logincrosoftonline.com Open in urlscan Pro
172.67.220.236 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://logincrosoftonline.com/
Effective URL:
https://logincrosoftonline.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 26 via api (September 26th 2023, 9:51:05 am UTC) from AU — Scanned from AU

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 172.67.220.236, located in United States and belongs to CLOUDFLARENET, US. The main domain is logincrosoftonline.com.
TLS certificate: Issued by GTS CA 1P5 on September 25th 2023. Valid for: 3 months.

This is the only time logincrosoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.91.136 104.21.91.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.67.220.236 172.67.220.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

1 104.21.91.136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

logincrosoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.220.236 (United States)

ASN13335 (CLOUDFLARENET, US)

logincrosoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.3.184 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	logincrosoftonline.com 1 redirects logincrosoftonline.com	159 KB
3	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5309	23 KB
17	2

	Domain	Requested by
12	logincrosoftonline.com	1 redirects logincrosoftonline.com
3	challenges.cloudflare.com	logincrosoftonline.com challenges.cloudflare.com
17	2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
logincrosoftonline.com GTS CA 1P5	`2023-09-25` - `2023-12-24`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://logincrosoftonline.com/
Frame ID: 9993C210FA8C92F1D7385B5B94207C53
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bczyx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 03724B6397735B8526186FDD38C5E8E8
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8w6pj/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 64045DBAD6BDFC92520F98603A515478
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://logincrosoftonline.com/ HTTP 301
https://logincrosoftonline.com/ Page URL
https://logincrosoftonline.com/ Page URL

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

181 kB
Transfer

458 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://logincrosoftonline.com/ HTTP 301
https://logincrosoftonline.com/ Page URL
https://logincrosoftonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://logincrosoftonline.com/ HTTP 301
https://logincrosoftonline.com/

17 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

/ Show response
logincrosoftonline.com/
Redirect Chain

http://logincrosoftonline.com/
https://logincrosoftonline.com/

6 KB
5 KB

30ms
8ms

Document
text/html

172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logincrosoftonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2019c5b700528f725702b386084e5bb6d3644fdfa8ca4f58f436bd5ed246d49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 80ca9b1fe9a6aaea-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 26 Sep 2023 09:51:01 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkDO5kcPThwKcdkRsVqEV3rmWQ9qNBe2EvquwseTi47HlQ01KvZjBAxZn3hsg8UAvI6skQ5ueGme7ARhQfzig4oI9XKEEpfzDxGS8iYtpVM4ANWwu7MDTP1CLLhOwdIB5J9yS%2FztzkUq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 80ca9b1fae08a953-SYD
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 26 Sep 2023 09:51:01 GMT
Expires: Tue, 26 Sep 2023 10:51:01 GMT
Location: https://logincrosoftonline.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA79IZeC08oG0dWyjCpI%2BP5z0oWzwKZl3e5GaSS2G3Ra%2BixqLSZ1ItY7kSS4QILci5eZoEIDRVxLeM%2BHlPMa1cIfI3r%2F%2BBNu0PzwxxojaWnyu9TJCh3AWN2TpxBffuR4cfc5Mx39FO9H"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 challenges.css
logincrosoftonline.com/cdn-cgi/styles/ 6 KB
3 KB 4ms
3ms Stylesheet
text/css 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logincrosoftonline.com/cdn-cgi/styles/challenges.css

Requested by

Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
server: cloudflare
etag: W/"6511af19-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 80ca9b2049f2aaea-SYD
expires: Tue, 26 Sep 2023 11:51:01 GMT

GET
H2 200 v1 Show response
logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 167 KB
57 KB 13ms
13ms Script
application/javascript 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b1fe9a6aaea
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e9a1c3aa4cbafecd1b6ce5d555abba9a1dbd73bb2aeff46b1249b5d5b422e4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/?__cf_chl_rt_tk=7sKGKKijxUbT5MLgtZ7FESSQKnH4OmHuw5SHVQTG2xA-1695721861-0-gaNycGzNC9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhBDAI0nO6Si%2BgHNGDO2Ss7hQ4oc2p%2B7%2BsVl9%2B9VuCIh3IoKBInfjdoHXcDRRdth7P6Um3uF9uGxOJJi8r3ma858S7pdxI7Wdbs56WDWQT8%2FCHVsWONUPn2hnC%2B%2Bq0QQVQMT7GoQ7duE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80ca9b206a2caaea-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/ 33 KB
11 KB 372ms
51ms Script
application/javascript 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b1fe9a6aaea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.3.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da

Request headers

Referer
Origin: https://logincrosoftonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:01 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 80ca9b229b07a977-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 403 favicon.ico
logincrosoftonline.com/ 6 KB
6 KB 7ms
7ms Image
text/html 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logincrosoftonline.com/favicon.ico

Requested by

Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01431ed6418c3390b5b591359a6475bb6a93988f9b51ba1578e31848b36c3892

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIrM0X4LJFx6bCn9E3T44ih4EraExRu5FfHNaCXb5CetJz8l%2BdN7ifM5QLVTboHJf8WfqBN4VMEA4yMco3DNJS434Kl%2F7V20zFD2B6RAHTEGcchHk0BZYja2%2BPGy8X%2FaWAfjlPh8xZ9F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 80ca9b209a8baaea-SYD
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 1c147cd2-c6aa-4c96-82bd-66c318b95bbf
https://logincrosoftonline.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://logincrosoftonline.com/1c147cd2-c6aa-4c96-82bd-66c318b95bbf
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H2 200 2125ad4945ceb87 Show response
logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1446252277:1695719303:j0SmLcTjhHzpebd7i9qrcYw4XDFxokTPbFbURQGtRis/80ca9b1fe9a6aaea/ 11 KB
8 KB 33ms
32ms XHR
text/plain 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1446252277:1695719303:j0SmLcTjhHzpebd7i9qrcYw4XDFxokTPbFbURQGtRis/80ca9b1fe9a6aaea/2125ad4945ceb87
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b1fe9a6aaea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992efe1a8ca23e30d1c5632ff6e5e61dcd74b0c23d47a29d975350cb30934b30

Request headers

Referer: https://logincrosoftonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
CF-Challenge: 2125ad4945ceb87
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Sep 2023 09:51:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfLnr%2F0brZ2KAWuPRnObVWvdTJ8oklXc9ILCDTbW7NRHGHF8OwObnwEw5%2BG5W9yy2XiNZyrw%2F187qdpjC4zGwz3gRwpuSzhQvxY8WvESca6XoCEW57t4senzM0LhrU53zwvcUQnF0ZGy"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 80ca9b215b52aaea-SYD
alt-svc: h3=":443"; ma=86400
cf-chl-gen: CHc+GhryczWu58k+SxXxAnY1l9RACakg9JTRlflk7lmGZC2BB9MQPnGjCNAU9QGK$Sq7ntXfbOH0tgebPnOKDrw==

GET
H2 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bczyx/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 0372 0
0 327ms
17ms Document
text/html 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bczyx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80ca9b250aedaad8-SYD
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 09:51:01 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H2 200 2125ad4945ceb87 Show response
logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1446252277:1695719303:j0SmLcTjhHzpebd7i9qrcYw4XDFxokTPbFbURQGtRis/80ca9b1fe9a6aaea/ 2 KB
2 KB 18ms
17ms XHR
text/html 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1446252277:1695719303:j0SmLcTjhHzpebd7i9qrcYw4XDFxokTPbFbURQGtRis/80ca9b1fe9a6aaea/2125ad4945ceb87
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b1fe9a6aaea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23c4b57abad6ab4fa13f8e57eb290c0ea560e940143bb82e6eacc2682490e85

Request headers

Referer: https://logincrosoftonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
CF-Challenge: 2125ad4945ceb87
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: fqJYWqLYcgrjtN5DvRoIBr86ibwTXGY1mDXxO+a4yyki1I3absYbf2WSFPRHEeWE1AKhY+K8/sqOrH2B4Own9zukiI7UKumh/DNwjUhu9aY=$Py98Omh+Ni+lVY+5WJlBYA==
cf-chl-out-s: Q2ZnnlHg9BzTqCd427TgQEu8uIUoIZlY2XwkfXtOBhKeLG9YA1mCmZpdLsrYQxq+l4eN0lak+TEjVvt7NqijWPE7XPocIXXdel9/+SIohkT1lnRvhOn6xQFIsIV7j8bg0j8Z3ctGcrra4NoIbpdUWQ==$1kY5eCZEI7FIHNz8Qk8nEQ==
date: Tue, 26 Sep 2023 09:51:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgvj3m32VsZXmUfj7OEPcrQv9uT5MQi5jzGUEQ0XrqELdisVCJ%2B4Z1Fg7ZrJIHiCSSdG94hJGK8qiyjJTG2H9oTQSGps0uP%2F24bp%2Bb54c%2FRgoIOqxPrMcTAG7b%2BZ6xzitb2BNs%2BTK4vz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 80ca9b26ca72aaea-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 403 Primary Request / Show response
logincrosoftonline.com/ 6 KB
5 KB 10ms
9ms Document
text/html 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logincrosoftonline.com/

Requested by

Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b1fe9a6aaea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebcfc40cb96678677e3085a5a6f7b3c6735559491d45ec8a0dc4c1bcb83f8d1d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://logincrosoftonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 80ca9b338b11aaea-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 26 Sep 2023 09:51:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYIlRQbowDDDAPw1dcYcoufLIZ0o5tTueoqH9jGiYEnLIl7gfOUNlPffqI%2F%2B8KE9Pp9TtnZna4idbNral3vbHa7zSkTmYnlBMVT276Xnxq1hLxt7rMpSHidzQG1TBpYs7UnXi2lKQw46"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
logincrosoftonline.com/cdn-cgi/styles/ 6 KB
3 KB 4ms
4ms Stylesheet
text/css 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logincrosoftonline.com/cdn-cgi/styles/challenges.css

Requested by

Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
server: cloudflare
etag: W/"6511af19-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 80ca9b33ab2daaea-SYD
expires: Tue, 26 Sep 2023 11:51:04 GMT

GET
H2 200 v1 Show response
logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 164 KB
56 KB 13ms
13ms Script
application/javascript 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b338b11aaea
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd2c25086beed564b53706592ad606ff5b6ebc84f1db4b56886886c3c4b10ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/?__cf_chl_rt_tk=OnBP9cVj_ueHpG_WZTyeaT3DlyRXQIYCO4ssQiVKy70-1695721864-0-gaNycGzNCjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqsRrq8p9hwsQyw8am017qUFbReJ%2B4STq%2BtNIFyRRSgVC%2B44W62IdgQgorcftzMtT3VZ%2BG0iMQWQdgeiSWT1Hb5g0gPr4GeAIwckLDGGDfsIy9zIY2UCo%2FlFIxkzB5g2NvSMCQ%2FDxxf%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80ca9b33db5eaaea-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/ 33 KB
11 KB 23ms
23ms Script
application/javascript 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b338b11aaea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.3.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da

Request headers

Referer
Origin: https://logincrosoftonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:04 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 80ca9b340d87a977-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 403 favicon.ico
logincrosoftonline.com/ 6 KB
6 KB 7ms
7ms Image
text/html 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logincrosoftonline.com/favicon.ico

Requested by

Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30422d44ec317f69913be6b91367c7022f13f2bee1b758f534c9acbda8642e8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:51:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hITtsd8B52FvckanZnF4Bm3GbyJlMjbfotFLxboQA8G%2BXvAP94W%2B6%2BAJZHw7vczlp%2BErUSRXOjrjwJ4TcCQ61x36i5fYGKKdxmCnpLxX6J7AhRdoLdWmzyS0hKcRp05mXLscHXd72hd5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 80ca9b340b96aaea-SYD
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 91ae9115-3fb4-4a82-8988-daa668b15332
https://logincrosoftonline.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://logincrosoftonline.com/91ae9115-3fb4-4a82-8988-daa668b15332
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://logincrosoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H2 200 110f957b8bf5c70 Show response
logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1768102901:1695719351:bbAgFOGY7Y7pB9l4BYAB-5UsbA8k81cYrW3YaGK8xrU/80ca9b338b11aaea/ 11 KB
8 KB 23ms
22ms XHR
text/plain 172.67.220.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1768102901:1695719351:bbAgFOGY7Y7pB9l4BYAB-5UsbA8k81cYrW3YaGK8xrU/80ca9b338b11aaea/110f957b8bf5c70
Requested by: Host: logincrosoftonline.com
URL: https://logincrosoftonline.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=80ca9b338b11aaea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8233c7d6dee15bddd4bfc807b7034d77349da25ccaf1ed9594b196c1a7a0b028

Request headers

Referer: https://logincrosoftonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
CF-Challenge: 110f957b8bf5c70
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Sep 2023 09:51:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnRbdZqpZ9Mlkb%2BEgZrcrgDuV1lwb8IiCe63sYrWSXkwopSFy%2FxiByCcBHoDDh8ViGHXl5stxI1ZMa%2BWePtuJPCD0yj8lHRfSIA%2BesdPGorDoZbu854V8cHkq%2FD95MoP71NNEt2hd1Oo"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 80ca9b34dc79aaea-SYD
alt-svc: h3=":443"; ma=86400
cf-chl-gen: tjPkXehtu7ZMzUvzjvjoGaOvTvHx4eccHSjwTDlcg73IaIY/NqXoMbIZXhL23/iE$P91LEfAV4MdrdeqmwedOvA==

GET normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8w6pj/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 6404 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8w6pj/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			logincrosoftonline.com/	1970-01-20 15:02:05	Name: cf_chl_rc_m Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://logincrosoftonline.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://logincrosoftonline.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://logincrosoftonline.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://logincrosoftonline.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
logincrosoftonline.com
challenges.cloudflare.com
104.17.3.184
104.21.91.136
172.67.220.236
01431ed6418c3390b5b591359a6475bb6a93988f9b51ba1578e31848b36c3892
06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
30422d44ec317f69913be6b91367c7022f13f2bee1b758f534c9acbda8642e8c
60e9a1c3aa4cbafecd1b6ce5d555abba9a1dbd73bb2aeff46b1249b5d5b422e4
8233c7d6dee15bddd4bfc807b7034d77349da25ccaf1ed9594b196c1a7a0b028
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
992efe1a8ca23e30d1c5632ff6e5e61dcd74b0c23d47a29d975350cb30934b30
b23c4b57abad6ab4fa13f8e57eb290c0ea560e940143bb82e6eacc2682490e85
bfd2c25086beed564b53706592ad606ff5b6ebc84f1db4b56886886c3c4b10ce
d2019c5b700528f725702b386084e5bb6d3644fdfa8ca4f58f436bd5ed246d49
ebcfc40cb96678677e3085a5a6f7b3c6735559491d45ec8a0dc4c1bcb83f8d1d
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

logincrosoftonline.com Open in urlscan Pro 172.67.220.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

82 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

181 kBTransfer

458 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

8 Console Messages

Security Headers

Indicators

logincrosoftonline.com Open in urlscan Pro
172.67.220.236 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

181 kB
Transfer

458 kB
Size

1
Cookies

17 HTTP transactions
2 data transactions