login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:150::6
Public Scan
Submitted URL: https://monitoring.kibana.believeintheidea.io/
Effective URL: https://login.microsoftonline.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/saml2?SAMLRequest=lVLLbtswEPwVgneJlChZEmE5cGMUNZC0Rqzk0EtBU...
Submission Tags: phishingrod
Submission: On October 08 via api from DE — Scanned from NL
Effective URL: https://login.microsoftonline.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/saml2?SAMLRequest=lVLLbtswEPwVgneJlChZEmE5cGMUNZC0Rqzk0EtBU...
Submission Tags: phishingrod
Submission: On October 08 via api from DE — Scanned from NL
Summary
This website contacted 6 IPs
in 3 countries
across 6 domains to perform 49 HTTP transactions.
The main IP is 2603:1026:3000:150::6, located in
Amsterdam, Netherlands and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 9.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 35 | 51.105.232.240 51.105.232.240 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2603:1026:300... 2603:1026:3000:150::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 10 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 40.126.32.140 40.126.32.140 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2620:1ec:bdf::64 2620:1ec:bdf::64 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2603:1026:300... 2603:1026:3000:c8::9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 49 | 6 |
35
51.105.232.240
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| monitoring.kibana.believeintheidea.io |
2
2603:1026:3000:150::6
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
2
2620:1ec:bdf::64
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| aadcdn.msftauthimages.net |
1
2603:1026:3000:c8::9
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autologon.microsoftazuread-sso.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 35 |
believeintheidea.io
2 redirects
monitoring.kibana.believeintheidea.io |
2 MB |
| 10 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 866 |
335 KB |
| 2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3220 |
294 KB |
| 2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9 |
16 KB |
| 1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1101 |
1 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 63 |
|
| 49 | 6 |
| Domain | Requested by | |
|---|---|---|
| 35 | monitoring.kibana.believeintheidea.io |
2 redirects
monitoring.kibana.believeintheidea.io
|
| 10 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
| 2 | aadcdn.msftauthimages.net | |
| 2 | login.microsoftonline.com |
monitoring.kibana.believeintheidea.io
aadcdn.msftauth.net |
| 1 | autologon.microsoftazuread-sso.com | |
| 1 | login.live.com |
login.microsoftonline.com
|
| 49 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| monitoring.kibana.believeintheidea.io R11 |
2024-10-08 - 2025-01-06 |
3 months | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-09-03 - 2025-03-03 |
6 months | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2024-08-28 - 2025-02-28 |
6 months | crt.sh |
| aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-09-12 - 2025-09-07 |
a year | crt.sh |
| autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-10-06 - 2025-04-06 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/saml2?SAMLRequest=lVLLbtswEPwVgneJlChZEmE5cGMUNZC0Rqzk0EtBUauYKEU6JOU2fx%2FFjyC5BMh5Z2dmZ3Z%2B9X%2FQ6ADOK2tqnMQUIzDSdso81vi%2B%2BR6V%2BGox92LQ6Z4vx7Azd%2FA0gg9oWjSenyY1Hp3hVnjluREDeB4k3y5vb3gaU753NlhpNUZL78GFSeraGj8O4LbgDkrC%2Fd1NjXch7D0nZLBGBesmB%2FFf1Qoj4ha0ggMoE3agOhCxsjzLGBF7RTzI0anwTA4JeTWD0Wpyp4wIx4supNo%2BKhMPSjrrbR%2Bs0cpALO1A%2BlnCWDeDKKUyizKZ5lFL0yxiQmZMVl3eyvbInGK0XtX4TwvQs77MYVZIWeQFzau%2BqGhXsFlH07ZjZSnKirIJ7v0Ia%2BODMKHG6StrQiNaNrTgWcHzKk6K7DdGm3NA35Q5Bf9Zmu0J5PmPptlEm1%2FbBqOHS4ETAJ%2Fr4kd1976nz4nFpRy8%2BHoVc%2FJe9O1jfk4q69XGaiWf0VJr%2B%2B%2FagQhQ415oD5gszosfn2vxAg%3D%3D
Frame ID: 89F4CA7A2E8A1BE973389C54BCED1C56
Requests: 49 HTTP requests in this frame
Screenshot
Page Title
Aanmelden bij uw accountPage URL History Show full URLs
-
https://monitoring.kibana.believeintheidea.io/
HTTP 302
https://monitoring.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1 Page URL
-
https://monitoring.kibana.believeintheidea.io/?auth_provider_hint=saml1&auth_url_hash=
HTTP 302
https://login.microsoftonline.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/saml2?SAMLRequest=lVLLbtswEPwVgneJlChZE... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/nl-NL/servicesagreement/
Title: Gebruiksvoorwaarden
Title: Gebruiksvoorwaarden
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/nl-NL/privacystatement
Title: Privacy en cookies
Title: Privacy en cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://monitoring.kibana.believeintheidea.io/
HTTP 302
https://monitoring.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1 Page URL
-
https://monitoring.kibana.believeintheidea.io/?auth_provider_hint=saml1&auth_url_hash=
HTTP 302
https://login.microsoftonline.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/saml2?SAMLRequest=lVLLbtswEPwVgneJlChZEmE5cGMUNZC0Rqzk0EtBUauYKEU6JOU2fx%2FFjyC5BMh5Z2dmZ3Z%2B9X%2FQ6ADOK2tqnMQUIzDSdso81vi%2B%2BR6V%2BGox92LQ6Z4vx7Azd%2FA0gg9oWjSenyY1Hp3hVnjluREDeB4k3y5vb3gaU753NlhpNUZL78GFSeraGj8O4LbgDkrC%2Fd1NjXch7D0nZLBGBesmB%2FFf1Qoj4ha0ggMoE3agOhCxsjzLGBF7RTzI0anwTA4JeTWD0Wpyp4wIx4supNo%2BKhMPSjrrbR%2Bs0cpALO1A%2BlnCWDeDKKUyizKZ5lFL0yxiQmZMVl3eyvbInGK0XtX4TwvQs77MYVZIWeQFzau%2BqGhXsFlH07ZjZSnKirIJ7v0Ia%2BODMKHG6StrQiNaNrTgWcHzKk6K7DdGm3NA35Q5Bf9Zmu0J5PmPptlEm1%2FbBqOHS4ETAJ%2Fr4kd1976nz4nFpRy8%2BHoVc%2FJe9O1jfk4q69XGaiWf0VJr%2B%2B%2FagQhQ415oD5gszosfn2vxAg%3D%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://monitoring.kibana.believeintheidea.io/ HTTP 302
- https://monitoring.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
49 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
capture-url
monitoring.kibana.believeintheidea.io/internal/security/ Redirect Chain
|
111 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kbn-ui-shared-deps-src.css
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/kbn-ui-shared-deps-src/ |
119 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
legacy_styles.css
monitoring.kibana.believeintheidea.io/465f50087cd0/ui/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-anonymous.js
monitoring.kibana.believeintheidea.io/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kbn-ui-shared-deps-npm.dll.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/kbn-ui-shared-deps-npm/ |
6 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kbn-ui-shared-deps-src.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/kbn-ui-shared-deps-src/ |
3 MB 637 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.entry.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/core/ |
407 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
telemetry.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/telemetry/1.0.0/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kibanaReact.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/kibanaReact/1.0.0/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kibanaUtils.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/kibanaUtils/1.0.0/ |
73 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
security.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/security/1.0.0/ |
71 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
remoteClusters.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/remoteClusters/1.0.0/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
esUiShared.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/esUiShared/1.0.0/ |
156 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dataViews.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/dataViews/1.0.0/ |
61 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spaces.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/spaces/1.0.0/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banners.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/banners/1.0.0/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
features.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/features/1.0.0/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
licensing.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/licensing/1.0.0/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usageCollection.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/usageCollection/1.0.0/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
screenshotMode.plugin.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/screenshotMode/1.0.0/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.svg
monitoring.kibana.believeintheidea.io/465f50087cd0/ui/favicons/ |
1008 B 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.png
monitoring.kibana.believeintheidea.io/465f50087cd0/ui/favicons/ |
5 KB 6 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
monitoring.kibana.believeintheidea.io/translations/ |
29 B 715 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kbn-ui-shared-deps-npm.v8.light.css
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/kbn-ui-shared-deps-npm/ |
154 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
legacy_light_theme.min.css
monitoring.kibana.believeintheidea.io/465f50087cd0/ui/ |
77 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
capabilities
monitoring.kibana.believeintheidea.io/api/core/ |
8 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kbn-ui-shared-deps-npm.chunk.245.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/kbn-ui-shared-deps-npm/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kbn-ui-shared-deps-npm.chunk.486.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/kbn-ui-shared-deps-npm/ |
737 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
security.chunk.0.js
monitoring.kibana.believeintheidea.io/465f50087cd0/bundles/plugin/security/1.0.0/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info
monitoring.kibana.believeintheidea.io/api/banners/ |
145 B 815 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user_profile
monitoring.kibana.believeintheidea.io/internal/security/ |
66 B 723 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config
monitoring.kibana.believeintheidea.io/internal/telemetry/ |
129 B 816 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Inter-Regular.woff2
monitoring.kibana.believeintheidea.io/465f50087cd0/ui/fonts/inter/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
saml2
login.microsoftonline.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/ Redirect Chain
|
38 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
439 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-nl.min_hhykflc3phtvjc9hx9bnpw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
60 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
397 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-yxkw-gfnc1t7kdu3qiewqzfimpbzrm4naekrxkccvaw/logintenantbranding/0/ |
284 KB 285 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-yxkw-gfnc1t7kdu3qiewqzfimpbzrm4naekrxkccvaw/logintenantbranding/0/ |
9 KB 9 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/f6133d6e-20c4-4c25-b024-3ac43c9d5bcb/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 526 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 785 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834 boolean| __convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| monitoring.kibana.believeintheidea.io/ | Name: sid Value: Fe26.2**03cc5105429f93b258ab98ac1e146546b7aeff6f96e7e03b93ab2a2d45af574d*MU1SiqktfVQ8lPEG7sEHLw*TxsLN2nc-UohDlq1pmfGtSHlFfWt3Zd1BysWuz4UoOtNgI7P2HAVB6y0ldnhPXPS_ty9bf3Rykel8QlCTKzgVh6jv4p8-Bggwq2wdNvnq4nn6mSz2isR7D7qm7P78CGkFXrS0PG6y_vPG-KFZD14pj1pPaa0k2BqdMCMoFq2S8l8ZaL2D0jNlJWjRnGb51CI5WoiB5qinLVizUOHDlHnFgFcOhWWlxo6tJ7IrQsbEm-0dcG7GLejKbVV2JewrNjK**962e7bd1a179e2c340f47c3b9391ff1204c9da0b993dbe679a1f1d1917ab3b10*apCT_-z4sZsRViwJgu7OvVDYzdVQFZM7M4IuESy43DU |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AQkAbj0T9sQgJUywJDrEPJ1byxVy8fGiUVBJn_o8w86nCnfeAAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeP7hyskkEFclQl-J3U3cpBn8m3ZeXaTLxeSpzjVdVo01jlwHnj5X2yZPE6NK0XPLRMosXP9yyqRC3TEXw9iOTNebXzegwQkHsHNDPJ1Xv5DggAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe1O2N1cLjadPSUJz-1yeT9bZre6WQtJwqU-2-B437yCbUpql1PWnmZZuCgxTUHblDCmFZ06GYkP7PJFxL_qu5LVADPAG7Qt8Vq5orW_gLr3HBy8RxUavs93fOcQlfJ_G54wsSluDMkwV3MyGVXAmOS7oLxEktD2A8FJzfgg7ovUQgAA |
|
| .login.microsoftonline.com/ | Name: esctx-Gr5x2CL2vhY Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFePZLLv2Sjx2nwjsjQIW6lrfVPXZPMiF1VpVxGX6YlbbanASOLXFYbO07OqY3p_9p3nzLXPYxR_9pzG6-ts8EB5E6JV5f7o-oiw6Hx1oSxa_rOCh8hjz3kyK8baCYKZNk3OQ_Eu_pcJWgcX4minUqb5SAA |
|
| login.microsoftonline.com/ | Name: fpc Value: AsVRXGdkZolHil-LOAeJ5EE87QCsAQAAAK7alt4OAAAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: 67d46206381a45fb8c791d1ccf4bcfd5 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1728373679&co=1 |
|
| autologon.microsoftazuread-sso.com/ | Name: fpc Value: AihqgnbaYN1BsIsbbg2HyHM |
|
| autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
monitoring.kibana.believeintheidea.io
2603:1026:3000:150::6
2603:1026:3000:c8::9
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::64
40.126.32.140
51.105.232.240
113a7057aec30f6b4a655330ae51a37d34b2145bc5e1c788336d69b9d51cb3b1
15579cdbaa372e4271a05900be9dbc0f5d5d9719eed1e8ca0260448156afcff2
160f4ef3788e8b599e30ccc74b4b74f3a5a70a28fa68b6df0b582f741a7025bb
1d2a04970105352ef5072a26bc1881491d686a9ce59a7679f1fed7899c87bbe0
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
25e201ec69afdfb16e4e70e8f3211ea1231ef046dbf3ce3f84844d5b8e4fc5f3
2b79df1e70de8f32e49852d992fc3a8e37e6e8bfb40a4c879d8d33ed44c3714e
2db706892d4d2d8e004724b06b99d0521482f590960eb3d1c2fd19a4a604f6b5
3934adc8cafb7d6a66e48afb889515c65b844f16823c39671fe4fa9fe8a700ce
47854c45a5535d91a8adbf062eaf7a928001d632b1497130b6b5d19521946fb0
4d964c814ea274ea58bb2d5fea5f84bb9d28d5f2febb99a9a5de8fe6cb0311bd
5877948e84e7ffbde720604c73eeaf4cb047d38a59e3672902fc852f2889d258
642bf16ac9966e706b457b0715cc0e240e441a2269e36bde2279aef5ff7111b5
7555801a3623e3e7bc9d55b646b2671c4a83ea62c2ff3d61c800e51717859981
7935cb8172debfb452c6649a9995a1724481bdb0d0253ed6aca66a3382174dd8
7dc87d100ffda0b44300291491bbe7ac8a6eae94937ccec0494d5f154c07c3a0
7e017def202927e3b77c0811d427ac525411e98ae3000a43f333da156bbde6cd
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9a71057bef5c5178ab48d27c3f27a10edd9fc3674a0b1a6c18b0dd882faa2ae8
9b6a79b77c15f71004d2c453b6a72ba4a853bfd07cdba0cc49319c2c37e0f443
9d2055645798e70a61d23b9f91d3e6d4e68a073f6378c01e757d557d2f6505dd
a1549d0ee0b425fcc5106ac69929f7908f6a428666c470616dbd0350d52273c0
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a947b5f8106b86971cfba205f4b76830b7afcf05f23efba67c4547ee8fb09424
ad0b42e0d41a9748101f0d1406249cf4fbe56f782feb580eac1723ec76a93f35
b0de77a615e625ecf85833383837bba949d2847468697f8dcd2a78190cc5d0af
bb9551e8bb250d36cedb0acb595a39d77f4878d2f902368c21af5d08a990c47c
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
cbc1293511e68676f1089f51ce760fa49859152ec2b7d7dce24173ed8ba46bd7
cf9f0009d031d1684e38d511301195abefea964e007ba4c580bbfa0dbcf68529
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
dd3352b7726be0c49d81dd0fd2e3d94e78cbf43872fbe92c5cf888d2009c0a90
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea715e31084e6c404740f2387b86420d16453089de839f88bbf33fe7241f3796