login.microsoftonline.com
Open in
urlscan Pro
2603:1037:1:130::6
Public Scan
Effective URL: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2
Submission: On December 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 29th 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 108.139.29.121 108.139.29.121 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 13.226.94.54 13.226.94.54 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6812:4239 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c1d::5f | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:4139 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2603:1037:1:1... 2603:1037:1:130::6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
1 | 20.190.190.193 20.190.190.193 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2620:1ec:bdf::40 2620:1ec:bdf::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2603:1037:1:8::4 2603:1037:1:8::4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 51.116.253.168 51.116.253.168 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
32 | 11 |
ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-121.jfk50.r.cloudfront.net
click1.workhuman.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-54.jfk52.r.cloudfront.net
cloud.workhuman.com | |
idp.workhuman.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 876 |
395 KB |
10 |
workhuman.com
1 redirects
click1.workhuman.com — Cisco Umbrella Rank: 546702 cloud.workhuman.com — Cisco Umbrella Rank: 40257 idp.workhuman.com — Cisco Umbrella Rank: 99493 |
359 KB |
2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3227 |
256 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10 |
17 KB |
2 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 1024 a15928870500.cdn.optimizely.com — Cisco Umbrella Rank: 105388 rum.optimizely.com Failed |
89 KB |
1 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 94 Failed |
|
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1114 |
2 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 61 |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
1 KB |
32 | 9 |
Domain | Requested by | |
---|---|---|
11 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
7 | cloud.workhuman.com |
cloud.workhuman.com
|
2 | aadcdn.msftauthimages.net | |
2 | login.microsoftonline.com |
aadcdn.msftauth.net
|
2 | idp.workhuman.com | |
1 | browser.events.data.microsoft.com |
aadcdn.msftauth.net
|
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
1 | a15928870500.cdn.optimizely.com |
cdn.optimizely.com
|
1 | fonts.googleapis.com |
cloud.workhuman.com
|
1 | cdn.optimizely.com |
cloud.workhuman.com
|
1 | click1.workhuman.com | 1 redirects |
0 | rum.optimizely.com Failed |
cdn.optimizely.com
|
32 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.workhuman.com Amazon RSA 2048 M02 |
2024-11-27 - 2025-12-26 |
a year | crt.sh |
cdn.optimizely.com WE1 |
2024-10-21 - 2025-01-19 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-08-29 - 2025-02-28 |
6 months | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-08-26 - 2025-02-26 |
6 months | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-09-12 - 2025-09-07 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-10-06 - 2025-04-06 |
6 months | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 08 |
2024-09-27 - 2025-09-22 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2
Frame ID: 253D278441DD9494C48DEFDD1B01E09F
Requests: 30 HTTP requests in this frame
Frame:
https://a15928870500.cdn.optimizely.com/client_storage/a15928870500.html
Frame ID: EAE2DEBE1AF6D5130523CAC5839E738C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://click1.workhuman.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQU9tVVJlaVVSUUdUaDluaTJHeG9SOXJwcER0SzROUT0i...
HTTP 302
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=Cyber_Week_Redemption_Ca... Page URL
- https://cloud.workhuman.com/microsites/t/apps/forwardToInternalApp?client=sabre&targetUrl=%2Fstore%2F%3F... Page URL
- https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https://sts.windows.net/03ceccf2-fe27-4c66-abd... Page URL
- https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2 Page URL
Detected technologies
Optimizely (Analytics) ExpandDetected patterns
- optimizely\.com.*\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click1.workhuman.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQU9tVVJlaVVSUUdUaDluaTJHeG9SOXJwcER0SzROUT0iLCJocmVmIjoiaHR0cHM6Ly9jbG91ZC53b3JraHVtYW4uY29tL3N0b3JlLz91dG1fc291cmNlPWNpb1x1MDAyNnV0bV9tZWRpdW09ZW1haWxcdTAwMjZ1dG1fY2FtcGFpZ249Q3liZXJfV2Vla19SZWRlbXB0aW9uX0NhbXBhaWduX1JFRDI0LTAxNFx1MDAyNnV0bV9jb250ZW50PTEyMjRfcnJfY3liZXJfdXNfX2J0bjEjIXNhYnJlL2NvbGxlY3Rpb25zL2N5YmVyX3dlZWtfc2FsZV9ub3YyNF91c2EiLCJpbnRlcm5hbCI6ImYzYjQwNjI1ZjhiNDAxZTk5NDQ1IiwibGlua19pZCI6NTM3fQ/5efa709746aa02a12eb97998f784ad752405b5adb5224fd8ed0759bada96f492
HTTP 302
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=Cyber_Week_Redemption_Campaign_RED24-014&utm_content=1224_rr_cyber_us__btn1 Page URL
- https://cloud.workhuman.com/microsites/t/apps/forwardToInternalApp?client=sabre&targetUrl=%2Fstore%2F%3Futm_source%3Dcio%26utm_medium%3Demail%26utm_campaign%3DCyber_Week_Redemption_Campaign_RED24-014%26utm_content%3D1224_rr_cyber_us__btn1%23%2Fsabre%2Fcollections%2Fcyber_week_sale_nov24_usa Page URL
- https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https://sts.windows.net/03ceccf2-fe27-4c66-abdb-699141848e61/&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dsabre Page URL
- https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://click1.workhuman.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQU9tVVJlaVVSUUdUaDluaTJHeG9SOXJwcER0SzROUT0iLCJocmVmIjoiaHR0cHM6Ly9jbG91ZC53b3JraHVtYW4uY29tL3N0b3JlLz91dG1fc291cmNlPWNpb1x1MDAyNnV0bV9tZWRpdW09ZW1haWxcdTAwMjZ1dG1fY2FtcGFpZ249Q3liZXJfV2Vla19SZWRlbXB0aW9uX0NhbXBhaWduX1JFRDI0LTAxNFx1MDAyNnV0bV9jb250ZW50PTEyMjRfcnJfY3liZXJfdXNfX2J0bjEjIXNhYnJlL2NvbGxlY3Rpb25zL2N5YmVyX3dlZWtfc2FsZV9ub3YyNF91c2EiLCJpbnRlcm5hbCI6ImYzYjQwNjI1ZjhiNDAxZTk5NDQ1IiwibGlua19pZCI6NTM3fQ/5efa709746aa02a12eb97998f784ad752405b5adb5224fd8ed0759bada96f492 HTTP 302
- https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=Cyber_Week_Redemption_Campaign_RED24-014&utm_content=1224_rr_cyber_us__btn1
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
cloud.workhuman.com/store/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16969570298.js
cdn.optimizely.com/js/ |
289 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.c08ced93.js
cloud.workhuman.com/store/static/js/ |
1 MB 321 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.4f3a8026.css
cloud.workhuman.com/store/static/css/ |
147 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a15928870500.html
a15928870500.cdn.optimizely.com/client_storage/ Frame EAE2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
userSessionAuthToken
cloud.workhuman.com/microsites/login/ |
91 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
rum
rum.optimizely.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
cloud.workhuman.com/ |
300 B 924 B |
Other
image/x-ico |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forwardToInternalApp
cloud.workhuman.com/microsites/t/apps/ |
624 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
startSSO.ping
idp.workhuman.com/sp/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
cloud.workhuman.com/ |
300 B 0 |
Other
image/x-ico |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
saml2
login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/ |
38 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
idp.workhuman.com/ |
300 B 926 B |
Other
image/x-ico |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_h6TdaK6cfsrg175w47aRCA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
439 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
56 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_f2e0f4a029670f10d892.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
186 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
397 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/dbd5a2dd-dxwkn8zmqorrvfrpezrqqbiqs-op92gz1eht3ws7w0/logintenantbranding/0/ |
252 KB 253 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-dxwkn8zmqorrvfrpezrqqbiqs-op92gz1eht3ws7w0/logintenantbranding/0/ |
2 KB 2 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/03ceccf2-fe27-4c66-abdb-699141848e61/winauth/ |
12 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 785 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- rum.optimizely.com
- URL
- https://rum.optimizely.com/rum
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_117b650bccea354984d8 boolean| __convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834 boolean| __convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cloud.workhuman.com/microsites | Name: client Value: sabre |
|
.workhuman.com/ | Name: optimizelyEndUserId Value: oeu1733163137172r0.7071705957064265 |
|
cloud.workhuman.com/ | Name: AWSALB Value: UybAC91ar1gStZIHU4aCfBUnig1e/F3HYBxtV2pI1BqKZdYOT2HzX8qoMM8HjO8POKgW7aeLC/m2Fs82HXLoQPVpcGktIQE3WVGYFXmjdBopUqEwj9WhZvtsudnt |
|
cloud.workhuman.com/ | Name: AWSALBCORS Value: UybAC91ar1gStZIHU4aCfBUnig1e/F3HYBxtV2pI1BqKZdYOT2HzX8qoMM8HjO8POKgW7aeLC/m2Fs82HXLoQPVpcGktIQE3WVGYFXmjdBopUqEwj9WhZvtsudnt |
|
cloud.workhuman.com/ | Name: cf_client Value: sabre |
|
cloud.workhuman.com/ | Name: JSESSIONID Value: 9DE79F15F27D04F2C11D304840B46697 |
|
idp.workhuman.com/ | Name: PF Value: yYhE7q66LG0DppeguJA2DE |
|
login.microsoftonline.com/ | Name: buid Value: 1.ARcA8szOAyf-Zkyr22mRQYSOYYQf-wxNOYpGpnVXv5v0fdUXAAAXAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeNWOznpOxeoPvtr1h4v-EGHSa6qchxLhM89qAq2hu33C2i_dn3sHVoim7xEvyw_b96m-MglJ1BoS7CnSgE3hHBZLuGO6mKJeysHlzGl38PjsgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFelDFwmtchTCfY57I3abKU6ct2LBwp32MZzDKDRavFiZaVp215NxuPLUQ4-AdC81yTwhuEStYOKJFnZd6CyEqG87ZxQ7RHHIY3X10Wyc5bO6Y_RXZcXISq9dit3j8CgQipokJ8mzC-36cUBGrhQkIX2CUkldpXWvDUJ5S8tK1QJ-cgAA |
|
.login.microsoftonline.com/ | Name: esctx-ujsTgh5aSWE Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFetodw_jJ2H8RbLdIYT8qQmi9SxMhxDe2oeXmFy8U63xAUOq1zlAeiIrsj9SGPwABlMDo_sjzXQGTefVdZ0ex_jJWB0MJRlXCR5R8j0Sfx20w2C0BlA7FmGYDvA7GgTb7XjDaUSwvDr1RbmKK1XV7VGSAA |
|
login.microsoftonline.com/ | Name: fpc Value: AsNNFw3jIa9PiZ7k9SeIFJiJwXmQAQAAAILv394OAAAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.live.com/ | Name: uaid Value: 653e61d111554d3fbf30d9423de806ef |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1733163139&co=1 |
|
login.microsoftonline.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 748a7507-35da-4eb8-8cfd-45ad1ad53bc9 |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: AqyIyCuJ1BBPhzYdL6YuWOM |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
|
login.microsoftonline.com/ | Name: ai_session Value: rcYV61Sv+O9roFCF77AXP5|1733163140783|1733163140783 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a15928870500.cdn.optimizely.com
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
browser.events.data.microsoft.com
cdn.optimizely.com
click1.workhuman.com
cloud.workhuman.com
fonts.googleapis.com
idp.workhuman.com
login.live.com
login.microsoftonline.com
rum.optimizely.com
browser.events.data.microsoft.com
rum.optimizely.com
108.139.29.121
13.226.94.54
20.190.190.193
2603:1037:1:130::6
2603:1037:1:8::4
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700::6812:4139
2606:4700::6812:4239
2607:f8b0:4004:c1d::5f
2620:1ec:bdf::40
51.116.253.168
0030e7479cdc07327aa070fe746f5b2ecd366ce3a6ee1e9e83547dc7703a59e4
2463212b7e35758d70f02ed5feb46f7ee3a73fe1b935437464af1918198d4755
272ade96a845dd6e22d1147010a68752191cd8e9a2e0c1e6c238c1d30ccd52b1
470313a4964b154dcca777f899dc3899caaded34876c27ad438b524b47fdd06c
604409c0c06f54d03fabf909870af6401d57e23be4575cd313adab9f9dd60871
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93
77481690fd17c4427726e7a4cf78561a54d03ba3c862796c8f1b683e66294fd6
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9155cfd404c1c5fa95ec2d1d7e1c07b2f0ea87fb8a2c41cf737bd13088c018e8
993a5748db7b6bc125f88788845a7599234130bce2858b528071035488cb886d
9c296d9bde47988fde063ddab823f564e88363d048fa86bc359e5b6bad108618
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
bd31b5ad4e0e741f2066270580ff1324e97e726e5a3f42b2c11c06978600db4e
bf3ba99687db725599d7193e7a631fb7637b7d14ed4160c1dd23676f17c48499
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855