sts2.nml.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 216.20.178.206, located in Milwaukee, United States and belongs to NM-01, US. The main domain is sts2.nml.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 11th 2021. Valid for: a year.

This is the only time sts2.nml.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.219.157.167 3.219.157.167	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.190.160.8 20.190.160.8	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	216.20.178.206 216.20.178.206	26787 (NM-01) (NM-01)
5	2

1 3.219.157.167 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-157-167.compute-1.amazonaws.com

comprpts.nml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.160.8 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.20.178.206 (Milwaukee, United States)

ASN26787 (NM-01, US)
PTR: sts2.nml.com

sts2.nml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	nml.com 1 redirects comprpts.nml.com sts2.nml.com	79 KB
2	microsoftonline.com 1 redirects login.microsoftonline.com	56 KB
5	2

	Domain	Requested by
4	sts2.nml.com	login.microsoftonline.com sts2.nml.com
2	login.microsoftonline.com	1 redirects
1	comprpts.nml.com	1 redirects
5	3

This site contains no links.

Subject Issuer	Validity	Valid
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2021-08-25` - `2022-08-25`	a year	crt.sh
sts2.nml.com Entrust Certification Authority - L1K	`2021-03-11` - `2022-03-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1
Frame ID: 4519F2B51CB743C04E81616D9D63EE62
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

https://comprpts.nml.com/comprpts/ HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef... Page URL
https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef... HTTP 302
https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

131 kB
Transfer

224 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://comprpts.nml.com/comprpts/ HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb Page URL
https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb&sso_reload=true HTTP 302
https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://comprpts.nml.com/comprpts/ HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

authorize Show response
login.microsoftonline.com/common/oauth2/
Redirect Chain

https://comprpts.nml.com/comprpts/
https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirec...

147 KB
53 KB

271ms
154ms

Document
text/html

20.190.160.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.8 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

fa1e3b2ac862ddffb989e7b94c3d2efcbda27465d0a3a639b631adcc30383bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 39af5830-c461-4fc5-8969-6cd6c9734800
x-ms-ests-server: 2.1.12158.6 - EUS ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 27 Oct 2021 17:46:42 GMT
Content-Length: 53504

Redirect headers

Date: Wed, 27 Oct 2021 17:46:43 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
cache-control: no-cache
Location: https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb
Cache-Control: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains

GET
H/1.1

200
OK

Primary Request / Show response
sts2.nml.com/adfs/ls/
Redirect Chain

https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirec...
https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdN...

18 KB
19 KB

825ms
243ms

Document
text/html

216.20.178.206
NM-01

General

Check archive.org

Show headers Download Go to

Full URL

https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.20.178.206 Milwaukee, United States, ASN26787 (NM-01, US),

Reverse DNS

sts2.nml.com

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f9549f3dfb0bf384505cca95881cacd6ed0092225a4d85c867a7cc943fd6eb9e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/common/oauth2/authorize?domain_hint=northwesternmutual.com&client_id=fe4f8ef8-b3a7-4ad6-80aa-5ab52d748328&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcomprpts.nml.com%2Fcomprpts%2Fauth&state=6c192d778fce8f79c341273e5f4f08eb

Response headers

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 18905
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-frame-options: DENY
Date: Wed, 27 Oct 2021 17:46:44 GMT

Redirect headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Location: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1#
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 81ed1791-e2e8-43f7-a798-099e45874500
x-ms-ests-server: 2.1.12158.6 - SCUS ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 27 Oct 2021 17:46:43 GMT
Content-Length: 644

GET
H/1.1 200
OK style.css
sts2.nml.com/adfs/portal/css/ 8 KB
8 KB 115ms
115ms Stylesheet
text/css 216.20.178.206
NM-01

General

Check archive.org

Show headers Download Go to

Full URL: https://sts2.nml.com/adfs/portal/css/style.css?id=51FAE6BBCE6AB5E492737358431B4A67493BCDBADA7BF71C83AC4A050CE7A148
Requested by: Host: sts2.nml.com
URL: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 216.20.178.206 Milwaukee, United States, ASN26787 (NM-01, US),
Reverse DNS: sts2.nml.com
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a479c7d6c43476e47d16e4a4d2996859612297a7fa36d95c0b4b22319fb497be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 17:46:44 GMT
Expires: Fri, 26 Nov 2021 18:46:44 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 51FAE6BBCE6AB5E492737358431B4A67493BCDBADA7BF71C83AC4A050CE7A148
Content-Length: 7917
Content-Type: text/css

GET
H/1.1 200
OK logo.png
sts2.nml.com/adfs/portal/logo/ 18 KB
19 KB 228ms
227ms Image
image/png 216.20.178.206
NM-01

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sts2.nml.com/adfs/portal/logo/logo.png?id=776DEACCC33C07E380F7BF98FBA351E7DC713D918823B1A6DA09CCAC29CA5805
Requested by: Host: sts2.nml.com
URL: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 216.20.178.206 Milwaukee, United States, ASN26787 (NM-01, US),
Reverse DNS: sts2.nml.com
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 776deaccc33c07e380f7bf98fba351e7dc713d918823b1a6da09ccac29ca5805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 17:46:44 GMT
Expires: Fri, 26 Nov 2021 18:46:44 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 776DEACCC33C07E380F7BF98FBA351E7DC713D918823B1A6DA09CCAC29CA5805
Content-Length: 18890
Content-Type: image/png

GET
H/1.1 200
OK illustration.png
sts2.nml.com/adfs/portal/illustration/ 32 KB
32 KB 115ms
115ms Image
image/png 216.20.178.206
NM-01

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sts2.nml.com/adfs/portal/illustration/illustration.png?id=B95D8EF73174CE6D1BDE3EA8F7CE7179B3D8952192127B9985F8369B4525AABD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 216.20.178.206 Milwaukee, United States, ASN26787 (NM-01, US),
Reverse DNS: sts2.nml.com
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b95d8ef73174ce6d1bde3ea8f7ce7179b3d8952192127b9985f8369b4525aabd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sts2.nml.com/adfs/ls/?client-request-id=b1aee32f-161b-48b4-946e-8316c31012e4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAdNiNtQztFJJSzVJs0hNs9BNMk401zVJTDHTtTBITNQ1TUwyNUoxN7EwNrIoEuIS0H-8bqO02BaPKXnNYocFhJ7MYhTLyy8qyShPLS5JLcrLLS0pTczRS87P3cHIeIGR8QUj4y0mfn_H0pIMIxCRX5RZlTqLWcEs2dASaKy5RVpyqkWauWWysYmhkblxqmmaSZqBRWrSJmY2oBm5-XmnmEXyC1LzMlMUCory0zJzUhVScxMzc24wM15gYXzFwmPAbMXBwSXAIMGgwPCDhXERK9CNE8XfNr549N15-QzOea7trgynWPXDjdLDIwsNzMJLsrO8_dLKXDIyInyqAnKTLXyTyn2Tks0CKty1HatS_NzKbU2sDCewMX5gY-xgZ9jFqZZRUlJQbKWvD3RPQVFBSbFeXi7Yg3AB_USgx25xiRgZGBnqGhroGpkrGJpbmZhZmZhEHeBlAAA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 17:46:44 GMT
Expires: Fri, 26 Nov 2021 18:46:45 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: B95D8EF73174CE6D1BDE3EA8F7CE7179B3D8952192127B9985F8369B4525AABD
Content-Length: 32940
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.comprpts.nml.com/	1969-12-31 23:59:59	Name: session Value: KHe_3gWnAgKC1rzeDqp07A..\|1635443203\|o5dFePfNaT12mvig0yWFwnjmH5-OECgtqpsL0JGPDpF6WQ7u5fAZ5vtx-X_maJlagw2oqxyJTsVGTwzjBulQnjLNbSUwybvXVPCpjEaahtvSf0AJyMsu19ZumjfaxUCRYn9He4FdN5utXlTRfl7Rnw..\|kRfiPqsTHhGnu413Cw3JN9pPDRI.
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-19 22:15:56	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-19 22:59:08	Name: buid Value: 0.AQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrKVoUEGEFVStJTKkhEVsVghLqlHmzDGjWKA-_Vom7WI9FKmMZeZ4xlgVaG2q1EFoPn1Svz93pAlCUk9Iz6SFRnLuJHHexKEqPmNJ9GrrkhgUgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrKN3gKPC732v91ZPfnt0yG_G4XTHUrf_gaZ0-MBZtKfAd9azmGaV1gOWYAyfCEiRUdg6B09DiU3oVbrdogQhIoXi2fV_2WNJsBeiAwCHYtX5n8BlV98lkNmYTcLRrFXqfWvoIOgWGyaSOc_unR_7elLqIC35Hb66ljKPgnWHF24UcWIlRUbaEeuDluo5IvT04uD5PhmvHL8NiSWFxnpnPCU5MNMSO6ld2A6af6oCpTiiRSx3fWwVqItI6FPjwTvY82LYBudaM1_T_yJ0B-VCOWP7xT2XDqdXqX2PaX9Qo8apShVxKcn5utHS5LuWimq02IAA
login.microsoftonline.com/	1970-01-19 22:59:08	Name: fpc Value: Ai922DXnKgpJskDZpSRnz0FWhDXaAQAAAIOHC9kOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr95iiMv4qB9dMM7ZZJisWtOLNjtiEchv3pLGLOesINVQ6Z_Vnt7gn7T8NlbYYRZxUIfixgV0FNTeNaxLXdmjv7k1Z1ObcjM9C51tG8UbKXz97QfujuMB63AbEgaKyM10VMlnzBVNusLdY9Bc-I0bqhtRIhWzrJoEXB338Kw5YMrQgAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comprpts.nml.com
login.microsoftonline.com
sts2.nml.com
20.190.160.8
216.20.178.206
3.219.157.167
776deaccc33c07e380f7bf98fba351e7dc713d918823b1a6da09ccac29ca5805
a479c7d6c43476e47d16e4a4d2996859612297a7fa36d95c0b4b22319fb497be
b95d8ef73174ce6d1bde3ea8f7ce7179b3d8952192127b9985f8369b4525aabd
f9549f3dfb0bf384505cca95881cacd6ed0092225a4d85c867a7cc943fd6eb9e
fa1e3b2ac862ddffb989e7b94c3d2efcbda27465d0a3a639b631adcc30383bd6

sts2.nml.com Open in urlscan Pro 216.20.178.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

131 kBTransfer

224 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

9 Cookies

Security Headers

Indicators

sts2.nml.com Open in urlscan Pro
216.20.178.206 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

131 kB
Transfer

224 kB
Size

9
Cookies

5 HTTP transactions
0 data transactions