login-microsoftonline.ptilbox.com Open in urlscan Pro
185.102.170.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://login-microsoftonline.ptilbox.com/
Effective URL:
https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On July 12 via manual (July 12th 2022, 7:28:12 pm UTC) from CA — Scanned from CA

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.102.170.161, located in Ashburn, United States and belongs to AS-SERVERION Serverion B.V., NL. The main domain is login-microsoftonline.ptilbox.com.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.

This is the only time login-microsoftonline.ptilbox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 12	185.102.170.161 185.102.170.161		213035 (AS-SERVER...) (AS-SERVERION Serverion B.V.)
11	2

12 185.102.170.161 (Ashburn, United States) 3 redirects

ASN213035 (AS-SERVERION Serverion B.V., NL)

login-microsoftonline.ptilbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wwwoffice.ptilbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.ptilbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aadcdn-msftauth-fc4de374.ptilbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ptilbox.com 3 redirects login-microsoftonline.ptilbox.com wwwoffice.ptilbox.com login.ptilbox.com aadcdn-msftauth-fc4de374.ptilbox.com	334 KB
11	1

	Domain	Requested by
5	aadcdn-msftauth-fc4de374.ptilbox.com	login-microsoftonline.ptilbox.com aadcdn-msftauth-fc4de374.ptilbox.com
5	login-microsoftonline.ptilbox.com	2 redirects login-microsoftonline.ptilbox.com
1	login.ptilbox.com	login-microsoftonline.ptilbox.com
1	wwwoffice.ptilbox.com	1 redirects
11	4

This site contains no links.

Subject Issuer	Validity	Valid
ptilbox.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Frame ID: 963A3C3E2CD67B13AC13AA0C5CB40554
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

http://login-microsoftonline.ptilbox.com/ HTTP 301
https://login-microsoftonline.ptilbox.com/ Page URL
https://login-microsoftonline.ptilbox.com/ HTTP 302
https://wwwoffice.ptilbox.com/login HTTP 302
https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

2
IPs

1
Countries

332 kB
Transfer

1103 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://login-microsoftonline.ptilbox.com/ HTTP 301
https://login-microsoftonline.ptilbox.com/ Page URL
https://login-microsoftonline.ptilbox.com/ HTTP 302
https://wwwoffice.ptilbox.com/login HTTP 302
https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Page URL
https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://login-microsoftonline.ptilbox.com/ HTTP 301
https://login-microsoftonline.ptilbox.com/

Request Chain 1

https://login-microsoftonline.ptilbox.com/ HTTP 302
https://wwwoffice.ptilbox.com/login HTTP 302
https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response login-microsoftonline.ptilbox.com/ Redirect Chain http://login-microsoftonline.ptilbox.com/ https://login-microsoftonline.ptilbox.com/	72 KB 25 KB	395ms 194ms	Document text/html	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://login-microsoftonline.ptilbox.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash `e70e490a63998679134a8cc60138f7084e54ccf2df2b9bd9aaaf5948f07b5653` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-headers * access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Tue, 12 Jul 2022 19:28:08 GMT server nginx/1.21.6 vary Accept-Encoding Redirect headers Connection keep-alive Content-Length 169 Content-Type text/html Date Tue, 12 Jul 2022 19:28:07 GMT Location https://login-microsoftonline.ptilbox.com/ Server nginx/1.21.6
GET H2	200	authorize Show response login-microsoftonline.ptilbox.com/common/oauth2/v2.0/ Redirect Chain https://login-microsoftonline.ptilbox.com/ https://wwwoffice.ptilbox.com/login https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code...	291 KB 85 KB	457ms 457ms	Document text/html	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Requested by Host: login-microsoftonline.ptilbox.com URL: https://login-microsoftonline.ptilbox.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash `f49c5df855d3cd8f3b3192270537ec88954b190edbea86da92a2d229fc4d91c6` Request headers Referer https://login-microsoftonline.ptilbox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-headers * access-control-allow-origin * cache-control no-store, no-cache content-encoding gzip content-type text/html; charset=utf-8 date Tue, 12 Jul 2022 19:28:10 GMT nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-fc4de374.ptilbox.com/api/report?catId=GW+estsfd+ams2"}]} server nginx/1.21.6 vary Accept-Encoding Accept-Encoding x-ms-clitelem 1,50168,0,, x-ms-ests-server 2.1.13156.10 - WEULR2 ProdSlices x-ms-request-id d9c45ebe-e66e-4c21-9c18-3eb50a781200 Redirect headers access-control-allow-headers * access-control-allow-origin * content-type text/html; charset=utf-8 date Tue, 12 Jul 2022 19:28:09 GMT location https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 referrer-policy strict-origin-when-cross-origin request-context appId= server nginx/1.21.6 vary Accept-Encoding x-cache CONFIG_NOCACHE x-msedge-ref Ref A: 86C0BDF5E5104BB4B6034D5EE586A120 Ref B: AM3EDGE0116 Ref C: 2022-07-12T19:28:09Z x-ua-compatible IE=edge,chrome=1
GET H2	200	Primary Request authorize Show response login-microsoftonline.ptilbox.com/common/oauth2/v2.0/	338 KB 81 KB	632ms 632ms	Document text/html	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Requested by Host: login-microsoftonline.ptilbox.com URL: https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash `2f375d2be5c5205bc78828c2f5a0d7b14f0c75ca6318e0e46d50830840d8db59` Request headers Referer https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-headers * access-control-allow-origin * cache-control no-store, no-cache content-encoding gzip content-type text/html; charset=utf-8 date Tue, 12 Jul 2022 19:28:10 GMT nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-fc4de374.ptilbox.com/api/report?catId=GW+estsfd+ams2"}]} server nginx/1.21.6 vary Accept-Encoding Accept-Encoding x-ms-clitelem 1,0,0,, x-ms-ests-server 2.1.13156.10 - WEULR1 ProdSlices x-ms-request-id 37a86f74-401d-476a-bc51-429897145601
GET H2	200	Me.htm login.ptilbox.com/	0 0	398ms 381ms	Other text/html	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://login.ptilbox.com/Me.htm?v=3 Requested by Host: login-microsoftonline.ptilbox.com URL: https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://login-microsoftonline.ptilbox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	200	ConvergedLogin_PCore_BdGsyKr09CEVooArpGMldQ2.js Show response aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/	380 KB 109 KB	826ms 567ms	Script application/x-javascript	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/ConvergedLogin_PCore_BdGsyKr09CEVooArpGMldQ2.js Requested by Host: login-microsoftonline.ptilbox.com URL: https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash `49ae1e3e445707dad12aebb28a4ab5e6e6c17173d7780922966ae108b186a5a8` Request headers Referer https://login-microsoftonline.ptilbox.com/ Origin https://login-microsoftonline.ptilbox.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 12 Jul 2022 19:28:11 GMT content-encoding gzip last-modified Wed, 15 Jun 2022 19:42:21 GMT server nginx/1.21.6 age 2259467 vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/x-javascript access-control-allow-origin * x-ms-request-id d01e90a2-c01e-0049-2198-81fb05000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET		oneDs_8363475333f6d315e7ae.js aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/	0 0

GET H2	200	converged.v2.login.min_9lddfuhsopopkddlczwbda2.css aadcdn-msftauth-fc4de374.ptilbox.com/ests/2.1/content/cdnbundles/	0 20 KB	339ms 338ms	Other text/css	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://aadcdn-msftauth-fc4de374.ptilbox.com/ests/2.1/content/cdnbundles/converged.v2.login.min_9lddfuhsopopkddlczwbda2.css Requested by Host: login-microsoftonline.ptilbox.com URL: https://login-microsoftonline.ptilbox.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.ptilbox.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.ptilbox.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637932508896374647.NGRjZmViYmYtNDY3Ni00NjQ4LTg1MzAtM2ZhYTNmNTZjNDRmNTJlMWUyOTctZGI3NC00ZjgzLTk4MDktYTVjM2YxMTZmNDZk&ui_locales=en-CA&mkt=en-CA&state=befWRycm8PyKYkNiX0--djQa03dbJbho-76WfHxSe7RGdUab3bwuqBXfmfTNRe2wEraMibX8D7dQKJAPQ76SZxy-LKfSM5ip2oxlilCi6Kasc27rOGzg1nicL7m81CT6SWgNHavEFlGTvpvCP0Fo46kstmqxxq4ks6MvjNTTyLqY77Ltw7niiQp8jf51PqL7u5LEHS0Trt0MZdU11TB-OiDFn09NGuhCDChJXghjBQKtPaCzs9NY2vOAfjpT7rmp5gocLXWFt5yyBSjpQWUhnA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://login-microsoftonline.ptilbox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 12 Jul 2022 19:28:12 GMT content-encoding gzip last-modified Fri, 03 Jun 2022 20:17:56 GMT server nginx/1.21.6 age 3208949 vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-ms-request-id 09904cac-501e-0067-45f6-7844ba000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET		ux.converged.login.strings-en.min_myxbgnbu6anaztpnsdmngw2.js aadcdn-msftauth-fc4de374.ptilbox.com/ests/2.1/content/cdnbundles/	0 0

GET H2	200	convergedlogin_pfetchsessionsprogress_c517f0e3ce9f4c448e6f.js aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/asyncchunk/	15 KB 6 KB	435ms 434ms	Script application/x-javascript	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Full URL https://aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_c517f0e3ce9f4c448e6f.js Requested by Host: aadcdn-msftauth-fc4de374.ptilbox.com URL: https://aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/ConvergedLogin_PCore_BdGsyKr09CEVooArpGMldQ2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://login-microsoftonline.ptilbox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 12 Jul 2022 19:28:12 GMT content-encoding gzip last-modified Thu, 26 May 2022 23:21:33 GMT server nginx/1.21.6 age 3838237 vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/x-javascript access-control-allow-origin * x-ms-request-id 754123aa-d01e-008c-3d3c-73ea43000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	marching_ants_white_166de53471265253ab3a456defe6da23.gif aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/images/	3 KB 3 KB	256ms 255ms	Image image/gif	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash `a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13` Request headers accept-language en-CA,en;q=0.9 Referer https://login-microsoftonline.ptilbox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 12 Jul 2022 19:28:12 GMT last-modified Thu, 16 Jan 2020 00:32:52 GMT server nginx/1.21.6 age 31161425 etag 0x8D79A1B9F2C6EC8 x-cache HIT content-type image/gif access-control-allow-origin * x-ms-request-id 4c39405d-101e-0042-2cbc-7a2f4a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/images/	4 KB 4 KB	434ms 433ms	Image image/gif	185.102.170.161 AS-SERVERION Serv...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.102.170.161 Ashburn, United States, ASN213035 (AS-SERVERION Serverion B.V., NL), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://login-microsoftonline.ptilbox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 12 Jul 2022 19:28:12 GMT last-modified Thu, 16 Jan 2020 00:32:52 GMT server nginx/1.21.6 age 1364948 etag 0x8D79A1B9F8A840E x-cache HIT content-type image/gif access-control-allow-origin * x-ms-request-id c3a18654-101e-008d-12bb-89144e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aadcdn-msftauth-fc4de374.ptilbox.com
URL: https://aadcdn-msftauth-fc4de374.ptilbox.com/shared/1.0/content/js/oneDs_8363475333f6d315e7ae.js

Domain: aadcdn-msftauth-fc4de374.ptilbox.com
URL: https://aadcdn-msftauth-fc4de374.ptilbox.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_myxbgnbu6anaztpnsdmngw2.js

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ptilbox.com/	1970-01-20 13:13:10	Name: __Dq9A Value: ZmM0ZGUzNzQtNTJiNS00OWU1LWFiMmItMzIzOThmZTk2Zjk4OmZlY2NiYzI3LWY1YzItNDk1Ny1iYWZjLTNiMTRmYzVlOTA3Yg==
.ptilbox.com/	1970-02-08 18:16:44	Name: MUID Value: 3AD83155A28C6260277C208AA3F763D6
wwwoffice.ptilbox.com/	1970-02-08 08:55:09	Name: .AspNetCore.Correlation.OpenIdConnectV2.r6k2a2_a6TESFF4rHyQcV9jxG9LM7l9RcX2yLwvLNhI Value: N
wwwoffice.ptilbox.com/	1970-02-08 08:55:09	Name: .AspNetCore.OpenIdConnect.Nonce.dCbNkZSvaQxq3o9hGBDZTvu2Tv-7Xsso_m-vcGSvLK2aZQVHDutHTLci08MAODOzuRE5q6QQQVVIV3IiCpyYeuCMOt-qZz-piGYHuPtJKXzr-1j9KSaoUq1-rr8daOp-ehYdMisUCwHHTBqZ5BWSAp5RxgvVG5e30IuCL--GuLJAhnUgVNJX-2ULHcXLUJY1Iz-Xo2NiIrgeA2pEbULqv6Ujxsioj6UHHEx3phXPYKIvpTLaSj0Dwke361qQN6jx Value: N
wwwoffice.ptilbox.com/	1970-02-08 08:55:36	Name: OH.DCAffinity Value: OH-weu
wwwoffice.ptilbox.com/	1970-02-08 17:40:44	Name: OH.FLID Value: 6b6b021d-b5f2-4a2f-90e9-ce5ef84d639f
.login-microsoftonline.ptilbox.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login-microsoftonline.ptilbox.com/	1970-01-20 04:27:34	Name: SSOCOOKIEPULLED Value: 1
.login-microsoftonline.ptilbox.com/	1970-01-20 13:49:10	Name: brcap Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn-msftauth-fc4de374.ptilbox.com
login-microsoftonline.ptilbox.com
login.ptilbox.com
wwwoffice.ptilbox.com
aadcdn-msftauth-fc4de374.ptilbox.com
185.102.170.161
2f375d2be5c5205bc78828c2f5a0d7b14f0c75ca6318e0e46d50830840d8db59
49ae1e3e445707dad12aebb28a4ab5e6e6c17173d7780922966ae108b186a5a8
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
e70e490a63998679134a8cc60138f7084e54ccf2df2b9bd9aaaf5948f07b5653
f49c5df855d3cd8f3b3192270537ec88954b190edbea86da92a2d229fc4d91c6

login-microsoftonline.ptilbox.com Open in urlscan Pro 185.102.170.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

82 %HTTPS

0 %IPv6

1 Domains

4 Subdomains

2 IPs

1 Countries

332 kBTransfer

1103 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

9 Cookies

Indicators

login-microsoftonline.ptilbox.com Open in urlscan Pro
185.102.170.161 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

2
IPs

1
Countries

332 kB
Transfer

1103 kB
Size

9
Cookies

11 HTTP transactions
0 data transactions