urlscan.io logo urlscan.io
SecurityTrails logo

login.live.com Open in urlscan Pro
20.190.160.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://107.174.202.144:3000/https://germanperso.com/?sunpolishing.ca
Effective URL: https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%...
Submission: On March 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 20.190.160.12, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.live.com. The Cisco Umbrella rank of the primary domain is 78.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 2nd 2023. Valid for: a year.
This is the only time login.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.174.202.144 36352 (AS-COLOCR...)
1 192.185.96.177 19871 (NETWORK-S...)
1 3 162.0.216.185 22612 (NAMECHEAP...)
2 20.190.160.12 8075 (MICROSOFT...)
10 152.199.23.37 15133 (EDGECAST)
17 5
1    107.174.202.144 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-174-202-144-host.colocrossing.com
107.174.202.144
1    192.185.96.177 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-96-177.unifiedlayer.com
www-mic-redirect.hardric.com
3    162.0.216.185 (United States)

ASN22612 (NAMECHEAP-NET, US)
64738834838-838392micr032223.infobd71.com
2    20.190.160.12 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
10    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
10 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1148
246 KB
3 infobd71.com
64738834838-838392micr032223.infobd71.com
109 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 78
14 KB
1 hardric.com
www-mic-redirect.hardric.com
381 B
0 msauth.net Failed
logincdn.msauth.net Failed
0 microsoft.com Failed
browser.events.data.microsoft.com Failed
17 6
Domain Requested by
10 aadcdn.msftauth.net 64738834838-838392micr032223.infobd71.com
aadcdn.msftauth.net
3 64738834838-838392micr032223.infobd71.com 1 redirects www-mic-redirect.hardric.com
64738834838-838392micr032223.infobd71.com
2 login.live.com 64738834838-838392micr032223.infobd71.com
aadcdn.msftauth.net
1 www-mic-redirect.hardric.com
0 logincdn.msauth.net Failed login.live.com
0 browser.events.data.microsoft.com Failed aadcdn.msftauth.net
17 6

This site contains no links.

Subject Issuer Validity Valid
*.hardric.com
R3		 2023-01-21 -
2023-04-21		 3 months crt.sh
64738834838-838392micr032223.infobd71.com
R3		 2023-03-07 -
2023-06-05		 3 months crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-01-02 -
2024-01-02		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2022-04-01 -
2023-04-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=G-VlqctyXJoQazNds6PWnW7GHB_JRMNCQNIscmNm49y8wyBm0ioAbPHzBE3jzPLGCyk2xLKOAqbJtwTLTLDUqnAJFuN5Si8AFjBXKydzhb6x4EIi3_N0oFy9vVNHYBjWByDP66t5m5Ra01fSIg5C_SimIq8o1nplzEjy9Yh5zzJM6YRiEI82IK6PzXyy32HA_42pbx0DvZw525HpcuVgMA1VWPZiCKFly3JEnMPTh7Ldfoo6w-4xJkUhkywZlP-WulmpO3prRseGYKBIVVplJw&response_mode=form_post&nonce=637929903776466681.Y2Y4YjNjOWItNWRlMi00NWRmLWEyNGEtNGMxM2RhNjhmMmY1NTI3YmM5OTMtOWEyNi00YWJjLTg5ZDAtYmYyMjgwOWFjMWUx&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&uaid=0eff74207875416c97b0f9b70001d22c&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&epct=AQABAAAAAAD--DLA3VO7QrddgJg7WevrhWJS075YcEugEd0fEW1kFB_MW6nZlvE_sT36bjOykGl89sYQSnNGAVxEcGImtqy5TwuetuVhS8N7Nf6ImFdIwne2aKI6LKsGzgGmYYNzsdG4lH2wP-wVOBy77DPdVUxqBFcnli_VL3gDK7_1Bjam_n3cjJFQ5qYscBqxB-dUsEow9V7EJzfxuNeHwAo4lMurlfkBXkd1tDlWHC3HZnoaNSAA&jshs=0&username=undefined&login_hint=undefined
Frame ID: 1F670DDB2C1A0F67168FFE50C01E1B1E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. http://107.174.202.144:3000/https://germanperso.com/?sunpolishing.ca HTTP 301
    https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca Page URL
  2. https://64738834838-838392micr032223.infobd71.com/?zwhj&qrc=undefined HTTP 302
    https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s9376527... Page URL
  3. https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s9376527... Page URL
  4. https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=o... Page URL

Page Statistics

17
Requests

88 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

368 kB
Transfer

1188 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://107.174.202.144:3000/https://germanperso.com/?sunpolishing.ca HTTP 301
    https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca Page URL
  2. https://64738834838-838392micr032223.infobd71.com/?zwhj&qrc=undefined HTTP 302
    https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts Page URL
  3. https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts&sso_reload=true Page URL
  4. https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=G-VlqctyXJoQazNds6PWnW7GHB_JRMNCQNIscmNm49y8wyBm0ioAbPHzBE3jzPLGCyk2xLKOAqbJtwTLTLDUqnAJFuN5Si8AFjBXKydzhb6x4EIi3_N0oFy9vVNHYBjWByDP66t5m5Ra01fSIg5C_SimIq8o1nplzEjy9Yh5zzJM6YRiEI82IK6PzXyy32HA_42pbx0DvZw525HpcuVgMA1VWPZiCKFly3JEnMPTh7Ldfoo6w-4xJkUhkywZlP-WulmpO3prRseGYKBIVVplJw&response_mode=form_post&nonce=637929903776466681.Y2Y4YjNjOWItNWRlMi00NWRmLWEyNGEtNGMxM2RhNjhmMmY1NTI3YmM5OTMtOWEyNi00YWJjLTg5ZDAtYmYyMjgwOWFjMWUx&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&uaid=0eff74207875416c97b0f9b70001d22c&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&epct=AQABAAAAAAD--DLA3VO7QrddgJg7WevrhWJS075YcEugEd0fEW1kFB_MW6nZlvE_sT36bjOykGl89sYQSnNGAVxEcGImtqy5TwuetuVhS8N7Nf6ImFdIwne2aKI6LKsGzgGmYYNzsdG4lH2wP-wVOBy77DPdVUxqBFcnli_VL3gDK7_1Bjam_n3cjJFQ5qYscBqxB-dUsEow9V7EJzfxuNeHwAo4lMurlfkBXkd1tDlWHC3HZnoaNSAA&jshs=0&username=undefined&login_hint=undefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://107.174.202.144:3000/https://germanperso.com/?sunpolishing.ca HTTP 301
  • https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca
Request Chain 1
  • https://64738834838-838392micr032223.infobd71.com/?zwhj&qrc=undefined HTTP 302
  • https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www-mic-redirect.hardric.com/blog/germanperso.com/
Redirect Chain
  • http://107.174.202.144:3000/https://germanperso.com/?sunpolishing.ca
  • https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca
368 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.96.177 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-96-177.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
265
content-type
text/html
date
Tue, 07 Mar 2023 19:05:48 GMT
last-modified
Tue, 07 Mar 2023 15:20:30 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 07 Mar 2023 19:05:47 GMT
X-Powered-By
Express
location
https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca
pjiwdgxot
64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/
Redirect Chain
  • https://64738834838-838392micr032223.infobd71.com/?zwhj&qrc=undefined
  • https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet...
153 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts
Requested by
Host: www-mic-redirect.hardric.com
URL: https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.216.185 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
60af820e0d9f3ddba6a311f313d6ddb50ef9ddf7c3121ddd733cca5458500eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-mic-redirect.hardric.com/blog/germanperso.com/?sunpolishing.ca
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 19:05:49 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
content-length
156274
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14711.7 - EUS ProdSlices
x-ms-request-id
60f05f5e-123a-40ef-8dad-0893b3bd3c00

Redirect headers

Connection
keep-alive
Date
Tue, 07 Mar 2023 19:05:48 GMT
Keep-Alive
timeout=5
Transfer-Encoding
chunked
location
/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts
pjiwdgxot
64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/ 		201 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts&sso_reload=true
Requested by
Host: 64738834838-838392micr032223.infobd71.com
URL: https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.216.185 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
/
Resource Hash
7b5333a1c17ee5e9bb62eb85436324f784f9ab46b6631b748feb9e2380b401cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 19:05:50 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msftauth.net>; rel=dns-prefetch, <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
0
content-length
206098
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14711.7 - SCUS ProdSlices
x-ms-request-id
88c3a063-808a-48d3-8597-c035437f8e00
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: 64738834838-838392micr032223.infobd71.com
URL: https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		401 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Requested by
Host: 64738834838-838392micr032223.infobd71.com
URL: https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAB) /
Resource Hash
eaf3c71b1eecb542a9849e8ce2df652273e88bd5a4775d7ad1334ee552dca7f6

Request headers

Referer
https://64738834838-838392micr032223.infobd71.com/
Origin
https://64738834838-838392micr032223.infobd71.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:51 GMT
content-encoding
gzip
content-md5
6UgQXIgpbkFh1Jukb6baFQ==
age
3107485
x-cache
HIT
content-length
114017
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 18:23:07 GMT
server
ECAcc (frc/4CAB)
etag
0x8DAFFCA5F26C549
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a75eeb0d-301e-0099-72e4-3440ca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneDs_641b1cf809bdc17b42ab.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC3) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
Rajh8JKNmzx4FHNJDjlS4A==
age
11205703
x-cache
HIT
content-length
61054
x-ms-lease-status
unlocked
last-modified
Thu, 27 Oct 2022 14:22:48 GMT
server
ECAcc (frc/4CC3)
etag
0x8DAB826B92FFE4C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7f87220d-d01e-0027-803d-ebb818000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
todPgSbCBNAfnMYQ5LVdvw==
age
3455423
x-cache
HIT
content-length
32188
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 00:32:12 GMT
server
ECAcc (frc/4CFA)
etag
0x8DAFF34C449D50E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3f2c8d0d-f01e-0014-47ba-318a01000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request oauth20_authorize.srf
login.live.com/ 		26 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=G-VlqctyXJoQazNds6PWnW7GHB_JRMNCQNIscmNm49y8wyBm0ioAbPHzBE3jzPLGCyk2xLKOAqbJtwTLTLDUqnAJFuN5Si8AFjBXKydzhb6x4EIi3_N0oFy9vVNHYBjWByDP66t5m5Ra01fSIg5C_SimIq8o1nplzEjy9Yh5zzJM6YRiEI82IK6PzXyy32HA_42pbx0DvZw525HpcuVgMA1VWPZiCKFly3JEnMPTh7Ldfoo6w-4xJkUhkywZlP-WulmpO3prRseGYKBIVVplJw&response_mode=form_post&nonce=637929903776466681.Y2Y4YjNjOWItNWRlMi00NWRmLWEyNGEtNGMxM2RhNjhmMmY1NTI3YmM5OTMtOWEyNi00YWJjLTg5ZDAtYmYyMjgwOWFjMWUx&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&uaid=0eff74207875416c97b0f9b70001d22c&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&epct=AQABAAAAAAD--DLA3VO7QrddgJg7WevrhWJS075YcEugEd0fEW1kFB_MW6nZlvE_sT36bjOykGl89sYQSnNGAVxEcGImtqy5TwuetuVhS8N7Nf6ImFdIwne2aKI6LKsGzgGmYYNzsdG4lH2wP-wVOBy77DPdVUxqBFcnli_VL3gDK7_1Bjam_n3cjJFQ5qYscBqxB-dUsEow9V7EJzfxuNeHwAo4lMurlfkBXkd1tDlWHC3HZnoaNSAA&jshs=0&username=undefined&login_hint=undefined
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
805bb4deaf9fdddd33f337ae32e41e80ca7d08415e3a41cd08762d204bc73cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://64738834838-838392micr032223.infobd71.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, max-age=0
Content-Encoding
gzip
Content-Length
10763
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 19:05:52 GMT
Expires
Tue, 07 Mar 2023 19:04:52 GMT
Link
<https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF000066DB V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
x-ms-request-id
5da82d9f-d405-4709-a088-a714d8dba22c
x-ms-route-info
R3_BL2
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDA) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
15015319
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/4CDA)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
6ea16e81-a01e-0059-5797-c8442d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFE) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
15015319
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/4CFE)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
ae58d853-b01e-0055-0597-c888ae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: 64738834838-838392micr032223.infobd71.com
URL: https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
15015320
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (frc/4C94)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ce9670ed-701e-0052-0a97-c89062000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_7a0s5vjhqn4owm0nnnvkoa2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_7a0s5vjhqn4owm0nnnvkoa2.js
Requested by
Host: 64738834838-838392micr032223.infobd71.com
URL: https://64738834838-838392micr032223.infobd71.com/__//rdbbdc/dpjiw2/k2.0/pjiwdgxot?raxtci_xs=4765445q-32r6-49q0-83t6-1s93765276rp&gtsxgtri_jgx=wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uapcsxcvk2&gthedcht_inet=rdst%20xs_idztc&hrdet=detcxs%20egduxat%20wiieh%3P%2U%2Ulll.duuxrt.rdb%2Uk2%2UDuuxrtWdbt.Paa&gthedcht_bdst=udgb_edhi&cdcrt=637929903776466681.N2N4NyCyDLXiCLGaBx00CLGbALTnCVTiCVBmB2GwCywbBbN1CIX3NbB5DIBiDLTnCx00NLYyAIv5OSPiNbNnByvlDLUyBLJm&jx_adrpath=tc-JH&bzi=tc-JH&hipit=V-KafrinMYdFpoCsh6ELcL7VWQ_YGBCRFCXhrbCb49n8lnQb0xdPqEWoQT3yoEAVRnz2mAZDPfqYilIAIASJfcPYUjC5Hx8PUyQMZnsowq6m4TXx3_C0dUn9kKCWNQyLQnSE66i5b5Gp01uHXv5R_HxbXf8d1ceaoTyn9Nw5ooYB6NGxTX82XZ6EoMnn32WP_42eqm0SkOl525WerjKvBP1KLEOxRZUan3YTcBEIw7Asudd6l-4mYzJwznlOaE-LjabeD3egGhtVNZQXKKeaYl&m-raxtci-HZJ=XS_CTIHIPCSPGS2_0&m-raxtci-ktg=6.12.1.0&fgr=jcstuxcts&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8D) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
xMZ1C09wExszXPDUvA8MEA==
age
4069006
x-cache
HIT
content-length
13892
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 23:28:28 GMT
server
ECAcc (frc/4C8D)
etag
0x8DAF9ABB404B89A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
367ba05e-a01e-0090-6225-2c99e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D03) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
94912
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:50 GMT
server
ECAcc (frc/4D03)
etag
0x8D7B007297AE131
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a77b3f3b-101e-0026-464a-504615000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
15015319
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/4CFA)
etag
0x8D79A1B9F5E121A
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e0c1be84-e01e-005d-7397-c8af81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		102 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4aVqV9ZeDlPv4AImzchdew2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC1) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64738834838-838392micr032223.infobd71.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 Mar 2023 19:05:52 GMT
content-encoding
gzip
content-md5
SxsaXa39nTRc5WmIHM+/cw==
age
3450792
x-cache
HIT
content-length
35791
x-ms-lease-status
unlocked
last-modified
Thu, 26 Jan 2023 00:32:14 GMT
server
ECAcc (frc/4CC1)
etag
0x8DAFF34C5641B4D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
40f9c245-c01e-002d-60c5-31925a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
Converged_v21033_Ouf1esRqI-5-K85Q2hruAw2.css
logincdn.msauth.net/16.000/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.6&apikey=69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293&upload-time=1678215952392&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
Domain
logincdn.msauth.net
URL
https://logincdn.msauth.net/16.000/Converged_v21033_Ouf1esRqI-5-K85Q2hruAw2.css

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __

10 Cookies

Domain/Path Name / Value
64738834838-838392micr032223.infobd71.com/ Name: qPdM
Value: ZZBHEf7Hglc8
64738834838-838392micr032223.infobd71.com/ Name: x-ms-gateway-slice
Value: estsfd
64738834838-838392micr032223.infobd71.com/ Name: stsservicecookie
Value: estsfd
.64738834838-838392micr032223.infobd71.com/ Name: AADSSO
Value: NA|NoExtension
64738834838-838392micr032223.infobd71.com/ Name: SSOCOOKIEPULLED
Value: 1
64738834838-838392micr032223.infobd71.com/ Name: buid
Value: 0.ATcAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevruevwI5OEM7pXnGlrVIv3ckUjsI7ivIcmnCAObjhpGNCn7AHqJ9gyMQ6kWbeBjjrdhsbcaniMHL348JYo1MciFsaHLLV2hVdPjVZNOsBgsiYgAA
.64738834838-838392micr032223.infobd71.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrMwpUW_dvKpkuP1QPMyvt2LCltznUlSQzIH9IBOskpDCOEk_xdK-eiBsRJ9mzqz-_G7Ttm7xhK3aXWTlxErCHJKeBYLbfWmHsHsAob3jOgSeieEcDwqZqwA6bW8XuKo5pkBTHp5lpFvr7Hff26npKiWBe2dY49jF-bT1Jc7TzU6j7pSlqXne4hqCRi96ctPinCFLl6tCz-wN1sRZW6wE0Gl3el3Wx5Wrww9idErSDsR4VISf5KNd17XCsCpGog4U-tAQRI6eoUCqunSeIr3luyDR1aV5V5uEWza5kpftjUaggAA
64738834838-838392micr032223.infobd71.com/ Name: fpc
Value: AtJMVUN-TR9FjtxbMAe2ume8Ae7AAQAAAA2CmdsOAAAA
.login.live.com/ Name: uaid
Value: 3baf707ef5b64b68a144df643edef148
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1678215951&co=1