l0g1n-micros.oftonlineportal.com Open in urlscan Pro
2606:4700:20::681a:c19  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://olesren.com/ Page URL
2. https://l0g1n-micros.oftonlineportal.com/o365 Page URL
3. https://l0g1n-micros.oftonlineportal.com/o365 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ olesren.com/	1 KB 906 B	697ms 606ms	Document text/html	20.13.162.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://olesren.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.13.162.148 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 14 Dec 2023 05:34:37 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	403	o365 Show response l0g1n-micros.oftonlineportal.com/	17 KB 11 KB	57ms 24ms	Document text/html	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/o365 Requested by Host: olesren.com URL: https://olesren.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cb4f9e108a3ba43b828c23fca721a35cc04972382d9cad8dd8905b0b6bad7e0 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://olesren.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 8354142dbd78bbc7-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 14 Dec 2023 05:34:37 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06ZA%2FCmmuTS65f1UPEhmT4dez%2F4trjz6O8T7D%2Ft5PWzB9oI3S5nqF3ORZZpFcMa6p9NhAAo2SSOKvxNf82xu62jpTdfL84CzRQPrHczT%2BtBC6cw0CfQyaO0EzBOEvXN%2FrklpkhA4ikHphmcTYQwcjjs0I1mc9drzugBuAAAG"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	162 KB 55 KB	25ms 25ms	Script application/javascript	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8354142dbd78bbc7 Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/o365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0516cf9518c41a529dc3cb64f1fc6c3e7328029b2f7561d8a6a15ad63f661d32 Request headers accept-language de-DE,de;q=0.9 Referer https://l0g1n-micros.oftonlineportal.com/o365?__cf_chl_rt_tk=RBz3cp9o6l3f73jZaRNVzHVAjfYrxrBV9iD2ps1Tx3I-1702532077-0-gaNycGzNDTs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 05:34:37 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyCpca5ZSo6uzL2a621VtBd%2B6GzQzpJBOS1Fqask6EzXqG54xGUSzM9uaOorE%2BYpXEKMqN0yE1naoIftEFqLQmxLvz2tKjTVXh1ACGhsRl74DLYdxZIPyF0FHSJrWEbY%2BLH7hviYIf9KMPPK8BsyO4ev4ZuDORtJlZn2Pm10"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8354142e0da8bbc7-FRA
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19a51d37dd843e660b4948d020adb1b03ef30f82d1009ac948202193d16e52aa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/56d3063b/	33 KB 11 KB	62ms 32ms	Script application/javascript	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8354142dbd78bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7 Request headers Referer Origin https://l0g1n-micros.oftonlineportal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 05:34:37 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 8354142e7b8a9165-FRA alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	00623ae2-20b8-4e8e-b584-97d9231d239e https://l0g1n-micros.oftonlineportal.com/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://l0g1n-micros.oftonlineportal.com/00623ae2-20b8-4e8e-b584-97d9231d239e Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/o365 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://l0g1n-micros.oftonlineportal.com/o365 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H2	200	29a01767022b7ba Show response l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/385378999:1702527663:cF8Ebup5_cHtM8p1WCwqyFpGTzQRQVJhnTHlBcpyQoI/8354142dbd78bbc7/	12 KB 10 KB	42ms 42ms	XHR text/plain	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/385378999:1702527663:cF8Ebup5_cHtM8p1WCwqyFpGTzQRQVJhnTHlBcpyQoI/8354142dbd78bbc7/29a01767022b7ba Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8354142dbd78bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f13e398bedb89258ab6c736436fa6aebcd8b853d87a5c11979e228ce8efe10a8 Request headers Referer https://l0g1n-micros.oftonlineportal.com/o365 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 CF-Challenge 29a01767022b7ba Content-type application/x-www-form-urlencoded Response headers date Thu, 14 Dec 2023 05:34:37 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz3zi%2FwY0msTLJrAEqVFiLKMVYO70gFK4dLJR8v99%2FvCrEFZNoF7hhQgFyG5yCM3vyl9%2FFg3XypC%2FD6PUasy%2B34jCOWBhK%2BjR19tky%2BPT7ID6%2FUez840EZHGkzkymiVNoLhEGWhmnMoqmi2SSzxG3cJ28F0JFVzNdKL9hZ2k"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 8354142eee58bbc7-FRA cf-chl-gen nxrmKERNhRPNBZfyccovS7sZC5KKJ3HwbVExb9h0yRRWj95dcU7VjyJawTNepC3r$vfi1BvAIYgKCJtjJRVhrSw==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oocnu/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame DE07	0 0	41ms 24ms	Document text/html	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oocnu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8354142f5d683a76-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 05:34:37 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H2	200	29a01767022b7ba Show response l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/385378999:1702527663:cF8Ebup5_cHtM8p1WCwqyFpGTzQRQVJhnTHlBcpyQoI/8354142dbd78bbc7/	2 KB 2 KB	38ms 37ms	XHR text/html	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/385378999:1702527663:cF8Ebup5_cHtM8p1WCwqyFpGTzQRQVJhnTHlBcpyQoI/8354142dbd78bbc7/29a01767022b7ba Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8354142dbd78bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74afa292e8f0899ab8e1ffd868340b5d0ac2d22a75e503172d4c02f848513a91 Request headers Referer https://l0g1n-micros.oftonlineportal.com/o365 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 CF-Challenge 29a01767022b7ba Content-type application/x-www-form-urlencoded Response headers cf-chl-out Du00aXWoMZlvrtUa9vNIYYmX0mHPG2VodatgPi23yuCMPGbQLLNfQ47NFNRpC8okbzuOaLV0p8JHUtO0EfQBRtx5di7SZFEsMNpVauI2o9A=$F80GFRcFv0pn699hLvZnZQ== cf-chl-out-s 9Y5oaNSV+kEBpvd4f/ZC3o5r/LlRcfoh5W+8pZd8MaLQeBy53BAtHVjWr4GRUb9vFB2Op5dO9clOZza0DOionw==$xGNMfz+whhDvrEsdaiZ+6A== date Thu, 14 Dec 2023 05:34:38 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvF%2BEYuFEAe388B8aElwNwK2bhYTwsjNPd0idWd%2Ff%2Fzkr8RVUt4ByhDH3iw9RMu1%2FvJbAGgJUiA3xUjxWfdmbYPa1pKCRzTHU3JOWihh2ykiGu2zXPH7FTPObZh19OWTEmYj5PR5HNYjQEYujEQ6D1SsBVAJE%2BWxijRxYWEh"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8354143158d6bbc7-FRA
GET H2	403	Primary Request o365 Show response l0g1n-micros.oftonlineportal.com/	16 KB 10 KB	18ms 18ms	Document text/html	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/o365 Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8354142dbd78bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07a3b1f636dbeedc1b66c9cad03432c741717ac5e958db871308c37b7ff3db40 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://l0g1n-micros.oftonlineportal.com/o365 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 835414410ef8bbc7-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 14 Dec 2023 05:34:40 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JAg6%2Fq%2FJcc5Oxx8Fz7K%2Fp3z8GmuRIaB6wCcDn3dSSHgsKQ8XU%2B3%2BrR%2Bkz%2BU3%2B9xWwGAyCl%2Bw6ISYPPRlM%2BnwN32S0D%2BauPVnaab5ZwDI7wKJgEx7JcXLUF7PN%2FKc8PoK4sZ0j2yS5xzKGcra0K0xfAiWPqa2Emg3Wwy9K%2B8"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	164 KB 55 KB	22ms 22ms	Script application/javascript	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=835414410ef8bbc7 Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/o365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c5c8c5d517e28fdca95ecfcc1bcb5b420bf3c91448f5e2ffc926be34e1c837d Request headers accept-language de-DE,de;q=0.9 Referer https://l0g1n-micros.oftonlineportal.com/o365?__cf_chl_rt_tk=0kYjZrwj7PkWD_Yf2aKBR610GTS_ZB8LYcIBTghc57E-1702532080-0-gaNycGzNCjs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 05:34:40 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBHSlwNEPe57LKBoi6hWfyUEcM6DpXSSL81eD%2BKEmPOKjNuCYPNREIWAlM3%2BND9W7boOn5wT%2BFFhglZzTgT1M6xCDKv7w8HKR0qw9BoeQcW%2F8%2FHLAYXtLzBcjAXPT3ZJ0jlVN%2Bxrc85qM7e%2BOvHWRHOwp8wOdyx7qB40S9Vw"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 835414413f56bbc7-FRA
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19a51d37dd843e660b4948d020adb1b03ef30f82d1009ac948202193d16e52aa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/56d3063b/	33 KB 11 KB	34ms 34ms	Script application/javascript	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=835414410ef8bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7 Request headers Referer Origin https://l0g1n-micros.oftonlineportal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 05:34:40 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 835414417cde9165-FRA alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	7a72b7ea-3e68-4a48-9578-c48d7266b7ad https://l0g1n-micros.oftonlineportal.com/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://l0g1n-micros.oftonlineportal.com/7a72b7ea-3e68-4a48-9578-c48d7266b7ad Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/o365 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://l0g1n-micros.oftonlineportal.com/o365 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H2	200	d2f9f94472d8e7b Show response l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/702769486:1702527673:Om2Lq-rmDmTb6xnsp-tkokOhLJ_2QGfFmRu6kBgIFMM/835414410ef8bbc7/	12 KB 10 KB	31ms 30ms	XHR text/plain	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/702769486:1702527673:Om2Lq-rmDmTb6xnsp-tkokOhLJ_2QGfFmRu6kBgIFMM/835414410ef8bbc7/d2f9f94472d8e7b Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=835414410ef8bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b1f2e0fae5a06ef5fafd2ffb34933de4677c96699949a66c9ca5244c17bfb42 Request headers Referer https://l0g1n-micros.oftonlineportal.com/o365 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 CF-Challenge d2f9f94472d8e7b Content-type application/x-www-form-urlencoded Response headers date Thu, 14 Dec 2023 05:34:41 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzY%2F%2BMuj%2FjEEJubSag1NAPpsKRuiKTnMJ6vfVhJaQD%2Fhiybn2dlU2FC7FK7EBofe%2Fo0UUNaWkSwSX6jjeByA59ydXqEzDcci9fG%2BsJy9N70%2BhcmgE1JnjywDDa%2FBjEzsjiLfp0LSPG44DGYLOPeH4%2BpzlSS9MY2PulGulaKV"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 835414422810bbc7-FRA cf-chl-gen UDJcGbKU3Fy3Wb6DJuqAHyc7P+gcboMz4fEn1/yZ++NTvpPyyK5jmTM61leiyuHL$IVTpM8qGvrVkRD0qnqchtQ==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/nq525/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 5D4B	0 0	34ms 34ms	Document text/html	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/nq525/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 835414427eba3a76-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 05:34:41 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H2	200	d2f9f94472d8e7b Show response l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/702769486:1702527673:Om2Lq-rmDmTb6xnsp-tkokOhLJ_2QGfFmRu6kBgIFMM/835414410ef8bbc7/	2 KB 2 KB	25ms 25ms	XHR text/html	2606:4700:20::681a:c19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/flow/ov1/702769486:1702527673:Om2Lq-rmDmTb6xnsp-tkokOhLJ_2QGfFmRu6kBgIFMM/835414410ef8bbc7/d2f9f94472d8e7b Requested by Host: l0g1n-micros.oftonlineportal.com URL: https://l0g1n-micros.oftonlineportal.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=835414410ef8bbc7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64f619bb1077ecda52ecdec0a6428427541dc4392397e27f16e083f7fe2dfc4c Request headers Referer https://l0g1n-micros.oftonlineportal.com/o365 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 CF-Challenge d2f9f94472d8e7b Content-type application/x-www-form-urlencoded Response headers cf-chl-out UTxtaAkwz+W9f7sFzjhGzFrTBKEYeIX2GG/kZ/H1p78H4EyFAT3++SRTPev0jWj6suUFBl3Rg5R6X8QILVmDEHbmdcjSPonIKJeAx5T1kE0=$C6XZM1Zc55+p1fhYLDlHBA== cf-chl-out-s kZb8az+6YzQo938mG3dI1M7hF4sKIJKGjzjG0N4C0Vlsalp3iN8T1zH1lqf2GuSIkdnKFf9YOrTK1MdvwKunGaXn+SGcM3b5FgAISJnXHesrPZDH+INlZTMd96PNoXUgA8qWPywE85e/BmHEbc17FfaWeDp0iwexdD0AzySDSWYGCWkCo3D2PHLeO86XzJlD$yu9qwvsY1/gXt1nPreM1+Q== date Thu, 14 Dec 2023 05:34:41 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URYsvRXHF43U6iPvc2e%2FlN04F3QzJ8os8xeh0E25okVv%2F1oHEavzq8tMzkuZ1GyXhEFMFvfS0fQlKXlfbqIv9kdKmIdBUj2CpJopiM3UUnCNPHDwL5T7iAUR2lzTM8%2Byw5HX20%2FXa3WbACc2k%2BTJO2SxqqkufBnBbw0YDi5B"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 83541443d968bbc7-FRA

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt function| CUdK8 boolean| ZULgT7 function| mvyCA0 function| wGYW8 function| hlzyA6 function| vXWd6 object| sDHjJi8 function| lCYJu2 function| uAOSyxDlHS object| nWgH4 object| turnstile boolean| yMFKo6 string| Rfbpq3

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			l0g1n-micros.oftonlineportal.com/	1970-01-20 16:55:35	Name: cf_chl_rc_m Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://l0g1n-micros.oftonlineportal.com/o365 Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://l0g1n-micros.oftonlineportal.com/o365 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
l0g1n-micros.oftonlineportal.com
olesren.com
20.13.162.148
2606:4700:20::681a:c19
2606:4700::6811:3b8
0516cf9518c41a529dc3cb64f1fc6c3e7328029b2f7561d8a6a15ad63f661d32
07a3b1f636dbeedc1b66c9cad03432c741717ac5e958db871308c37b7ff3db40
19a51d37dd843e660b4948d020adb1b03ef30f82d1009ac948202193d16e52aa
2c5c8c5d517e28fdca95ecfcc1bcb5b420bf3c91448f5e2ffc926be34e1c837d
2cb4f9e108a3ba43b828c23fca721a35cc04972382d9cad8dd8905b0b6bad7e0
5b1f2e0fae5a06ef5fafd2ffb34933de4677c96699949a66c9ca5244c17bfb42
64f619bb1077ecda52ecdec0a6428427541dc4392397e27f16e083f7fe2dfc4c
74afa292e8f0899ab8e1ffd868340b5d0ac2d22a75e503172d4c02f848513a91
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7
f13e398bedb89258ab6c736436fa6aebcd8b853d87a5c11979e228ce8efe10a8