urlscan.io logo urlscan.io
SecurityTrails logo

microsoftonline.logins-oms.tech Open in urlscan Pro
185.158.251.49  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/9vkEZ25kay?amp=1
Effective URL: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fab...
Submission: On October 06 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 70 HTTP transactions. The main IP is 185.158.251.49, located in Frankfurt am Main, Germany and belongs to SERVINGA, DE. The main domain is microsoftonline.logins-oms.tech.
TLS certificate: Issued by R3 on October 5th 2021. Valid for: 3 months.
This is the only time microsoftonline.logins-oms.tech was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 18.66.97.59 16509 (AMAZON-02)
1 2 31.214.157.208 58329 (RACKPLACE)
1 1 5.181.218.64 47583 (AS-HOSTINGER)
12 185.158.251.49 39378 (SERVINGA)
70 4
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
linkedin.com
www.linkedin.com
2    18.66.97.59 (United States)

ASN16509 (AMAZON-02, US)
applle.onelink.me
ovtlook.onelink.me
2    31.214.157.208 (Naaldwijk, Netherlands)

ASN58329 (RACKPLACE, DE)
home.xn--80apugd.com
1    5.181.218.64 (Germany)

ASN47583 (AS-HOSTINGER, CY)
xn--80asucf0d.com
12    185.158.251.49 (Frankfurt am Main, Germany)

ASN39378 (SERVINGA, DE)
www.logins-oms.tech
microsoftonline.logins-oms.tech
login-live.logins-oms.tech
vtdwxnorbavk6wf.logins-oms.tech
yufjgkacuo2bf11.logins-oms.tech
Domain Requested by
6 vtdwxnorbavk6wf.logins-oms.tech microsoftonline.logins-oms.tech
2 microsoftonline.logins-oms.tech www.logins-oms.tech
microsoftonline.logins-oms.tech
2 www.logins-oms.tech home.xn--80apugd.com
www.logins-oms.tech
2 home.xn--80apugd.com 1 redirects t.co
1 yufjgkacuo2bf11.logins-oms.tech vtdwxnorbavk6wf.logins-oms.tech
yufjgkacuo2bf11.logins-oms.tech
1 login-live.logins-oms.tech microsoftonline.logins-oms.tech
1 xn--80asucf0d.com 1 redirects
1 ovtlook.onelink.me 1 redirects
1 applle.onelink.me 1 redirects
1 www.linkedin.com 1 redirects
1 linkedin.com 1 redirects
1 t.co
0 11tpt2xmdu6a65w.logins-oms.tech Failed yufjgkacuo2bf11.logins-oms.tech
70 13

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
xn--80apugd.com
R3		 2021-09-25 -
2021-12-24		 3 months crt.sh
logins-oms.tech
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
Frame ID: C02608A324BB4F9B89C790C3A3F32899
Requests: 13 HTTP requests in this frame

Frame: https://yufjgkacuo2bf11.logins-oms.tech/Prefetch/Prefetch.aspx
Frame ID: A31DC0AD519F862B18F4E93D15CB06F8
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/9vkEZ25kay?amp=1 Page URL
  2. https://linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=X... HTTP 301
    https://www.linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=X... HTTP 303
    https://applle.onelink.me/OOkN/aeb1fbf4 HTTP 302
    https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple Page URL
  3. https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple HTTP 302
    https://ovtlook.onelink.me/wJCo/39726f4a?shortlink=aeb1fbf4&pid=Email&c=apple HTTP 302
    https://xn--80asucf0d.com/1/?list&shortlink=39726f4a&pid=my_media_source&c=apple HTTP 302
    https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shor... Page URL
  4. https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn... Page URL
  5. https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn... Page URL

Page Statistics

70
Requests

20 %
HTTPS

17 %
IPv6

6
Domains

13
Subdomains

4
IPs

3
Countries

526 kB
Transfer

1864 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/9vkEZ25kay?amp=1 Page URL
  2. https://linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=XtyK&trk HTTP 301
    https://www.linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=XtyK&trk HTTP 303
    https://applle.onelink.me/OOkN/aeb1fbf4 HTTP 302
    https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple Page URL
  3. https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple HTTP 302
    https://ovtlook.onelink.me/wJCo/39726f4a?shortlink=aeb1fbf4&pid=Email&c=apple HTTP 302
    https://xn--80asucf0d.com/1/?list&shortlink=39726f4a&pid=my_media_source&c=apple HTTP 302
    https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple Page URL
  4. https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple Page URL
  5. https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=XtyK&trk HTTP 301
  • https://www.linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=XtyK&trk HTTP 303
  • https://applle.onelink.me/OOkN/aeb1fbf4 HTTP 302
  • https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple
Request Chain 2
  • https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple HTTP 302
  • https://ovtlook.onelink.me/wJCo/39726f4a?shortlink=aeb1fbf4&pid=Email&c=apple HTTP 302
  • https://xn--80asucf0d.com/1/?list&shortlink=39726f4a&pid=my_media_source&c=apple HTTP 302
  • https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9vkEZ25kay
t.co/ 		483 B
563 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/9vkEZ25kay?amp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/9vkEZ25kay?amp=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 06 Oct 2021 21:57:16 GMT
vary
Origin
server
tsa_o
expires
Wed, 06 Oct 2021 22:02:16 GMT
set-cookie
muc=60af5900-2ca8-4a83-92f9-277ebd321570; Max-Age=63072000; Expires=Fri, 06 Oct 2023 21:57:16 GMT; Domain=t.co; Secure; SameSite=None
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
248
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-connection-hash
5d44434336beeb708b0cad9945250da45f117ceb2a737cbe49c8ce0757d70cc9
/
home.xn--80apugd.com/
Redirect Chain
  • https://linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=XtyK&trk
  • https://www.linkedin.com/redirect?url=https%3A%2F%2Fapplle%2Eonelink%2Eme%2FOOkN%2Faeb1fbf4&urlhash=XtyK&trk
  • https://applle.onelink.me/OOkN/aeb1fbf4
  • https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple
72 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple
Requested by
Host: t.co
URL: https://t.co/9vkEZ25kay?amp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.214.157.208 Naaldwijk, Netherlands, ASN58329 (RACKPLACE, DE),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
e3d2b407b2370e207ddacd6c54040c6cf16d2a1be9dbb7101b52858991741156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
home.xn--80apugd.com
:scheme
https
:path
/?shortlink=aeb1fbf4&pid=Email&c=apple
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/9vkEZ25kay?amp=1

Response headers

server
nginx/1.17.10
date
Wed, 06 Oct 2021 21:57:17 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

content-type
application/octet-stream
content-length
0
location
https://home.xn--80apugd.com?shortlink=aeb1fbf4&pid=Email&c=apple
date
Wed, 06 Oct 2021 21:57:17 GMT
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
n25arWFkNwKHKVpzaRxpwroqckZAmUJMyS4VbD45YwPbNFjyNlqwgw==
/
www.logins-oms.tech/b/dCnhcp/
Redirect Chain
  • https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple
  • https://ovtlook.onelink.me/wJCo/39726f4a?shortlink=aeb1fbf4&pid=Email&c=apple
  • https://xn--80asucf0d.com/1/?list&shortlink=39726f4a&pid=my_media_source&c=apple
  • https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
111 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Requested by
Host: home.xn--80apugd.com
URL: https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a7123c6a3f49766bd8da994cef37368d0cbc2944b68e428bca229896aa49a3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
www.logins-oms.tech
:scheme
https
:path
/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://home.xn--80apugd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://home.xn--80apugd.com/?shortlink=aeb1fbf4&pid=Email&c=apple

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Wed, 06 Oct 2021 21:57:19 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

x-powered-by
PHP/7.4.11
set-cookie
PHPSESSID=16fe773a1b6eb5bbeec4dad4be8a81f4; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
location
https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
content-type
text/html; charset=UTF-8
content-length
0
date
Wed, 06 Oct 2021 21:57:19 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
1; mode=block
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
/
www.logins-oms.tech/b/dCnhcp/ 		372 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Requested by
Host: www.logins-oms.tech
URL: https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.logins-oms.tech
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
content-length
308
:path
/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.logins-oms.tech
referer
https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 06 Oct 2021 21:57:19 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
login.srf
microsoftonline.logins-oms.tech/ 		435 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Requested by
Host: www.logins-oms.tech
URL: https://www.logins-oms.tech/b/dCnhcp/?list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bf911d4ac78a42ca094c0dbbb8823057ed6cfc7180fc75804262fa3863a07da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
microsoftonline.logins-oms.tech
:scheme
https
:path
/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.logins-oms.tech/
accept-encoding
gzip, deflate, br
cookie
__smso=Hq/pOVwjQBODrZCvhug4HA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logins-oms.tech/

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Wed, 06 Oct 2021 21:57:20 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache
pragma
no-cache
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
9c1fa80f-f234-44a8-a398-1c7e053ea700
x-ms-ests-server
2.1.12071.28 - NEULR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
access-control-allow-headers
*
set-cookie
fpc=ApxUY6r1V4VNqcg9AI6i0CY; expires=Fri, 11 Aug 2073 19:54:39 GMT; HttpOnly; Path=/; Secure stsservicecookie=estsfd; Path=/; Secure x-ms-gateway-slice=estsfd; Path=/; Secure
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
Primary Request login.srf
microsoftonline.logins-oms.tech/ 		480 KB
115 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
Requested by
Host: microsoftonline.logins-oms.tech
URL: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
13a2a8840426848967bae984f0a0055f9b01e6061a6bb05a6bf9fbc3231fc074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
microsoftonline.logins-oms.tech
:scheme
https
:path
/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple
accept-encoding
gzip, deflate, br
cookie
__smso=Hq/pOVwjQBODrZCvhug4HA==; fpc=ApxUY6r1V4VNqcg9AI6i0CY; stsservicecookie=estsfd; x-ms-gateway-slice=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Wed, 06 Oct 2021 21:57:20 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache
pragma
no-cache
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
9a57ccc6-f187-4006-ad46-1d1fe0c72400
x-ms-ests-server
2.1.12071.28 - WEULR2 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
access-control-allow-headers
*
set-cookie
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrgS9TZptD_ma4bq8ulMOvXMq449GEr_vQMdpAxZCeayZoHymadZd_PCIoRFWLhWe9n_-gE1S9rCPwhuzTaWTPmfGjQWwGjfv5q4T1u-mG5Z-Nhdwxx6Gt7HUuT8bJKy813dovCtOpu53zH_sEqelk4kjpN47UO_5M-PGDwPz3fjYgAA; HttpOnly; Path=/; Secure ExternalIdpStateHash=TV4grqSv4ZgC41GErwcPshYW0K8OISKDCwIR0dmPRBY; HttpOnly; Path=/; Secure buid=0.AQIAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrZ8c2Hkde-a2R6U472msLHt9OWsqTT87gkJOWA5Y_h6MFfnn0JFyNplRix3cVNs-AfCMzgPJW939IQ3NLAHvoFxadJcHQmAQ6K1mo_ljg-18gAA; expires=Fri, 11 Aug 2073 19:54:40 GMT; HttpOnly; Path=/; Secure fpc=ApxUY6r1V4VNqcg9AI6i0Ca4vjNwAQAAAMAS8NgOAAAA; expires=Fri, 11 Aug 2073 19:54:40 GMT; HttpOnly; Path=/; Secure stsservicecookie=estsfd; Path=/; Secure x-ms-gateway-slice=estsfd; Path=/; Secure
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
Me.htm
login-live.logins-oms.tech/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login-live.logins-oms.tech/Me.htm?v=3
Requested by
Host: microsoftonline.logins-oms.tech
URL: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
ConvergedLogin_PCore_K6sxFOiq5RA7iKp07WnW3g2.js
vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/js/ 		458 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/js/ConvergedLogin_PCore_K6sxFOiq5RA7iKp07WnW3g2.js
Requested by
Host: microsoftonline.logins-oms.tech
URL: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
316ebf1728db666236b2df64c60df509d444efde5a16eb6b89372d8100e579de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Oct 2021 21:57:21 GMT
content-encoding
gzip
x-azure-ref-originshield
0THhdYQAAAACskLlB26NyR7zyLbbxi5nRTE9OMjFFREdFMDEwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
x-azure-ref
0wRteYQAAAAAd/tzyGKwATKpo3iPrlvvURlJBRURHRTEwMDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 07:11:29 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bc88b592-d01e-0092-5399-ba8600000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Prefetch.aspx
yufjgkacuo2bf11.logins-oms.tech/Prefetch/ Frame A31D 		299 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yufjgkacuo2bf11.logins-oms.tech/Prefetch/Prefetch.aspx
Requested by
Host: vtdwxnorbavk6wf.logins-oms.tech
URL: https://vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/js/ConvergedLogin_PCore_K6sxFOiq5RA7iKp07WnW3g2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash
9f5eca4602e226f9c9f8f414bf60a47e6063e584c1d3469c4a65b1d5e4c8e2eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
yufjgkacuo2bf11.logins-oms.tech
:scheme
https
:path
/Prefetch/Prefetch.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://microsoftonline.logins-oms.tech/
accept-encoding
gzip, deflate, br
cookie
__smso=Hq/pOVwjQBODrZCvhug4HA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Wed, 06 Oct 2021 21:57:22 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache,no-store, no-cache
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge
access-control-allow-origin
*
access-control-allow-headers
*
set-cookie
p.PersID=5ce47153-4e46-45c8-b2bf-77ca21409b3f; expires=Thu, 09 Aug 2074 19:54:44 GMT; HttpOnly; Path=/; Secure s.SessID=1d506450-5f17-4ea5-83f4-b043402cf450; HttpOnly; Path=/; Secure s.cachemap=20; HttpOnly; Path=/; Secure x-portal-routekey=weu; HttpOnly; Path=/; Secure
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
converged.v2.login.min_lgjnfq3xbrj5zvj5ionvww2.css
vtdwxnorbavk6wf.logins-oms.tech/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vtdwxnorbavk6wf.logins-oms.tech/ests/2.1/content/cdnbundles/converged.v2.login.min_lgjnfq3xbrj5zvj5ionvww2.css
Requested by
Host: microsoftonline.logins-oms.tech
URL: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Oct 2021 21:57:22 GMT
content-encoding
gzip
x-azure-ref-originshield
0UCdcYQAAAABNfjKXpi3PTJYy5c2KtojCTE9OMjFFREdFMDIyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
x-azure-ref
0whteYQAAAAAfzm/5R72IQqaQ3Ba0uZMZRlJBRURHRTEwMTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Fri, 04 Jun 2021 23:48:31 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b10309a3-c01e-0077-369a-b9147d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_gehy6aj7foxflw5sgkgr-a2.js
vtdwxnorbavk6wf.logins-oms.tech/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vtdwxnorbavk6wf.logins-oms.tech/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_gehy6aj7foxflw5sgkgr-a2.js
Requested by
Host: microsoftonline.logins-oms.tech
URL: https://microsoftonline.logins-oms.tech/login.srf?__smso=Hq_pOVwjQBODrZCvhug4HA%3D%3D&list=https%3A%2F%2Fedition.cnn.com%2Fspecials%2Fabout-live-tv&shortlink=39726f4a&pid=my_media_source&c=apple&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Oct 2021 21:57:22 GMT
content-encoding
gzip
x-azure-ref-originshield
0iT5cYQAAAAAuM1RnFnWgQLAZYJMOaUiYTE9OMjFFREdFMDEwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
x-azure-ref
0whteYQAAAACF8hLoLVFJTrmAWtBXxy+kRlJBRURHRTEwMjEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Wed, 01 Sep 2021 17:28:59 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c3a10e43-401e-0083-7faa-b91d20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/images/backgrounds/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Oct 2021 21:57:22 GMT
x-azure-ref-originshield
0UydcYQAAAADSmKy1U4q8RofQqEQyIituTE9OMjFFREdFMDEyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
0x8D7B0071D86E386
x-azure-ref
0whteYQAAAAAfesqEVXYrT5v2jHYQTYK9RlJBRURHRTEwMjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
68948ffe-401e-0017-24c6-b9565f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Oct 2021 21:57:22 GMT
x-azure-ref-originshield
0gT5cYQAAAAC1US+dzEA1QKcliQehEhqoTE9OMjFFREdFMDEwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
0x8D79B8373CB2849
x-azure-ref
0whteYQAAAAAWDDx+OTVLQpvSA4PKc5koRlJBRURHRTEwMTcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d483bbd4-301e-0008-6dba-b96f62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtdwxnorbavk6wf.logins-oms.tech/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.158.251.49 Frankfurt am Main, Germany, ASN39378 (SERVINGA, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.logins-oms.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Oct 2021 21:57:22 GMT
x-azure-ref-originshield
06bRbYQAAAAAt9YnRTSXfT7vvqC2hr0LATE9OMjFFREdFMTUwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
nginx/1.18.0 (Ubuntu)
etag
0x8D8852A7FA6B761
x-azure-ref
0whteYQAAAABIM1FQND5lTIbWIFcmV0c6RlJBRURHRTEwMTgAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d21f65db-c01e-0033-2d7f-b86b64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
EmbeddedFonts.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
admin.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/admin/css/ Frame A31D 		0
0
O365ThemeDefault.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
MasterStyles15.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
MasterStyles15MVC.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
website.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
home.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
home15.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
AssistancePanel.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
conciergehelper.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
signup16.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/content/css/ Frame A31D 		0
0
adoption.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
commonhealthdashboard.css
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/ Frame A31D 		0
0
webcontrols.png
11tpt2xmdu6a65w.logins-oms.tech/images/ Frame A31D 		0
0
transparent.gif
11tpt2xmdu6a65w.logins-oms.tech/Images/ Frame A31D 		0
0
header_bg_signup_office.jpg
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
O365SharedClusteredImage.png
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
servicestatus.png
11tpt2xmdu6a65w.logins-oms.tech/images/ Frame A31D 		0
0
pagelayout_white_panel.jpg
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
pagelayout_mos_background_right.jpg
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
pagelayout_mos_background_left.jpg
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
pagelayout_nav_highlight.jpg
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
header_wizard_hl_mos.jpg
11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/ Frame A31D 		0
0
list_bullet_5x5.gif
11tpt2xmdu6a65w.logins-oms.tech/Images/ Frame A31D 		0
0
spinner_16x16_metro.gif
11tpt2xmdu6a65w.logins-oms.tech/images/ Frame A31D 		0
0
spinner_24x24_metro.gif
11tpt2xmdu6a65w.logins-oms.tech/images/ Frame A31D 		0
0
signup_ms_logo.png
11tpt2xmdu6a65w.logins-oms.tech/shell/images/ Frame A31D 		0
0
o365_gallatin_logo.png
11tpt2xmdu6a65w.logins-oms.tech/shell/images/ Frame A31D 		0
0
image1.jpg
11tpt2xmdu6a65w.logins-oms.tech/images/backgrounds/ Frame A31D 		0
0
arrow_staticup_16.png
11tpt2xmdu6a65w.logins-oms.tech/images/scrollbar/ Frame A31D 		0
0
arrow_staticdown_16.png
11tpt2xmdu6a65w.logins-oms.tech/images/scrollbar/ Frame A31D 		0
0
WebResource.axd
yufjgkacuo2bf11.logins-oms.tech/ Frame A31D 		0
0
MicrosoftAjaxCombined.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
jquery-1_10_2_min.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/jQuery/ Frame A31D 		0
0
HeadBundle.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
ControlBundle.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
AngularLib.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
AngularExtensions.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
AdminBootstrap.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
AdminApp.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
mscorlib.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
ListGrid.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ Frame A31D 		0
0
PeoplePicker.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ Frame A31D 		0
0
ProductKeyControl.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ Frame A31D 		0
0
GridView.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ Frame A31D 		0
0
NetPerf.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
SearchBox.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
PasswordStrengthMeter.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
HIPControl.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ Frame A31D 		0
0
GeminiWizard.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ Frame A31D 		0
0
WebUIValidation.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
WebTrends.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
WebTrendsStream.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/ Frame A31D 		0
0
home.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/js/ Frame A31D 		0
0
reporting.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/js/ Frame A31D 		0
0
AssistancePanel.js
11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/js/ Frame A31D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/EmbeddedFonts.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/admin/css/admin.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/O365ThemeDefault.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/MasterStyles15.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/MasterStyles15MVC.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/website.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/home.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/home15.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/AssistancePanel.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/conciergehelper.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/content/css/signup16.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/adoption.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/css/commonhealthdashboard.css
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/webcontrols.png
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Images/transparent.gif
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/header_bg_signup_office.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/O365SharedClusteredImage.png
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/servicestatus.png
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/pagelayout_white_panel.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/pagelayout_mos_background_right.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/pagelayout_mos_background_left.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/pagelayout_nav_highlight.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Shell/Images/header_wizard_hl_mos.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/Images/list_bullet_5x5.gif
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/spinner_16x16_metro.gif
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/spinner_24x24_metro.gif
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/shell/images/signup_ms_logo.png
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/shell/images/o365_gallatin_logo.png
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/backgrounds/image1.jpg
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/scrollbar/arrow_staticup_16.png
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/images/scrollbar/arrow_staticdown_16.png
Domain
yufjgkacuo2bf11.logins-oms.tech
URL
https://yufjgkacuo2bf11.logins-oms.tech/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=637671127727475437
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/MicrosoftAjaxCombined.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/jQuery/jquery-1_10_2_min.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/HeadBundle.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/ControlBundle.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/AngularLib.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/AngularExtensions.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/AdminBootstrap.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/AdminApp.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/mscorlib.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ListGrid.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/PeoplePicker.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/ProductKeyControl.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/GridView.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/NetPerf.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/SearchBox.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/PasswordStrengthMeter.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JSC/HIPControl.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/WebControls/JS/GeminiWizard.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/WebUIValidation.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/WebTrends.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/JS/WebTrendsStream.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/js/home.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/js/reporting.js
Domain
11tpt2xmdu6a65w.logins-oms.tech
URL
https://11tpt2xmdu6a65w.logins-oms.tech/2021.9.30.1/de-DE/js/AssistancePanel.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 60af5900-2ca8-4a83-92f9-277ebd321570
.www.linkedin.com/ Name: JSESSIONID
Value: ajax:2927315756333529130
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.linkedin.com/ Name: bcookie
Value: "v=2&7caab6b2-0671-470a-80f6-41357bebd9fd"
.www.linkedin.com/ Name: bscookie
Value: "v=1&2021100621571708f49bad-bbd0-4b51-8e22-23cecd20c168AQFxlueVwodMyuPMhVzJE24FOD78LRE8"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzM1NTc0Mzc7MjswMjEpJFyllqpUKWSrvWtSdPYN+wGHdQoo7Zf77zWUDUK24Q==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2550:u=1:x=1:i=1633557437:t=1633643837:v=2:sig=AQGjwI_XG5HM2kDUyMDn9THEmivmwC0u"
.xn--80apugd.com/ Name: __6ClM
Value: VHFJ0bNpRJC_Nsx0mnrsGA==
xn--80asucf0d.com/ Name: PHPSESSID
Value: 16fe773a1b6eb5bbeec4dad4be8a81f4
.logins-oms.tech/ Name: __smso
Value: Hq/pOVwjQBODrZCvhug4HA==
microsoftonline.logins-oms.tech/ Name: stsservicecookie
Value: estsfd
microsoftonline.logins-oms.tech/ Name: x-ms-gateway-slice
Value: estsfd
.microsoftonline.logins-oms.tech/ Name: AADSSO
Value: NA|NoExtension
microsoftonline.logins-oms.tech/ Name: SSOCOOKIEPULLED
Value: 1
microsoftonline.logins-oms.tech/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrgS9TZptD_ma4bq8ulMOvXMq449GEr_vQMdpAxZCeayZoHymadZd_PCIoRFWLhWe9n_-gE1S9rCPwhuzTaWTPmfGjQWwGjfv5q4T1u-mG5Z-Nhdwxx6Gt7HUuT8bJKy813dovCtOpu53zH_sEqelk4kjpN47UO_5M-PGDwPz3fjYgAA
microsoftonline.logins-oms.tech/ Name: ExternalIdpStateHash
Value: TV4grqSv4ZgC41GErwcPshYW0K8OISKDCwIR0dmPRBY
microsoftonline.logins-oms.tech/ Name: buid
Value: 0.AQIAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrZ8c2Hkde-a2R6U472msLHt9OWsqTT87gkJOWA5Y_h6MFfnn0JFyNplRix3cVNs-AfCMzgPJW939IQ3NLAHvoFxadJcHQmAQ6K1mo_ljg-18gAA
microsoftonline.logins-oms.tech/ Name: fpc
Value: ApxUY6r1V4VNqcg9AI6i0Ca4vjNwAQAAAMAS8NgOAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0