login.microsoftonline.com
Open in
urlscan Pro
40.126.31.71
Public Scan
Submitted URL: http://sb1-localoutreach.lululemon.app/
Effective URL: https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2BpJ2RRhKTBiGAiQLppHg...
Submission Tags: @phish_report
Submission: On March 13 via api from FI — Scanned from FI
Effective URL: https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2BpJ2RRhKTBiGAiQLppHg...
Submission Tags: @phish_report
Submission: On March 13 via api from FI — Scanned from FI
Summary
This website contacted 9 IPs
in 3 countries
across 11 domains to perform 27 HTTP transactions.
The main IP is 40.126.31.71, located in
Dublin, Ireland and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 7 | 65.9.66.128 65.9.66.128 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 52.24.197.175 52.24.197.175 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 40.126.31.71 40.126.31.71 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 142.250.186.168 142.250.186.168 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 23.44.194.161 23.44.194.161 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 216.239.34.36 216.239.34.36 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
| 9 | 13.107.213.42 13.107.213.42 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 40.126.32.140 40.126.32.140 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 27 | 9 |
7
65.9.66.128
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-128.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-128.fra56.r.cloudfront.net
| sb1-localoutreach.lululemon.app |
1
52.24.197.175
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-197-175.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-197-175.us-west-2.compute.amazonaws.com
| lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com |
2
40.126.31.71
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
1
142.250.186.168
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
| www.googletagmanager.com |
1
23.44.194.161
(Miami, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a23-44-194-161.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-44-194-161.deploy.static.akamaitechnologies.com
| globalstaticassets.lululemon.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 937 |
230 KB |
| 7 |
lululemon.app
sb1-localoutreach.lululemon.app |
2 MB |
| 2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
29 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 67 |
|
| 1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 953 |
49 KB |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2089 |
265 B |
| 1 |
lululemon.com
globalstaticassets.lululemon.com — Cisco Umbrella Rank: 137643 |
40 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
83 KB |
| 1 |
amazoncognito.com
1 redirects
lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com |
2 KB |
| 0 |
microsoftazuread-sso.com
Failed
autologon.microsoftazuread-sso.com Failed |
|
| 0 |
msauthimages.net
Failed
aadcdn.msauthimages.net Failed |
|
| 27 | 11 |
| Domain | Requested by | |
|---|---|---|
| 9 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
| 7 | sb1-localoutreach.lululemon.app |
sb1-localoutreach.lululemon.app
|
| 2 | login.microsoftonline.com |
sb1-localoutreach.lululemon.app
aadcdn.msftauth.net |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | aadcdn.msftauth.net |
login.microsoftonline.com
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | globalstaticassets.lululemon.com |
sb1-localoutreach.lululemon.app
|
| 1 | www.googletagmanager.com |
sb1-localoutreach.lululemon.app
|
| 1 | lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com | 1 redirects |
| 0 | autologon.microsoftazuread-sso.com Failed | |
| 0 | aadcdn.msauthimages.net Failed | |
| 27 | 11 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sb1-localoutreach.lululemon.app Sectigo RSA Organization Validation Secure Server CA |
2023-08-02 - 2024-08-01 |
a year | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-02-27 - 2025-02-27 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
| lululemon.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-01 - 2024-08-02 |
a year | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-01-29 - 2025-01-29 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2024-02-13 - 2025-02-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2BpJ2RRhKTBiGAiQLppHgWYTUOKVQ0AiVV7KbfL1oeWkbTZZkpiZQ8xwc%2FlnHKIjONTW1CSLUxKB6azS5lCTh%2Fs95eSyudigHId8EtvZP5tb%2BDUD%2BmiLCM4H35U1OI%2Fg7sAddQcPtzc1efZ%2BQpEkg6UOvNQDPUVQbDOq7Ci1iWXIimekv0MWzWM5ylcbyAejvY07OyYLM9FqcoBTQACJdkGrjfTLY%2F8hDiFu1J2zaHtvzaANLAnrlFepYgWtihIoW7ectlL1tKx4xUrVr3LJzhgSXe9q8pRClynGMroGaIOhUpSzilPVsr7g1bpdyTJIEWe4Nuil8TXJ05zRtKBZcZ%2BWIl2JksVVwR9J9OOj1vxUayjaoDgXWZPZGWElahRGjoDCd%2BJu%2B%2B1GBKmYnPW2swNpzr2LBeiivXWj9F97Tzda0X6RCjBe%2B5dP7K%2Ft8mNT0pxk51HE%2ByoCJ%2FF3sKfv5rjlx%2F3u5yb5%2F5XN%2B%2FHzZ2neAA%3D%3D&RelayState=H4sIAAAAAAAAAEVRUZOaMBj8L3k2HhyQgG_qeXdaRdDTQzsdJiFBkJAgROzZ6X9vnM60k5fNl939Mru_AAEjcO3gjXcaPqex7Md-__pyAANAzYtQsCO1gB21YckaM83M1OkvecX8iiJPBjXpWY8LhAKksCEwQyi0brrR09NDJlRGhLrqlpOsGIqrObxWckiahx037EwxbmBu4Ha8Whp4AqPvgNekFOaiGi5LBn4MQGEYd1Z7Y1LjaONY0Xu13LdetR77on7T8iCSxAhKQ_s8HW0ZSTtMy8iL7lvkrUq0dvr38dULd2Ibj_VuSzb9rlFGcX6sfvaQgdUjD9J-rHX55SbWIRIhOVQfdEXjW5OG6fzczRLcevu6aV8X52ne4tTebfY3xcrwsrzNsk8UHTe7aUpxaAeRfww2coGSo34nuL_EeSxP1fQ4m5MWi04t1sdCz9rs7R6fZ-KWvE4-5rLcLGPucvrNW09mi_7t6wVedEK63bSQaHWYh93Pr8mLPHWXx-fF355ark1e_-tiyuRnYr7qYviv4CGpyV3JTJ1kqdUwU7UxqMHIxrblWMi13QFowCgnouMD0Bpnzw9MMD6DFrV96Po4hz62EKQuch1KmIUc23hoQ00tntnMdW2IOafQxQGDvhv4kFE3d_wAU0Q88PsPwDE0r3QCAAA.H4sIAAAAAAAAAAEgAN__CqNUzbEC5VvbqFaz7wCZz_PF5ore87QRhEN1fOaBcxmkC2B4IAAAAA.3&sso_reload=true
Frame ID: 47AF03EE2DF0137BCE12139709581FC4
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Kirjaudu sisään tiliisiPage URL History Show full URLs
-
http://sb1-localoutreach.lululemon.app/
HTTP 307
https://sb1-localoutreach.lululemon.app/ Page URL
-
https://lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fsb1-localoutreach.lululemon.app&...
HTTP 302
https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2... Page URL
- https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2... Page URL
Detected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/fi-FI/servicesagreement/
Title: Käyttöehdot
Title: Käyttöehdot
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/fi-FI/privacystatement
Title: Tietosuoja ja evästeet
Title: Tietosuoja ja evästeet
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sb1-localoutreach.lululemon.app/
HTTP 307
https://sb1-localoutreach.lululemon.app/ Page URL
-
https://lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fsb1-localoutreach.lululemon.app&response_type=code&client_id=3vqfkd8kb65n9mavdv7h6696o7&identity_provider=lo-saml-sb1-idp&scope=email%20openid&state=zdm5Aam7PR30PHkLVr5kOA8lmGtnYlXX&code_challenge=WgZ1nPn1N_iP5PzS65Mi6O3vHAu5NUlSQAtUSaRvUpo&code_challenge_method=S256
HTTP 302
https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2BpJ2RRhKTBiGAiQLppHgWYTUOKVQ0AiVV7KbfL1oeWkbTZZkpiZQ8xwc%2FlnHKIjONTW1CSLUxKB6azS5lCTh%2Fs95eSyudigHId8EtvZP5tb%2BDUD%2BmiLCM4H35U1OI%2Fg7sAddQcPtzc1efZ%2BQpEkg6UOvNQDPUVQbDOq7Ci1iWXIimekv0MWzWM5ylcbyAejvY07OyYLM9FqcoBTQACJdkGrjfTLY%2F8hDiFu1J2zaHtvzaANLAnrlFepYgWtihIoW7ectlL1tKx4xUrVr3LJzhgSXe9q8pRClynGMroGaIOhUpSzilPVsr7g1bpdyTJIEWe4Nuil8TXJ05zRtKBZcZ%2BWIl2JksVVwR9J9OOj1vxUayjaoDgXWZPZGWElahRGjoDCd%2BJu%2B%2B1GBKmYnPW2swNpzr2LBeiivXWj9F97Tzda0X6RCjBe%2B5dP7K%2Ft8mNT0pxk51HE%2ByoCJ%2FF3sKfv5rjlx%2F3u5yb5%2F5XN%2B%2FHzZ2neAA%3D%3D&RelayState=H4sIAAAAAAAAAEVRUZOaMBj8L3k2HhyQgG_qeXdaRdDTQzsdJiFBkJAgROzZ6X9vnM60k5fNl939Mru_AAEjcO3gjXcaPqex7Md-__pyAANAzYtQsCO1gB21YckaM83M1OkvecX8iiJPBjXpWY8LhAKksCEwQyi0brrR09NDJlRGhLrqlpOsGIqrObxWckiahx037EwxbmBu4Ha8Whp4AqPvgNekFOaiGi5LBn4MQGEYd1Z7Y1LjaONY0Xu13LdetR77on7T8iCSxAhKQ_s8HW0ZSTtMy8iL7lvkrUq0dvr38dULd2Ibj_VuSzb9rlFGcX6sfvaQgdUjD9J-rHX55SbWIRIhOVQfdEXjW5OG6fzczRLcevu6aV8X52ne4tTebfY3xcrwsrzNsk8UHTe7aUpxaAeRfww2coGSo34nuL_EeSxP1fQ4m5MWi04t1sdCz9rs7R6fZ-KWvE4-5rLcLGPucvrNW09mi_7t6wVedEK63bSQaHWYh93Pr8mLPHWXx-fF355ark1e_-tiyuRnYr7qYviv4CGpyV3JTJ1kqdUwU7UxqMHIxrblWMi13QFowCgnouMD0Bpnzw9MMD6DFrV96Po4hz62EKQuch1KmIUc23hoQ00tntnMdW2IOafQxQGDvhv4kFE3d_wAU0Q88PsPwDE0r3QCAAA.H4sIAAAAAAAAAAEgAN__CqNUzbEC5VvbqFaz7wCZz_PF5ore87QRhEN1fOaBcxmkC2B4IAAAAA.3 Page URL
- https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2BpJ2RRhKTBiGAiQLppHgWYTUOKVQ0AiVV7KbfL1oeWkbTZZkpiZQ8xwc%2FlnHKIjONTW1CSLUxKB6azS5lCTh%2Fs95eSyudigHId8EtvZP5tb%2BDUD%2BmiLCM4H35U1OI%2Fg7sAddQcPtzc1efZ%2BQpEkg6UOvNQDPUVQbDOq7Ci1iWXIimekv0MWzWM5ylcbyAejvY07OyYLM9FqcoBTQACJdkGrjfTLY%2F8hDiFu1J2zaHtvzaANLAnrlFepYgWtihIoW7ectlL1tKx4xUrVr3LJzhgSXe9q8pRClynGMroGaIOhUpSzilPVsr7g1bpdyTJIEWe4Nuil8TXJ05zRtKBZcZ%2BWIl2JksVVwR9J9OOj1vxUayjaoDgXWZPZGWElahRGjoDCd%2BJu%2B%2B1GBKmYnPW2swNpzr2LBeiivXWj9F97Tzda0X6RCjBe%2B5dP7K%2Ft8mNT0pxk51HE%2ByoCJ%2FF3sKfv5rjlx%2F3u5yb5%2F5XN%2B%2FHzZ2neAA%3D%3D&RelayState=H4sIAAAAAAAAAEVRUZOaMBj8L3k2HhyQgG_qeXdaRdDTQzsdJiFBkJAgROzZ6X9vnM60k5fNl939Mru_AAEjcO3gjXcaPqex7Md-__pyAANAzYtQsCO1gB21YckaM83M1OkvecX8iiJPBjXpWY8LhAKksCEwQyi0brrR09NDJlRGhLrqlpOsGIqrObxWckiahx037EwxbmBu4Ha8Whp4AqPvgNekFOaiGi5LBn4MQGEYd1Z7Y1LjaONY0Xu13LdetR77on7T8iCSxAhKQ_s8HW0ZSTtMy8iL7lvkrUq0dvr38dULd2Ibj_VuSzb9rlFGcX6sfvaQgdUjD9J-rHX55SbWIRIhOVQfdEXjW5OG6fzczRLcevu6aV8X52ne4tTebfY3xcrwsrzNsk8UHTe7aUpxaAeRfww2coGSo34nuL_EeSxP1fQ4m5MWi04t1sdCz9rs7R6fZ-KWvE4-5rLcLGPucvrNW09mi_7t6wVedEK63bSQaHWYh93Pr8mLPHWXx-fF355ark1e_-tiyuRnYr7qYviv4CGpyV3JTJ1kqdUwU7UxqMHIxrblWMi13QFowCgnouMD0Bpnzw9MMD6DFrV96Po4hz62EKQuch1KmIUc23hoQ00tntnMdW2IOafQxQGDvhv4kFE3d_wAU0Q88PsPwDE0r3QCAAA.H4sIAAAAAAAAAAEgAN__CqNUzbEC5VvbqFaz7wCZz_PF5ore87QRhEN1fOaBcxmkC2B4IAAAAA.3&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://sb1-localoutreach.lululemon.app/ HTTP 307
- https://sb1-localoutreach.lululemon.app/
- https://lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fsb1-localoutreach.lululemon.app&response_type=code&client_id=3vqfkd8kb65n9mavdv7h6696o7&identity_provider=lo-saml-sb1-idp&scope=email%20openid&state=zdm5Aam7PR30PHkLVr5kOA8lmGtnYlXX&code_challenge=WgZ1nPn1N_iP5PzS65Mi6O3vHAu5NUlSQAtUSaRvUpo&code_challenge_method=S256 HTTP 302
- https://login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/saml2?SAMLRequest=fZLLbtswFET3%2BQqBe%2BpJ2RRhKTBiGAiQLppHgWYTUOKVQ0AiVV7KbfL1oeWkbTZZkpiZQ8xwc%2FlnHKIjONTW1CSLUxKB6azS5lCTh%2Fs95eSyudigHId8EtvZP5tb%2BDUD%2BmiLCM4H35U1OI%2Fg7sAddQcPtzc1efZ%2BQpEkg6UOvNQDPUVQbDOq7Ci1iWXIimekv0MWzWM5ylcbyAejvY07OyYLM9FqcoBTQACJdkGrjfTLY%2F8hDiFu1J2zaHtvzaANLAnrlFepYgWtihIoW7ectlL1tKx4xUrVr3LJzhgSXe9q8pRClynGMroGaIOhUpSzilPVsr7g1bpdyTJIEWe4Nuil8TXJ05zRtKBZcZ%2BWIl2JksVVwR9J9OOj1vxUayjaoDgXWZPZGWElahRGjoDCd%2BJu%2B%2B1GBKmYnPW2swNpzr2LBeiivXWj9F97Tzda0X6RCjBe%2B5dP7K%2Ft8mNT0pxk51HE%2ByoCJ%2FF3sKfv5rjlx%2F3u5yb5%2F5XN%2B%2FHzZ2neAA%3D%3D&RelayState=H4sIAAAAAAAAAEVRUZOaMBj8L3k2HhyQgG_qeXdaRdDTQzsdJiFBkJAgROzZ6X9vnM60k5fNl939Mru_AAEjcO3gjXcaPqex7Md-__pyAANAzYtQsCO1gB21YckaM83M1OkvecX8iiJPBjXpWY8LhAKksCEwQyi0brrR09NDJlRGhLrqlpOsGIqrObxWckiahx037EwxbmBu4Ha8Whp4AqPvgNekFOaiGi5LBn4MQGEYd1Z7Y1LjaONY0Xu13LdetR77on7T8iCSxAhKQ_s8HW0ZSTtMy8iL7lvkrUq0dvr38dULd2Ibj_VuSzb9rlFGcX6sfvaQgdUjD9J-rHX55SbWIRIhOVQfdEXjW5OG6fzczRLcevu6aV8X52ne4tTebfY3xcrwsrzNsk8UHTe7aUpxaAeRfww2coGSo34nuL_EeSxP1fQ4m5MWi04t1sdCz9rs7R6fZ-KWvE4-5rLcLGPucvrNW09mi_7t6wVedEK63bSQaHWYh93Pr8mLPHWXx-fF355ark1e_-tiyuRnYr7qYviv4CGpyV3JTJ1kqdUwU7UxqMHIxrblWMi13QFowCgnouMD0Bpnzw9MMD6DFrV96Po4hz62EKQuch1KmIUc23hoQ00tntnMdW2IOafQxQGDvhv4kFE3d_wAU0Q88PsPwDE0r3QCAAA.H4sIAAAAAAAAAAEgAN__CqNUzbEC5VvbqFaz7wCZz_PF5ore87QRhEN1fOaBcxmkC2B4IAAAAA.3
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
sb1-localoutreach.lululemon.app/ Redirect Chain
|
615 B 977 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chunk-vendors.f06bbd7d.js
sb1-localoutreach.lululemon.app/js/ |
3 MB 587 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.84cde3a6.js
sb1-localoutreach.lululemon.app/js/ |
308 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.64f1bdd4.css
sb1-localoutreach.lululemon.app/css/ |
72 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saml2
login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/ Redirect Chain
|
21 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
238 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-spinner.svg
sb1-localoutreach.lululemon.app/ |
660 B 1016 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-yogo-light.svg
sb1-localoutreach.lululemon.app/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
splash.082a7c34.png
sb1-localoutreach.lululemon.app/img/ |
855 KB 857 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CalibreWeb-Regular.woff
globalstaticassets.lululemon.com/fonts/ |
40 KB 40 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 265 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BssoInterrupt_Core_3j2JgMBNuZbncq02org-aA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/70890d43-935e-47b8-badf-598945df62a4/ |
47 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
110 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_GVfoNPG_FcWzb4W9VLsB8g2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
432 KB 118 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-fi.min_syd_omnlwc8hd3u2dvxvca2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
58 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_97396a3e5322cbd93a9a.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
illustration
aadcdn.msauthimages.net/dbd5a2dd-mvhrzjbstlphsn6de2plvgn04cmztycwtxpjyuajt4e/logintenantbranding/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-mvhrzjbstlphsn6de2plvgn04cmztycwtxpjyuajt4e/logintenantbranding/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ssoprobe
autologon.microsoftazuread-sso.com/70890d43-935e-47b8-badf-598945df62a4/winauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-VZ122CH0PH>m=45je43b0v9119125662za200&_p=1710306414556&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2134522677.1710306415&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1710306414&sct=1&seg=0&dl=https%3A%2F%2Fsb1-localoutreach.lululemon.app%2F&dt=Local%20Outreach&en=user_engagement&_et=1783&tfd=4570
- Domain
- aadcdn.msauthimages.net
- URL
- https://aadcdn.msauthimages.net/dbd5a2dd-mvhrzjbstlphsn6de2plvgn04cmztycwtxpjyuajt4e/logintenantbranding/0/illustration?ts=635676377044097449
- Domain
- aadcdn.msauthimages.net
- URL
- https://aadcdn.msauthimages.net/dbd5a2dd-mvhrzjbstlphsn6de2plvgn04cmztycwtxpjyuajt4e/logintenantbranding/0/bannerlogo?ts=635676377014416874
- Domain
- autologon.microsoftazuread-sso.com
- URL
- https://autologon.microsoftazuread-sso.com/70890d43-935e-47b8-badf-598945df62a4/winauth/ssoprobe?client-request-id=4cbd518b-7ffc-43c0-87fe-4249cd9fec17&_=1710306420431
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_a6fdd1f788f9ba8e71a1 boolean| __convergedlogin_pfetchsessionsprogress_97396a3e5322cbd93a9a17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .lululemon.app/ | Name: _ga Value: GA1.1.2134522677.1710306415 |
|
| lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com/ | Name: XSRF-TOKEN Value: bece0970-7169-4a05-9384-2954d8f45927 |
|
| lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com/ | Name: csrf-state Value: uarTOtiy4X0YPlNaYkTbMbQwp_N_IjsEX7r5VmprFJjCfr7_1URVwodiNqLwEcW6PZRUC_b7N19P8Z9RnJ6XZtHa7vqQfQngkCZEIar7lsoJOZhtErcGzQjElwXFBTIniRLQe4ebK5OBEJvGyD-qtXasUChn6MYINsxyBDngsqo |
|
| lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com/ | Name: csrf-state-legacy Value: uarTOtiy4X0YPlNaYkTbMbQwp_N_IjsEX7r5VmprFJjCfr7_1URVwodiNqLwEcW6PZRUC_b7N19P8Z9RnJ6XZtHa7vqQfQngkCZEIar7lsoJOZhtErcGzQjElwXFBTIniRLQe4ebK5OBEJvGyD-qtXasUChn6MYINsxyBDngsqo |
|
| .login.microsoftonline.com/ | Name: esctx-judDQUCnE Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8gdIMMbU4dvKAQutnogDBH0hqOqz5RmMiQDFeuLH3linyuukxHi43cbpuD9nIPIePiamEzH6bUks0yXAbq6t3EtJ7JywsThM33fZ-EoJ9Gd6i2TCos8ObaqzfcAQ1TXK-_sk7up8we1DVG4HvcFe3diAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .lululemon.app/ | Name: _ga_VZ122CH0PH Value: GS1.1.1710306414.1.0.1710306416.0.0.0 |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.ARMAQw2JcF6TuEe631mJRd9ipIOXYa05qkBEtaQpdiI7daXaAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8CxcbMA-NMv2LBnEeZdfEfDz5PxNVlZCjOgSM2arFaLzwbGURqVTjlGtt1D5ALWkTNwu_Cp_nX71F3DW4Kgw5hU4GpMrtx8676KcZ5J6dTrAgAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8Sfm9ON8sfTuOozdQH_suYlTG3Dr_JyO_5iwQ-SbEjGAC23DWLgpU70wwLeAu6JfnkvD9l-4LOgnGJL3gOtCc484yxeGFS3PuYNnkFuhlkmd7wXJO_UmhtbZCW9ADNYN-he3f1JvJW1gCewU78cu7zRBhSop5f9HA3eZHINrqdmMgAA |
|
| .login.microsoftonline.com/ | Name: esctx-LjEp5ejsGAo Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8jkPD-cRwrgMEHJPiZZX9vVPzDY33TDzDefbljhnFZCtNJZMdlgJfPNyYNnWQwxi2OIkU6FcYcFmQjYGMnJSL3FkFRu-AcEyub3Sf3oMLMziToJ6fgB4cz0GFG4khMyAgUUsPoRnLJJq4z-gy86t6YCAA |
|
| login.microsoftonline.com/ | Name: fpc Value: Aur0mBPlSu1PsZ5_koI2R5Hi6NCrAQAAAHErg90OAAAA |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: 7bf382baeb8a4aafa722174a437eea74 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1710306419&co=1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
aadcdn.msftauth.net
autologon.microsoftazuread-sso.com
globalstaticassets.lululemon.com
lo-retail-saml-sb1-domain.auth.us-west-2.amazoncognito.com
login.live.com
login.microsoftonline.com
region1.google-analytics.com
sb1-localoutreach.lululemon.app
www.googletagmanager.com
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
region1.google-analytics.com
13.107.213.42
142.250.186.168
152.199.23.37
216.239.34.36
23.44.194.161
40.126.31.71
40.126.32.140
52.24.197.175
65.9.66.128
187b381cabf0eae8cae0a6b55f64f649d0cd72d3c6d745aeec1b38092eaca8fb
21e661558e1c3677c310d88c0d083f08c3da704451067b2ef47022a07699bb87
29170e4072dc14024dc54d15937d71e2aef55f2a8b383d7c583ce85ec1f97880
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
5bdad2ad5639e84e90ab6ae5749cec8bb4690b9f0ee9190a659f9c2f7f4a0f4e
7883a97ebd109540ce136e370ec22e24a12b637700ed23de5d5f4aafc8644a9b
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
92195cf4c499ed7c3b2b2acea1b90c648301d1833078f22b77dfa4d5387f8c03
96e27058c7363b6a12de9fbe2ab2371e2c695587b733c5eb6cf7d0a66c833095
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bcfb7cdee2840e631a871209316587351535ff6a2fc7a7c9056442e1f269bf7f
c624d12a691421bedbf2d1933f6dfbd80d0f9ccebec7ed27ffacfe3123b81fd0
e6696ef7819b3a0cca325f79fbf45636b9c26124bdccac98ae9d5c49c6b7e80f