadcdn.msftauthimages.net/dbd5a2dd-ds7ujg0gkcugxyzdy3ahzk4qg6tnzutgb9vebc751qi/logintenantbranding/0/illustration?ts=637178026892922261

Domain: aadcdn.msftauthimages.net
URL: https://aadcdn.msftauthimages.net/dbd5a2dd-ds7ujg0gkcugxyzdy3ahzk4qg6tnzutgb9vebc751qi/logintenantbranding/0/bannerlogo?ts=637178026896788674

Domain: autologon.microsoftazuread-sso.com
URL: https://autologon.microsoftazuread-sso.com/e351b779-f6d5-4e50-8568-80e922d180ae/winauth/ssoprobe?client-request-id=42a1e6fd-aa58-4032-8883-ca837721d63b&_=1693359487215

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
interdigital-test.unycom-online.com/ipms	1969-12-31 23:59:59	Name: JSESSIONID Value: 67CFC74212DC6E59192B1A931B08853D
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 14:22:39	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 15:05:51	Name: buid Value: 0.AVsAebdR49X2UE6FaIDpItGArud5Q-scbURHjqqpltbDGitbAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPULgA7Q2z8qUh9jYUc9x92C9NPpdGurKca6f5XNqCiiJ5j-8UkzC1Dd6e8EpNVvraGRwKAqPvUir5o_GTGDpOzIYJx56OpkTUS6nWkRoyfGAgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPRVsRLoBuMowCB6h_E2JWbAPyisXWMJypuh4rlIfGhffmHX84Eh3Q94xKsnIPU1okTbwWAhm3w2v2EgjnAqsI4EbCbQ9wM6YJZgeuc4nMeXkouNtgBoAseZQmZvrQyd1-nbSPaqsh-GW3hfp2PzloNXzuxTkUfh4N2hw8cJ7e_Rns5JoyWa4pRGd6_Psgb2yJABXAo8v7pIuPWS67P4HVRVWg7aI8O1lZHrRCXhcPsg4gAA
login.microsoftonline.com/	1970-01-20 15:05:51	Name: fpc Value: AtsvQiZXE05KtWcvPwhNqa66k34bAQAAAH6UgNwOAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
interdigital-test.unycom-online.com
login.live.com
login.microsoftonline.com
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
194.187.94.247
20.190.152.20
2603:1036:3000:10::1
2606:2800:21f:1b88:6342:f8de:86c:e98b
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe
22882b94e0d422e5421076db8fc72aacbd7cd2a45806ab59c396b5076d8c7ef9
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8f1560f9facec91e41523de1bb5653fa11d380bc9ea12c6e767201a37648d593
a000db53297abc25a59add45d09e1b7d33890f1967d6a0cb34cd281c8ee71c0f
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a5b5b42e6ae53860822fe08487e28809a4c40ff6225c7d0311a94d1118b72a7d
b44a061481079728bec82d167bc0c663c861e02f111d7ca1a8bc82e90135acce
b5080a554c1b117d60d7e38e5f312ddfb6217b1283add8b8da294a2a38f7427c
b85f390f8f63c126bf0b6ab72f161ba9793a7f49ead022c97c63ea03ef573a87
cb4571400413155dd3cf08fff11d0f98674b54ba4b76026a1db70c3f9eb01d59
fa2d38e1e80acb17fad247703c2303fd2351c31bd971b5b4605fdf4611d67a44

login.microsoftonline.com Open in urlscan Pro 2603:1036:3000:10::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

85 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

292 kBTransfer

916 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:10::1 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

292 kB
Transfer

916 kB
Size

8
Cookies

20 HTTP transactions
0 data transactions