urlscan.io logo urlscan.io
SecurityTrails logo

microsoftonline.jiyt.xyz Open in urlscan Pro
179.43.187.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dasbboard.hndk.xyz/
Effective URL: https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On February 28 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 179.43.187.167, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is microsoftonline.jiyt.xyz.
TLS certificate: Issued by R3 on February 22nd 2022. Valid for: 3 months.
This is the only time microsoftonline.jiyt.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 92.204.160.51 29066 (VELIANET-...)
2 9 179.43.187.167 51852 (PLI-AS)
14 3
Domain Requested by
4 microsoftonline.jiyt.xyz 1 redirects www.jiyt.xyz
microsoftonline.jiyt.xyz
2 www.jiyt.xyz www.jiyt.xyz
2 dasbboard.hndk.xyz dasbboard.hndk.xyz
1 7cbhhqz5y2adesh.jiyt.xyz microsoftonline.jiyt.xyz
7cbhhqz5y2adesh.jiyt.xyz
1 login-live.jiyt.xyz microsoftonline.jiyt.xyz
1 p4xudp6jp3myigh.jiyt.xyz 1 redirects
14 6

This site contains no links.

Subject Issuer Validity Valid
hndk.xyz
R3		 2022-02-22 -
2022-05-23		 3 months crt.sh
jiyt.xyz
R3		 2022-02-22 -
2022-05-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Frame ID: FA22610F7BA74A4DA7999304B5EDB49F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://dasbboard.hndk.xyz/ Page URL
  2. https://dasbboard.hndk.xyz/ Page URL
  3. https://www.jiyt.xyz/b/wees/ Page URL
  4. https://microsoftonline.jiyt.xyz/login.srf?__smso=_0XWpMHoSDu6VJunmKt0EQ%3D%3D HTTP 302
    https://p4xudp6jp3myigh.jiyt.xyz/login HTTP 302
    https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
  5. https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

14
Requests

64 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

3
IPs

2
Countries

398 kB
Transfer

1482 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dasbboard.hndk.xyz/ Page URL
  2. https://dasbboard.hndk.xyz/ Page URL
  3. https://www.jiyt.xyz/b/wees/ Page URL
  4. https://microsoftonline.jiyt.xyz/login.srf?__smso=_0XWpMHoSDu6VJunmKt0EQ%3D%3D HTTP 302
    https://p4xudp6jp3myigh.jiyt.xyz/login HTTP 302
    https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Page URL
  5. https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://microsoftonline.jiyt.xyz/login.srf?__smso=_0XWpMHoSDu6VJunmKt0EQ%3D%3D HTTP 302
  • https://p4xudp6jp3myigh.jiyt.xyz/login HTTP 302
  • https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dasbboard.hndk.xyz/ 		72 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dasbboard.hndk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.204.160.51 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
b61c057a26b2ca9f76f1e6adff6d7474b7423f824950e8e3be693cb9dc9193ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.17.10
date
Mon, 28 Feb 2022 03:21:10 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
/
dasbboard.hndk.xyz/ 		403 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dasbboard.hndk.xyz/
Requested by
Host: dasbboard.hndk.xyz
URL: https://dasbboard.hndk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.204.160.51 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
564e2d8459f9581f7a76e59ea9419e84b361c441089c637da38f06158533a02a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dasbboard.hndk.xyz/

Response headers

server
nginx/1.17.10
date
Mon, 28 Feb 2022 03:21:11 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
/
www.jiyt.xyz/b/wees/ 		111 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jiyt.xyz/b/wees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
ad760c05d9bb539f6e7065bd2b9565053d14e24ec5e9960822d7a3d5376e408f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dasbboard.hndk.xyz/

Response headers

server
nginx/1.17.10
date
Mon, 28 Feb 2022 03:21:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
/
www.jiyt.xyz/b/wees/ 		209 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.jiyt.xyz/b/wees/
Requested by
Host: www.jiyt.xyz
URL: https://www.jiyt.xyz/b/wees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.jiyt.xyz/b/wees/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 28 Feb 2022 03:21:11 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.17.10
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
authorize
microsoftonline.jiyt.xyz/common/oauth2/v2.0/
Redirect Chain
  • https://microsoftonline.jiyt.xyz/login.srf?__smso=_0XWpMHoSDu6VJunmKt0EQ%3D%3D
  • https://p4xudp6jp3myigh.jiyt.xyz/login
  • https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_...
438 KB
120 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
Requested by
Host: www.jiyt.xyz
URL: https://www.jiyt.xyz/b/wees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
0d0e91980d7289c08eec64b55fb81c798f4c424b3aab46bfdb7588d0b91e5afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.jiyt.xyz/

Response headers

server
nginx/1.17.10
date
Mon, 28 Feb 2022 03:21:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache
pragma
no-cache
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
76140e20-d4ac-4b1b-a356-ebb501086800
x-ms-ests-server
2.1.12470.13 - NEULR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx/1.17.10
date
Mon, 28 Feb 2022 03:21:12 GMT
content-type
text/html; charset=utf-8
location
https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
vary
Accept-Encoding
request-context
appId=
referrer-policy
strict-origin-when-cross-origin
x-ua-compatible
IE=edge,chrome=1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 0788B141402246E6B0679D7D6DEC3169 Ref B: AM3EDGE0114 Ref C: 2022-02-28T03:21:12Z
access-control-allow-origin
*
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
reportbssotelemetry
microsoftonline.jiyt.xyz/common/instrumentation/ 		264 B
1009 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.jiyt.xyz/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1800&client-request-id=9e691afe-602e-4371-aff7-13def69fcd42&hpgrequestid=76140e20-d4ac-4b1b-a356-ebb501086800
Requested by
Host: microsoftonline.jiyt.xyz
URL: https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Feb 2022 03:21:13 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.10
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5c019eb0-8bee-4744-81b5-259cdb6d6500
cache-control
no-store, no-cache
access-control-allow-headers
*
x-ms-ests-server
2.1.12470.13 - WEULR1 ProdSlices
Primary Request authorize
microsoftonline.jiyt.xyz/common/oauth2/v2.0/ 		488 KB
117 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Requested by
Host: microsoftonline.jiyt.xyz
URL: https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
fd14678f37c95a865c1597beff7a91026694a5a7c6c757810887206b5fd90c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0

Response headers

server
nginx/1.17.10
date
Mon, 28 Feb 2022 03:21:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache
pragma
no-cache
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
d8011b12-0b49-4c9a-ad9e-9e87de847a00
x-ms-ests-server
2.1.12507.17 - NEULR2 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
Me.htm
login-live.jiyt.xyz/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login-live.jiyt.xyz/Me.htm?v=3
Requested by
Host: microsoftonline.jiyt.xyz
URL: https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.jiyt.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ConvergedLogin_PCore_mL1KpJTlAoziLEN8zBvxOw2.js
7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/js/ 		371 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/js/ConvergedLogin_PCore_mL1KpJTlAoziLEN8zBvxOw2.js
Requested by
Host: microsoftonline.jiyt.xyz
URL: https://microsoftonline.jiyt.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fp4xudp6jp3myigh.jiyt.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637816152724550610.OTE0MDI5MGEtZmFiZi00MTFjLWFkY2UtMDEyMTgxNDdmZDc1NmQ0OTJhNzgtOWE2MS00NjM5LThhMmEtMDRlY2IwMGZmZDJk&ui_locales=de-DE&mkt=de-DE&state=kRaSUMyFWin4dVJyQUezGEFGWwwBQXsWpwqZrAjOvtQQ8C40BcTWPGJrm83xEh8SOQLQ7Xv7w6d2R86jdydy59uHFGpOJoCvifMoqrYxQylS-1YR6gmlVXWQ1PLtxV8rm3CwWBi0qawzKoU-gIFiciwRA7GA_b5EGmy3xWQXTn9gptJoQy4YRaLSrRlW3V1N2ClujR2fodA6-vPtNbU5wU5neC1HHwEOK43aMSr62mo_H-PE0DMq5Bufnx4P-e3c127CZ9sQUo4Ac70oikyR6A&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.187.167 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
baccaae8dad50dd46720b44af050c76a19e6af1e4685db93bff6aedd3bef3182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoftonline.jiyt.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 03:21:14 GMT
content-encoding
gzip
x-azure-ref-originshield
0MBsZYgAAAABCfw2Nv56WTZApRKWU+7efQU1TMDRFREdFMTgwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-cache
TCP_HIT
x-azure-ref
0qj8cYgAAAACczaiEhcntR7GIj6LcpdENRlJBRURHRTEwMjAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-lease-status
unlocked
last-modified
Mon, 31 Jan 2022 08:22:07 GMT
server
nginx/1.17.10
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aa29f4e6-101e-0062-654e-2a2355000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
7cbhhqz5y2adesh.jiyt.xyz/ests/2.1/content/cdnbundles/ 		0
0
ux.converged.login.strings-de.min_96wm4pc-8vb7qq2_jvww2w2.js
7cbhhqz5y2adesh.jiyt.xyz/ests/2.1/content/cdnbundles/ 		0
0
convergedlogin_pfetchsessionsprogress_da32c2056c9ded01d75f.js
7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/js/asyncchunk/ 		0
0
marching_ants_white_166de53471265253ab3a456defe6da23.gif
7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/images/ 		0
0
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
7cbhhqz5y2adesh.jiyt.xyz
URL
https://7cbhhqz5y2adesh.jiyt.xyz/ests/2.1/content/cdnbundles/converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
Domain
7cbhhqz5y2adesh.jiyt.xyz
URL
https://7cbhhqz5y2adesh.jiyt.xyz/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_96wm4pc-8vb7qq2_jvww2w2.js
Domain
7cbhhqz5y2adesh.jiyt.xyz
URL
https://7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_da32c2056c9ded01d75f.js
Domain
7cbhhqz5y2adesh.jiyt.xyz
URL
https://7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Domain
7cbhhqz5y2adesh.jiyt.xyz
URL
https://7cbhhqz5y2adesh.jiyt.xyz/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

14 Cookies

Domain/Path Name / Value
.hndk.xyz/ Name: __aUOM
Value: f1UCq7j0SOeC_uNyb2B1vA==
.jiyt.xyz/ Name: __smso
Value: /0XWpMHoSDu6VJunmKt0EQ==
microsoftonline.jiyt.xyz/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevri9Ub_TD_BvD6zDZczWnWz9TsIWfH6fALUy3N2X3vk0anSp395P9naJbsNVyanQ7zwS3dRy6p07Xhmfc3oXsilkf3hs7njFsQrUXjCo1O9dAt5YB1uDMuMNvlzIh5fZULYxxdXlmtgnmK8y7TuW2dJykA_LYeebdJQTqmB3kPkSwgAA
microsoftonline.jiyt.xyz/ Name: stsservicecookie
Value: estsfd
microsoftonline.jiyt.xyz/ Name: x-ms-gateway-slice
Value: estsfd
p4xudp6jp3myigh.jiyt.xyz/ Name: MUID
Value: 3C0F4ED908EB679F0EB85F80099066A4
p4xudp6jp3myigh.jiyt.xyz/ Name: .AspNetCore.Correlation.OpenIdConnectV2.gMwdAE_nEE4cXjFbgmdsVgIQjYHyAkJkVdlJkpaJwvE
Value: N
p4xudp6jp3myigh.jiyt.xyz/ Name: .AspNetCore.OpenIdConnect.Nonce.gnosL6sa5fpWp33igdNfNgkgzs7Qeq9FlZmv_jznw_XpG0Cbrihdp7q6jWrBRIdCvWKZ2U55LEEAemAaTo_r1_x_UrSIP6uQlmvbb_1QJVlbTNJzdM51zVjgy6YnHz_S4PZ2bVkBM_PvrnmJ9VjWcTx-ISpgFg2EsK0FKcwHVW3eybdnLsOB2XY_TKO-A1cKs3Gq-swG-CFbY9wEZzMTUCa8YSC3kJOOdH7MV_fD0XxuJYB4anCOCB1jb62zvpJe
Value: N
p4xudp6jp3myigh.jiyt.xyz/ Name: OH.DCAffinity
Value: OH-weu
p4xudp6jp3myigh.jiyt.xyz/ Name: OH.FLID
Value: 27233779-b901-4219-8ea1-4d48a0e5fad5
.microsoftonline.jiyt.xyz/ Name: AADSSO
Value: NA|NoExtension
microsoftonline.jiyt.xyz/ Name: SSOCOOKIEPULLED
Value: 1
microsoftonline.jiyt.xyz/ Name: buid
Value: 0.AWAAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr0_ad_UL2Dna_yFEeHbyzcxdIiOuukECa5KtWs2sxzqCv_6zvFQLGxKUYW4ym51iZVJoYaWiuQ6eOwgQpm13eodtIacCGIf310-aBdrjZIeQgAA
microsoftonline.jiyt.xyz/ Name: fpc
Value: AlGkpnliWPZChy2T1EWbHDa8Ae7AAQAAAKk2rtkOAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains