login.microsoftonline.com
Open in
urlscan Pro
2603:1027:1:d8::7
Public Scan
Effective URL: https://login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/authorize?client_id=87182aad-323b-4994-92f7-6a5...
Submission: On June 21 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 81.69.145.147 81.69.145.147 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
2 | 2603:1027:1:d... 2603:1027:1:d8::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:bdf::60 2620:1ec:bdf::60 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | () () | |
21 | 5 |
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
bpm.sanofidigital.cn | |
svr.sanofidigital.cn |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
sanofidigital.cn
bpm.sanofidigital.cn svr.sanofidigital.cn |
990 KB |
5 |
msftauth.net
aadcdn.msftauth.net |
270 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11 |
27 KB |
1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1015 |
49 KB |
0 |
live.com
Failed
login.live.com Failed |
|
21 | 5 |
Domain | Requested by | |
---|---|---|
7 | bpm.sanofidigital.cn |
bpm.sanofidigital.cn
|
5 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
4 | svr.sanofidigital.cn |
bpm.sanofidigital.cn
|
2 | login.microsoftonline.com |
bpm.sanofidigital.cn
aadcdn.msauth.net |
1 | aadcdn.msauth.net |
login.microsoftonline.com
|
0 | login.live.com Failed |
login.microsoftonline.com
|
21 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bpm.sanofidigital.cn DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-27 - 2025-03-26 |
a year | crt.sh |
svr.sanofidigital.cn DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-21 - 2025-02-20 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-27 - 2025-05-27 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-04-30 - 2025-04-30 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/authorize?client_id=87182aad-323b-4994-92f7-6a53794a30ee&response_type=code&redirect_uri=https%3a%2f%2fsvr.sanofidigital.cn%2foauth%2fcallback&response_mode=query&scope=user.read&nonce=96586b004a084d69b25695156bfe9670&state=bpm&sso_reload=true
Frame ID: F2F848406F8F63FC4D3C758036815C08
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bpm.sanofidigital.cn/
HTTP 307
https://bpm.sanofidigital.cn/ Page URL
- https://login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/authorize?client_id=87182aa... Page URL
- https://login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/authorize?client_id=87182aa... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bpm.sanofidigital.cn/
HTTP 307
https://bpm.sanofidigital.cn/ Page URL
- https://login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/authorize?client_id=87182aad-323b-4994-92f7-6a53794a30ee&response_type=code&redirect_uri=https%3a%2f%2fsvr.sanofidigital.cn%2foauth%2fcallback&response_mode=query&scope=user.read&nonce=96586b004a084d69b25695156bfe9670&state=bpm Page URL
- https://login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/authorize?client_id=87182aad-323b-4994-92f7-6a53794a30ee&response_type=code&redirect_uri=https%3a%2f%2fsvr.sanofidigital.cn%2foauth%2fcallback&response_mode=query&scope=user.read&nonce=96586b004a084d69b25695156bfe9670&state=bpm&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bpm.sanofidigital.cn/ HTTP 307
- https://bpm.sanofidigital.cn/
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
bpm.sanofidigital.cn/ Redirect Chain
|
431 B 525 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-BypUawnP.js
bpm.sanofidigital.cn/assets/ |
914 KB 914 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-CzXcgdWD.css
bpm.sanofidigital.cn/assets/ |
328 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login-C-ogS5YW.js
bpm.sanofidigital.cn/assets/ |
930 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auth-C7K7yki_.js
bpm.sanofidigital.cn/assets/ |
207 B 435 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login-DbF7M_ZJ.css
bpm.sanofidigital.cn/assets/ |
2 KB 863 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GenerateToken
svr.sanofidigital.cn/ |
510 B 790 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
GenerateToken
svr.sanofidigital.cn/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
bpm.sanofidigital.cn/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GenerateSSOUrl
svr.sanofidigital.cn/ |
310 B 545 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
GenerateSSOUrl
svr.sanofidigital.cn/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/ |
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/aca3c8d6-aa71-4e1a-a10e-03572fc58c0b/oauth2/v2.0/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
437 KB 119 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
61 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
login.live.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_f2e0f4a029670f10d892.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
186 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.live.com
- URL
- https://login.live.com/Me.htm?v=3
- Domain
- aadcdn.msftauth.net
- URL
- https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.microsoftonline.com/ | Name: esctx-eU25WHsidgs Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYPb3buopyyhX7hUq7IvHSgEUm0uyZ144NHgwqFQb7d0HJ2sOrueBm1C1UAS4ZWgXp1ZMEyJJ_by4mxXjsdgnI-gSHU48BLbF149W63c6WEc5wYMEw98Io4LOe-m5DUCSNTOXJTzuyVixxE-O8Oe6_KyAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQIA1sijrHGqGk6hDgNXL8WMC60qGIc7MpRJkvdqU3lKMO4CAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYiCDLW1QX-uaDltAQgc0h7f-YuHTVK6lRatlfC1ZHvLQ6DOnJstFx37ITHoNxAJfydBElA0rWh84E4xIqnL3G5v2oEDxVh4vAmSTi2akppFAgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY1ntszsIiMhFT-TsQsDIBtyJVSkQr3MSgR3QS02CZ3Jgxkgs-CGukD6SFtNNG26iwQ-R0hCL6VnEndCdZjPY0KzQpCG4LZAJ1t8cITQ9NhA3O8X0ahj_5xfdrqkvVSnPPqhOw25sgIrR3qEVPowSvdrK_cNhDIOlkHaAzM52DiRggAA |
|
.login.microsoftonline.com/ | Name: esctx-xlUgdQF9j9o Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY7z4o_iAk-rrz7pbuGpvw0pvWQXwHjRhWpbu-STMkxd0EQn7NyxxC70HJeOLUlzmFDT6lCd1BqgUCfsZz6jkgtNjGYfI270c3mQu9eGsTDxZoOQaVZvERZS1c7ftLHfTbpBQt_mqF3R560tgy3gd9hCAA |
|
login.microsoftonline.com/ | Name: fpc Value: AsIot4wqrlNGshQ7lw_JMeHRmTjDAQAAAPNPB94OAAAA |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
bpm.sanofidigital.cn
login.live.com
login.microsoftonline.com
svr.sanofidigital.cn
aadcdn.msftauth.net
login.live.com
2603:1027:1:d8::7
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::60
81.69.145.147
011cf98eec152be3c59218c53a2b0086c614acde591e7ed5b09d0ff4a67be521
0a45c5f023c8fe0b7827e8bcfb00eee2984859727050c317ddefc1b51b906de7
23804c857c0f312172654571928d8945eb9585b94f6d4be9c59a37eae054c0fd
2958946cc04e81d166de45948d53bb4bec029f6a83660829d7c02c30ef49b906
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
4762af94b1a350f7c677f099b72eca1b74ab16c7b47d07195bc44ee4aac698c7
544c23be0ff6fd08eb7c068c434ed7b398d415d104a145995b69503b6c5017bd
5f8510f3d5c3a4d600b067b0744ed4c4d0a7ea08b9c305a1e591227a42f5eaf7
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
a51fdd6bb284baed8565ea4d05c104cb07e8e39be09e064c90d7dc3f6efbd5aa
ad542d50e69446684ee66ff10b0fc2e16fafa736ae0b6061f241d3157e1bc451
b732d8036c4f681f53306636d78bf0ae108abeceeeb3521afd6ac86e0545fea1
c8796e15ca0f0b5b01b453da84b7370364893f94770ab188196c4f420d0f35ab
ecdd95f8f8384482d55c65af2895a96c9e706249a1b55ffe2d41df414fee52dd
ff6c4857f6f1ae8d2c56a40cc68c6263b805aff89a08ec297fff38714d122544