Submitted URL: https://vodafone.help/
Effective URL: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On February 02 via api from JP — Scanned from GB

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 193.149.185.70, located in London, United Kingdom and belongs to BLNWX, US. The main domain is login.microsoflontine.com.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.
This is the only time login.microsoflontine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.61.138.111 399629 (BLNWX)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
3 5 193.149.185.70 399629 (BLNWX)
1 40.126.32.67 ()
7 152.199.23.37 ()
20 7
Apex Domain
Subdomains
Transfer
7 msftauth.net
aadcdn.msftauth.net
188 KB
5 microsoflontine.com
login.microsoflontine.com
www.microsoflontine.com
358 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
167 KB
2 vodafone.help
vodafone.help
1 KB
1 live.com
login.live.com
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1630
27 KB
20 6
Domain Requested by
7 aadcdn.msftauth.net login.microsoflontine.com
aadcdn.msftauth.net
4 login.microsoflontine.com 2 redirects login.microsoflontine.com
2 cdnjs.cloudflare.com vodafone.help
cdnjs.cloudflare.com
2 vodafone.help vodafone.help
1 login.live.com login.microsoflontine.com
aadcdn.msftauth.net
1 www.microsoflontine.com 1 redirects
1 i.pinimg.com vodafone.help
20 7

This site contains no links.

Subject Issuer Validity Valid
vodafone.help
R3
2023-02-01 -
2023-05-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
i2.pinimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-05-14
10 months crt.sh
login.microsoflontine.com
R3
2023-01-31 -
2023-05-01
3 months crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2023-01-02 -
2024-01-02
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2022-04-01 -
2023-04-01
a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Frame ID: D761E92DDB2DD49DE1AA88EDBBE8D801
Requests: 19 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 06D2DE8E325A7745537152E5FE5BC614
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://vodafone.help/ Page URL
  2. https://login.microsoflontine.com/nBXpffMg HTTP 302
    https://login.microsoflontine.com/ HTTP 302
    https://www.microsoflontine.com/login HTTP 302
    https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
  3. https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

20
Requests

75 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

737 kB
Transfer

1148 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vodafone.help/ Page URL
  2. https://login.microsoflontine.com/nBXpffMg HTTP 302
    https://login.microsoflontine.com/ HTTP 302
    https://www.microsoflontine.com/login HTTP 302
    https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 Page URL
  3. https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://login.microsoflontine.com/nBXpffMg HTTP 302
  • https://login.microsoflontine.com/ HTTP 302
  • https://www.microsoflontine.com/login HTTP 302
  • https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
vodafone.help/
892 B
801 B
Document
General
Full URL
https://vodafone.help/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.138.111 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5aa015b2abc6d23f1cfac262eedb238ebacc7cb84be54cd12293185fcc89ac68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Feb 2023 17:03:59 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
refresh
0.5;url=https://login.microsoflontine.com/nBXpffMg
style.css
vodafone.help/assets/css/
190 B
435 B
Stylesheet
General
Full URL
https://vodafone.help/assets/css/style.css
Requested by
Host: vodafone.help
URL: https://vodafone.help/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.61.138.111 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bcfa1c74ce9c5abb1ffffa66fe96945e39ec7cbcef09cd744f35a2c753aeaedf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vodafone.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 17:03:59 GMT
Last-Modified
Wed, 01 Feb 2023 21:56:50 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63dae022-be"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
190
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/
100 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Requested by
Host: vodafone.help
URL: https://vodafone.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vodafone.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
610975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18716
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-491c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1lNg%2FSoRtUBvwDtTtiLlRZ4AMay9tsy%2F1ZuLBDiab51wldiSos%2BWvERK9OYc9oa29vYRl4KEl2v3aQ1RI5ZAb8xdm0e9S%2BhBEuZ2o4cr9%2FEn%2BwQEbSNZm5tGotRM120fndVKLXEwXmvVAjXFwGmTjQU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793480df6fdb732d-LHR
expires
Tue, 23 Jan 2024 17:03:59 GMT
b45c73344e728b81ceae1c7b539b75e5.png
i.pinimg.com/originals/b4/5c/73/
27 KB
27 KB
Image
General
Full URL
https://i.pinimg.com/originals/b4/5c/73/b45c73344e728b81ceae1c7b539b75e5.png
Requested by
Host: vodafone.help
URL: https://vodafone.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:9::58dd:5c17 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12db43ebd91a19bbf888602db4c74139857eddd29534e463e6e9d8c786fdde76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vodafone.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.17291202.1675357440.588f2139
etag
"53015aad4cf940e4d341c556ac2d8014"
vary
Origin
content-type
image/png
cache-control
immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
27686
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/
147 KB
148 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08892835e828657736cc2fc56b6604a5a2517c0126b4d4df14fbba739969c170
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin
https://vodafone.help
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:04:00 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
663103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150516
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-24bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4TedGsVabMDbhiyvaL7H%2FChoH6VuEkSppoImEQh0%2B%2F6bfKIAhAPDnv1DoYRkFr6i3LZj%2B%2F8Ul%2BngPD8OFNHmB%2Fm5i07ipEuvaMX0Woi9tx4n8vgx87ug%2FjWV%2Bhlpsuss9zSkVMndjqnIr%2BYqQbzoH4o"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
793480e03b7223e8-LHR
expires
Tue, 23 Jan 2024 17:04:00 GMT
authorize
login.microsoflontine.com/common/oauth2/v2.0/
Redirect Chain
  • https://login.microsoflontine.com/nBXpffMg
  • https://login.microsoflontine.com/
  • https://www.microsoflontine.com/login
  • https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&sco...
152 KB
153 KB
Document
General
Full URL
https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.185.70 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vodafone.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 17:04:01 GMT
Expires
-1
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Ms-Clitelem
1,50168,0,,
X-Ms-Ests-Server
2.1.14526.6 - WEULR1 ProdSlices
X-Ms-Request-Id
55877842-f99a-4169-9ec7-71d5b16e2d00

Redirect headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 17:04:01 GMT
Location
https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
CONFIG_NOCACHE
X-Msedge-Ref
Ref A: 6F41BB11362F443A882826BDBDAD3BBF Ref B: LON212050709019 Ref C: 2023-02-02T17:04:01Z
X-Ua-Compatible
IE=edge,chrome=1
Primary Request authorize
login.microsoflontine.com/common/oauth2/v2.0/
200 KB
201 KB
Document
General
Full URL
https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Requested by
Host: login.microsoflontine.com
URL: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.185.70 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software
/
Resource Hash
e62c0d21a7c52d297688c2fe89f3547146db67ce859903dc564da5862d856703

Request headers

Referer
https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 17:04:02 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Dns-Prefetch-Control
on
X-Ms-Clitelem
1,0,0,,
X-Ms-Ests-Server
2.1.14526.6 - WEULR1 ProdSlices
X-Ms-Request-Id
9a33dde0-4659-4954-be31-2dc871ac3500
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoflontine.com
URL: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.67 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
aadcdn.msftauth.net/shared/1.0/content/js/
393 KB
111 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Requested by
Host: login.microsoflontine.com
URL: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CE6) /
Resource Hash
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490

Request headers

Referer
https://login.microsoflontine.com/
Origin
https://login.microsoflontine.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-encoding
gzip
content-md5
2lcEQ5vglpXqxT8YZRDC3A==
age
3802941
x-cache
HIT
content-length
112847
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 22:42:44 GMT
server
ECAcc (frc/4CE6)
etag
0x8DADFB6D8C61632
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
888b7a37-401e-0085-1c91-143361000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
107 KB
32 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CE0) /
Resource Hash
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-encoding
gzip
content-md5
e/EZAgcGdIaZjab5+bzwzw==
age
4751925
x-cache
HIT
content-length
32186
x-ms-lease-status
unlocked
last-modified
Wed, 07 Dec 2022 05:02:00 GMT
server
ECAcc (frc/4CE0)
etag
0x8DAD8102C79D54C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1f629a6e-c01e-002b-12f0-0b749b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
0
20 KB
Other
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoflontine.com
URL: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
12156811
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (frc/4C94)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ce9670ed-701e-0052-0a97-c89062000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_fuswktwg1niy7dxx6qlx_w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
0
14 KB
Other
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_fuswktwg1niy7dxx6qlx_w2.js
Requested by
Host: login.microsoflontine.com
URL: https://login.microsoflontine.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638109542418457543.MzQ3NDgzZDMtMTIyOS00NzcwLTg3YTYtOGE5MGMzYjczNWU0MDMxMDQ2YmMtOTA3Yi00Y2I0LThjYjItY2ZkNzk4YzNhNjE1&ui_locales=en-GB&mkt=en-GB&state=BZGv9wyiUPC5Qmfv9YqtKQ6N0h-X7FB78c02N8RpHdsze2oLlbviIdgAX4N5Gzl8k-_SZ1dzVmLTYp3o3E3Qf2np0lOeyT_L7bcK8iLtKcD8_L_EAEywPM5YVmstZBseF9TE3S6cgYxdit-pmLrSpP-aYZBdH-CDIANk1ITp6TH4VYWSTuZrR4VwGM1Q--LvUP-mCjdZ8rELX2cDJxZiO-pvtUx9ak0gxCoe2zg8Nl4Galon9-8kEjbrHUzS-ep7O5f0gaGhpEWMJMNmc8oWGw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-encoding
gzip
content-md5
08+jyC0emxSDN3ISNv8tjA==
age
3787368
x-cache
HIT
content-length
13936
x-ms-lease-status
unlocked
last-modified
Sat, 17 Dec 2022 08:41:30 GMT
server
ECAcc (frc/4CA2)
etag
0x8DAE00A7EA38ACE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
37299d1c-301e-0034-41b6-14f450000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
15 KB
6 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CA8) /
Resource Hash
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-encoding
gzip
content-md5
4CzbHQsOMg8rU5bCeKMGlw==
age
6714310
x-cache
HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:11:58 GMT
server
ECAcc (frc/4CA8)
etag
0x8DAC745A6527E64
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5d06b220-a01e-0090-4017-fa99e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CDA) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
12156810
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/4CDA)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
6ea16e81-a01e-0059-5797-c8442d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CFE) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoflontine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 17:04:03 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
12156810
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/4CFE)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
ae58d853-b01e-0055-0597-c888ae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/
0
0

microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/
0
0

marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/
0
0

marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/
0
0

Me.htm
login.live.com/ Frame 06D2
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

13 Cookies

Domain/Path Name / Value
.microsoflontine.com/ Name: tnqK
Value: c87e209bed48e710b2dbed645a05bd61acdc704af4fe20bfd0f6209ebd1a4835
.login.microsoflontine.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrHqV8spa3_tUHIPEkLZ3HR8D4_MZDcN_MipN8I6squy3bRYCA-mv6CF0OfD88jsHo6H31VPdRAk6wXQLoINgiHiDCGsVQtiGoL87eV9auJid0bHLE1FQE8aZirK-LuTwiXt5XFhpyqWNGQ7hBQavxlU7EE1mTmk2QAiVpnIZDWkIgAA
login.microsoflontine.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoflontine.com/ Name: stsservicecookie
Value: estsfd
www.microsoflontine.com/ Name: OH.DCAffinity
Value: OH-suk
www.microsoflontine.com/ Name: OH.FLID
Value: a2f04f04-5f4e-4a41-bede-4def22ecc521
www.microsoflontine.com/ Name: .AspNetCore.OpenIdConnect.Nonce.gJ-L18WqkcZPG19rBZJIJp5cxfwQiQBx0tDYrMQvzeBWenTmvQjGwRIxFCcJjPA6U3W9AxlZBbavQ1Kz6iB3uZ8mieZRdo4O96Mz3EkQtCkZMC7pgGbbffgtHo-aCsSTaKmybPvQYxj847VtjfZWdsAdnq_svDCalmWmPQyYnlVCNpyHWU2W5pQXocvP2OUbvQJKj9w4-sQJjqaHLeO3sjfqccWZlv9fYjk-0JTlDgvKXzQ7dASxQ5bz3uwEVAj2
Value: N
www.microsoflontine.com/ Name: .AspNetCore.Correlation.DdmpYH0ZPa1_iotePbTVImLfrNyRigdAQyvDKqf6JYA
Value: N
.microsoflontine.com/ Name: MUID
Value: 21B8EC5DC75861A11291FEF1C683609B
.login.microsoflontine.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoflontine.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoflontine.com/ Name: buid
Value: 0.ASYAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevryUd0mffAofokLOAj8Jt5IpvUkTaHiqTF4cZFeMXh7omXYHSap8RHiRa2EM17VxWy6CRi4DkHDHYSDIJkuqJC5aPmroetiCdYJ18bXom1w48gAA
login.microsoflontine.com/ Name: fpc
Value: AuWq0UdwqcpMvwkMJ-8ECZW8Ae7AAQAAAALkbdsOAAAA