🌐
Microsoft Learn
learn.microsoft.com › en-us › answers › questions › 1822640 › what-is-the-subnet-for-aadcdn-msftauth-net-and-aad
What is the subnet for aadcdn.msftauth.net and aadcdn.msftauth.net ? - Microsoft Q&A
The issue is on one particular VM that was created for running tests. When we open the application from this VM, authentication times out (net::ERR_CONNECTION_TIMED_OUT). The VM cannot reach https://aadcdn.msftauth.net and https://aadcdn.msftauth.net.
🌐
Microsoft Learn
learn.microsoft.com › en-us › answers › questions › 1822636 › what-is-the-subnet-for-*-msftauth-net-and-*-msftau
What is the subnet for *.msftauth.net and *.msftauth.net ? - Microsoft Q&A
login.microsoftonline.com *.aadcdn.msftauth.net *.aadcdn.msftauthimages.net *.aadcdn.msauthimages.net *.logincdn.msftauth.net login.live.com *.msauth.net *.aadcdn.microsoftonline-p.com *.microsoftonline-p.com
🌐
Reddit
reddit.com › r/antivirus › what is this - https://amcdn.msftauth.net
r/antivirus on Reddit: what is this - https://amcdn.msftauth.net
September 26, 2024 -

Is ' https://amcdn.msftauth.net' related to Microsoft two-factor? When I google it I get a mix of things including things indicating it was malicious.

Thanks!

Top answer
1 of 4
1
Hello, For future reference, all links must be defanged in this subreddit that aren't VirusTotal or similar websites. Please refer to rule #5: Do not intentionally link to malicious sites (links to VirusTotal and Hybrid Analysis are fine). If you must post a link, please 'de-fang' it by breaking the URL up with brackets like so: https[:]//www[.]example[.]com
2 of 4
1
Seems to be related to MS 2FA yea. May also have a link with Azure but I can’t tell you what exactly by looking to what I can see on internet. I haven’t found anything on Google saying it’s malicious though. VirusTotal and Joe Sandbox find this website safe and it seems to have a good trust score.
🌐
AlienVault
otx.alienvault.com › indicator › domain › aadcdn.msftauth.net
aadcdn.msftauth.net - LevelBlue - Open Threat Exchange
Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
🌐
Pulsedive
pulsedive.com › ioc › aadcdn.msftauth.net
aadcdn.msftauth.net
View ports, protocols, web technologies, WHOIS, DNS, HTTP headers, meta tags, region, malware, threats, feeds, and other threat intelligence for free.
🌐
Malwarebytes Forums
forums.malwarebytes.com › home › malwarebytes for home support › false positives › website blocking › microsoft site now being blocked
Microsoft site now being blocked - Website Blocking - Malwarebytes Forums
February 19, 2021 - When trying to log into an educational site that uses Microsoft Azure, it is now being flagged as malicious. The domain is aadcdn.msauth.net . What is best to unblock this site? Thank you!
🌐
Netify
netify.ai › home › resources › domains › msftauth.net
msftauth.net - Domain Info - Microsoft Auth
The *.msftauth.net domain is associated with Microsoft Auth.
🌐
WebTechSurvey
webtechsurvey.com › website › aadcdn.msftauth.net
aadcdn.msftauth.net technology stack
aadcdn.msftauth.net technology stack, technology usage changes, and contact information.
🌐
EmailVeritas
emailveritas.com › url-checker › aadcdn-msftauth-net
Check if aadcdn.msftauth.net is legit or a scam | Link Checker | URL Checker | Website Checker - EmailVeritas
Before clicking on any link, use our free URL checker to quickly spot phishing, unsafe or scam websites. Find out if aadcdn.msftauth.net is legit and reliable.
🌐
Broadcom
knowledge.broadcom.com › external › article › 279137 › chrome-and-firefox-but-not-edge-appear-t.html
Chrome (and Firefox, but not Edge) appear to be stuck at login.microsoft when SAML authentication to Azure is enabled with IPSEC access method.
February 12, 2024 - aadcdn.msauth.net aadcdn.msftauth.net · During the auth process, user is redirected to login.microsoftonline.com (via saml.threatpulse.net as expected). However, when using Chrome/Firefox, this endpoint sends back a HTTP response referencing objects in the aadcdn.msauth.net and aadcdn.msftauth.net domains.
Find elsewhere
🌐
Benoit's Corner
blog.hametbenoit.info › 2018 › 11 › 16 › office-365-azure-new-cdns-are-going-to-be-used-for-authentication
Office 365 / Azure – New CDN’s are going to be used for authentication
November 15, 2018 - aadcdn.msftauth.net · ccscdn.msauth.net · ccscdn.msftauth.net · If you need the IP addresses you can go there https://endpoints.office.com/endpoints/worldwide ·
🌐
Spiceworks Community
community.spiceworks.com › cloud computing & saas
O365 Whitelist addition by Dec 10 2018 - Cloud Computing & SaaS ...
July 7, 2018 - In case you didn’t see this … If you Whitelist the Microsoft domains for Authentication to O365 please add the following;- aadcdn.msauth.net aadcdn.msftauth.net ccscdn.msauth.net ccscdn.msftauth.net MC165128 Prevent or Fix Issues Published On : 15 November 2018 Action required by 10 December 2018 We’re making some changes to the Microsoft 365 login experience.
🌐
ANY.RUN
any.run › report › eb55a3af3b0036c437dd94765018c9ac4ad845eb67d8bc6c8b7dbf3b50a12d77 › 0d1716c3-1d63-4ae2-86d4-37b6039e95ea
Malware analysis https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg No threats detected | ANY.RUN - Malware Sandbox Online
Online sandbox report for https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg, verdict: No threats detected
🌐
Domain
domain.glass › msftauth.net
msftauth.net Ownership Information and DNS Records
ns1-02.azure-dns.com a5-65.akam.net a1-115.akam.net ns3-02.azure-dns.org ns2-02.azure-dns.net ns4-02.azure-dns.info a28-64.akam.net a9-66.akam.net aadnetsre.microsoft.com msftauth.net
🌐
Microsoft
microsofttouch.fr › default › b › js › posts › azure-ad-ajout-d-urls-utilisees-pour-l-authentification-a-azure-active-directory
MicrosoftTouch
aadcdn.msftauth.net · ccscdn.msauth.net · ccscdn.msftauth.net · Le changement est prévu au 22 février. Facebook Like ·
🌐
Azure Docs
docs.azure.cn › en-us › azure-portal › azure-portal-safelist-urls
Allow the Azure portal URLs on your firewall or proxy server - Azure portal | Azure Docs
aadcdn.msauth.cn aadcdn.msftauth.cn login.live.com catalogartifact.azureedge.net store-images.s-microsoft.com *.azure.cn *.microsoft.cn *.microsoftonline.cn *.msidentity.cn *.chinacloudapi.cn *.trafficmanager.cn *.windowsazure.cn
🌐
ANY.RUN
any.run › report › 508fd81871af5a4030e7c8da7bf7bb416990c12ab0206c243640c3575bfb4616 › 6e5d6a8a-7d6e-407d-9274-9538794f0b24
Malware analysis https://aadcdn.msftauth.net No threats detected | ANY.RUN - Malware Sandbox Online
Online sandbox report for https://aadcdn.msftauth.net, verdict: No threats detected
🌐
ANY.RUN
any.run › report › 21e31470c0821e1b11dee7771f8bfb55d4bee139481bd428ebad3bdc03b64ba3 › 91723cc0-75a5-42d9-b5de-119ea18fc34c
Malware analysis aadcdn.msauth.net Malicious activity | ANY.RUN - Malware Sandbox Online
Online sandbox report for aadcdn.msauth.net, tagged as phishing, verdict: Malicious activity
🌐
Savance Workplace
savanceworkplace.com › home › can’t sign in through microsoft: “necessary sites are not trusted”
Can't Sign in through Microsoft: "Necessary sites are not trusted" - Savance Workplace
August 8, 2022 - These are the necessary sites: https://login.microsoftonline.com/ https://aadcdn.msftauth.net
🌐
Stack Overflow
stackoverflow.com › questions › 61430665 › service-to-service-authentication-with-managed-identity-in-azure
Service to Service authentication with Managed Identity in Azure - Stack Overflow
Top answer
1 of 2
1

You have done the right thing by registering the api as an app in Azure. You also have to add the Authentication middleware like

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddJwtBearer(o =>
                {
                    AuthenticationSettings settings = Configuration.GetSection("Authentication").Get<AuthenticationSettings>();
                    o.Authority = settings.Authority;
                    o.TokenValidationParameters = new TokenValidationParameters
                    {
                        ValidAudiences = new[]
                        {
                            settings.ClientId,
                            settings.ApplicationIdUri
                        }                        
                    };
                });

Then add "UseAuthentication" in the pipleline. See if this helps.

2 of 2
0

Assuming that the bearer token you are getting is valid and what you expect (you can always decode it to see a look at its claims), then you need to provide more details about the specific service you are calling. It's possible that the service requires 2FA or has other authentication strength policy that your bearer token does not meet and is thereby redirecting to continue authentication.