login.microsoftonline.us
Open in
urlscan Pro
52.126.195.7
Public Scan
Effective URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_t...
Submission: On March 06 via automatic, source ayashige — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 6th 2022. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.72.27.219 13.72.27.219 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2600:141b:e80... 2600:141b:e800:29::1721:2cda | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 52.227.182.149 52.227.182.149 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 52.126.195.7 52.126.195.7 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:4e:1... 2620:1ec:4e:1::40 | () () | |
3 | 2001:489a:340... 2001:489a:3403::5e0 | () () | |
11 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
security.microsoft.us.mcas-df-gov.us |
ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
security.microsoft.us |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
msftauth.us
aadcdn.msftauth.us Failed |
49 KB |
3 |
azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 33368 |
44 KB |
2 |
microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 13046 |
106 KB |
1 |
msauth.net
aadcdn.msauth.net |
112 KB |
1 |
microsoft.us
1 redirects
security.microsoft.us — Cisco Umbrella Rank: 266779 |
1 KB |
1 |
mcas-df-gov.us
security.microsoft.us.mcas-df-gov.us |
894 B |
11 | 6 |
Domain | Requested by | |
---|---|---|
3 | aadcdn.msftauth.us |
login.microsoftonline.us
|
3 | mcasproxy.azureedge.net |
security.microsoft.us.mcas-df-gov.us
mcasproxy.azureedge.net |
2 | login.microsoftonline.us |
login.microsoftonline.us
|
1 | aadcdn.msauth.net |
login.microsoftonline.us
|
1 | security.microsoft.us | 1 redirects |
1 | security.microsoft.us.mcas-df-gov.us | |
11 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.microsoft.us.mcas-gov.us DigiCert SHA2 Secure Server CA |
2022-11-24 - 2023-11-24 |
a year | crt.sh |
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01 |
2022-07-27 - 2023-07-22 |
a year | crt.sh |
login.microsoftonline.us DigiCert SHA2 Secure Server CA |
2022-12-06 - 2023-12-06 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-01-27 - 2024-01-27 |
a year | crt.sh |
aadcdn.msftauth.us DigiCert SHA2 Secure Server CA |
2022-12-20 - 2023-12-20 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Frame ID: B9C7DB7B17F69EFCB262EB31958C5243
Requests: 9 HTTP requests in this frame
Frame:
https://mcasproxy.azureedge.net/proxyweb/1.29.15/html/session-context-restore.html
Frame ID: 6C1A1C082D3D9415A3579FD5F2A491E5
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://security.microsoft.us.mcas-df-gov.us/ Page URL
-
https://security.microsoft.us/
HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&respo... Page URL
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&respo... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://security.microsoft.us.mcas-df-gov.us/ Page URL
-
https://security.microsoft.us/
HTTP 302
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0 Page URL
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://security.microsoft.us/ HTTP 302
- https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
security.microsoft.us.mcas-df-gov.us/ |
1 KB 894 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.29.15/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.29.15/html/ Frame 6C1A |
209 B 660 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.29.15/js/ Frame 6C1A |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.us/common/oauth2/ Redirect Chain
|
152 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.us/common/oauth2/ |
199 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
aadcdn.msftauth.us/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
401 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.us/ests/2.1/content/cdnbundles/ |
117 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msftauth.us/ests/2.1/content/cdnbundles/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msftauth.us/ests/2.1/content/cdnbundles/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aadcdn.msftauth.us
- URL
- https://aadcdn.msftauth.us/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
security.microsoft.us/ | Name: s.SessID Value: e0908ad5-bd97-4aff-b548-86fd86864846 |
|
security.microsoft.us/ | Name: OpenIdConnect.nonce.hVI8QmaB8VFr34wniavGvspUHfiNgbDC6i64Y8rndjk%3D Value: Mjk4aVM0aWk0Z1hkMnljN0VweEJvX0Z2RUcxTzExdVJXWWxpWjdCRGc5V3FkaTg4Q1hEWXk2Y0EwNnhvNjNWZHljSnZsTURqMEUyN2J6dkMxZENCd09DcWFDZkx1SG5LTmk4SV9tSC1wbGM4Qmh5eUtrcm9VYTJFMmotTWx4WHN4X25kVURRQjN6N0ZtSU50YjVxZFloUHJaQndmcjhWNDhuOTVubTExTDR1MTRqWGVtODhpNWhfNnhqcXFTTWNRUmozWi1pU2RRZ29NWnlEcTUxVXJ3MWdpWDNmRUZUWmJiR2ktM2VSdDI2c2tOdnlSajRMOUMwb3NNT05uLW5JNG1kUEpIR2V6VnEzRElhdC0wUVZXaEE%3D |
|
login.microsoftonline.us/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.us/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.us/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.us/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.us/ | Name: buid Value: 0.AQMAMe_N-B6jSkuT5F9XHpElWmfKzIC9VKtEhiVLecTcd3UBAAA.AQABAAEAAgBXxJ9NxOLiQKGXj-vdb8Bd9XS6lRgA_ER_EJuRNnuEUEKFwaD9Tr5EXp5DootlNNxWElLfYYxIo8ps8sPkf_oWee1EamuA2ZXGNsHdEDyz415qcJQOYTLKvJl_l2Oqyi0gAA |
|
login.microsoftonline.us/ | Name: fpc Value: AjUErsjuVS9Lol0DGUaFTjFc5p_pAQAAAOH1l9sOAAAA |
|
.login.microsoftonline.us/ | Name: esctx Value: PAQABAAEAAgBXxJ9NxOLiQKGXj-vdb8Bd1IO0_QNDZn_oCpT0DkER_TrsvM-9xKP9E2VWkinmEf-9axA62I3wiwr7gIhYHEYNnp3bJpW13-Cq-6OfnKnhCSWBLNZ_S9FNjEGkbr6avkd0bITOEC9ucPUo2HZWXahNoId7Jwk0NlHpQ0znL32wwYBMM9dYaoVsOgi9Sm9MPasgAA |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.us
login.microsoftonline.us
mcasproxy.azureedge.net
security.microsoft.us
security.microsoft.us.mcas-df-gov.us
aadcdn.msftauth.us
13.72.27.219
2001:489a:3403::5e0
2600:141b:e800:29::1721:2cda
2620:1ec:4e:1::40
52.126.195.7
52.227.182.149
50c7a6bc126f23bed4e86844e23471bc2b77bdf396bfe93fee9eb364bc99f9f6
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
6b9a9f5cdd84c51c8580d0c1ef1d24d909ec2abb52ffc92e6d768ad186b73d4b
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
a7699544b87dcf7043f34387e5fa0382a90f672d947dd730e2f4610bc470e923
b12e862a8e4489c99304a04d61f61b08995f47699811ab785f791374805f5f12
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
d04ef2d896f234ab8f9623a91b3b927c2d809b96deb0ebc59be7d4585fae802e
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0