urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
40.126.26.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kfh-04.koco-robot.com/
Effective URL: https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&...
Submission: On August 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 40.126.26.133, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 24.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3 40.126.26.133 8075 (MICROSOFT...)
11 4
Apex Domain
Subdomains		 Transfer
7 koco-robot.com
kfh-04.koco-robot.com
2 MB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 24
5 KB
2 gstatic.com
fonts.gstatic.com
34 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
11 4
Domain Requested by
7 kfh-04.koco-robot.com 1 redirects kfh-04.koco-robot.com
3 login.microsoftonline.com 1 redirects kfh-04.koco-robot.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com kfh-04.koco-robot.com
11 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-08-17 -
2023-08-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantredirect%2fauthresp&response_type=id_token&scope=email+openid&response_mode=query&nonce=amHylD0h5iGvzwtZCumhag%3d%3d&nux=1&nca=1&domain_hint=kolektordigital.onmicrosoft.com&mkt=en-US&lc=1033&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTFhOWE2NzQtYmMwZC00OTRjLWEzZTQtNWVkNjBkYmY5M2I0IiwiVElEIjoiZTVhZDhmZDEtM2YxMC00ODFkLWI5MTgtMGIwNGViYWZjNTA5IiwiVE9JRCI6IjA3MTk1MjBjLWM0NDUtNGE5MS05ODQ3LTZlOWM1ZTM2ZTFjMyJ9
Frame ID: D832F5BBB3EBEDBDD25B138307D3DD97
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kfh-04.koco-robot.com/ HTTP 301
    https://kfh-04.koco-robot.com/ Page URL
  2. https://login.microsoftonline.com/te/kolektordigital.onmicrosoft.com/b2c_1_signin1/oauth2/v2.0/authorize?respo... HTTP 302
    https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0... Page URL

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

2146 kB
Transfer

11757 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kfh-04.koco-robot.com/ HTTP 301
    https://kfh-04.koco-robot.com/ Page URL
  2. https://login.microsoftonline.com/te/kolektordigital.onmicrosoft.com/b2c_1_signin1/oauth2/v2.0/authorize?response_type=id_token&scope=openid%20profile&client_id=cad29921-e7b2-4108-bc0e-d3bc7bb10efb&redirect_uri=https%3A%2F%2Fkfh-04.koco-robot.com%2F&state=15f26b65-c694-4e90-bb22-1db866906ef6&nonce=663e3984-5af2-4584-a81e-2a420ec0ef37&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=0.2.4&client-request-id=89053be3-5024-4321-912e-ba10e5fb3630&response_mode=fragment HTTP 302
    https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantredirect%2fauthresp&response_type=id_token&scope=email+openid&response_mode=query&nonce=amHylD0h5iGvzwtZCumhag%3d%3d&nux=1&nca=1&domain_hint=kolektordigital.onmicrosoft.com&mkt=en-US&lc=1033&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTFhOWE2NzQtYmMwZC00OTRjLWEzZTQtNWVkNjBkYmY5M2I0IiwiVElEIjoiZTVhZDhmZDEtM2YxMC00ODFkLWI5MTgtMGIwNGViYWZjNTA5IiwiVE9JRCI6IjA3MTk1MjBjLWM0NDUtNGE5MS05ODQ3LTZlOWM1ZTM2ZTFjMyJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kfh-04.koco-robot.com/ HTTP 301
  • https://kfh-04.koco-robot.com/

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kfh-04.koco-robot.com/
Redirect Chain
  • http://kfh-04.koco-robot.com/
  • https://kfh-04.koco-robot.com/
828 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e81b8e1eb5eb3accaa11754853b6953d2a321bb3574869c988dcf36d517aeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73e34460ed0f631b-ORD
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 12:10:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 14 Apr 2022 14:32:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7%2BmR8EHYNDCEUfDwE3OV2lJLXwEFGRyL9KETm6Zd1vsm54Rz4hd6d9iCAPswJ5vr05Ag2LkRGJ6nyR8eggHxM0cYM%2BS%2BHQKEVhswL7bady8RardxxDqr6hgjNfWGPLmOkoOL63MKqhVThs7uoxXndAdm5U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
73e344604dbc86db-ORD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 21 Aug 2022 12:10:42 GMT
Expires
Sun, 21 Aug 2022 13:10:42 GMT
Location
https://kfh-04.koco-robot.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEBl7P7Vesm2mRlF%2FLfcj%2Fxzf7jkSrft0SQ5%2BXJme%2Fye%2Bl%2FmQ5d9PQddw3UZENjOJop46nIhzT93qsbzmm5T%2Fgn9vyRnNpoxve818U2M0CF1Ogomk4SKVurZRTvvLspTN6%2BvGR%2FUGNs4F1PQRGqr%2FGLbuOA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700&display=swap
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851e03842c74996898440f775671f41c8312703468ebf70fe01d740d868e8478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 12:10:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 12:10:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 12:10:43 GMT
styles.048636a2f804bc4df083.css
kfh-04.koco-robot.com/ 		213 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kfh-04.koco-robot.com/styles.048636a2f804bc4df083.css
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e62d499f2ca5e3e9b5393ee4d9688c41a515e790aea9dbd69bd2a0e890f0aea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 12:10:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 14:32:53 GMT
server
cloudflare
etag
W/"62583095-35326"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0riZids4T5sv1g3lRoP57BzKrMDsbnTF1Im4ZObz4GiozvYHyZ%2BjKF%2FJPQK7GgLxPp%2FWEgvfWev26mPNbNcQAxiaMkfWEYU7VMw5%2FKLdpi5mUmBg68nq%2FcwLr6CiTf4K8amQCZ1XC%2FxGH0ueoIZkXfBm2oI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e34463d91d631b-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
runtime.d6c52737d4587c65265f.js
kfh-04.koco-robot.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kfh-04.koco-robot.com/runtime.d6c52737d4587c65265f.js
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d57f67ab0814e294462e2fe5effee559d78fd73289214f0b5a9802ed6e3900

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 12:10:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 14:32:53 GMT
server
cloudflare
etag
W/"62583095-1877"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6517V9kk5wlpD4ZK63zwrBW3E51hEut%2F%2FS0D68I7MVCtnaH9TmzlZtobgBEnx5D37wrMjV%2FwerLTwnC3tooisPOdHCAi9RyKXPi412%2FfBP8b90Jz4WpX3uJNB4gdN2lTndq%2B7AMnzCJ2uRM5CWdhl82Ew4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e34463f947631b-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
polyfills.41024c9a7dec145da7b3.js
kfh-04.koco-robot.com/ 		187 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kfh-04.koco-robot.com/polyfills.41024c9a7dec145da7b3.js
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b829786ef6d81456941e1b7411a2c679c52793f7b2c14d55366516f5ed6d79d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 12:10:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 14:32:53 GMT
server
cloudflare
etag
W/"62583095-2ea68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwI6Y2WPpmLix3K9pPEXIa74glfJaJ7XhG6jmlTyk5vE2TiGwxNRnJRga2GtGyxbTZ9EdM9nUYSH1Tx57o9rSTE4KLep49Huo%2FbxH0IdljBAsE5qxU1DZTnFJ8dFAOfaG9TPJBAAdxp5lPP%2BuUVf4LnVv3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e34463f948631b-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scripts.606bc0b1b1acc6cafe0e.js
kfh-04.koco-robot.com/ 		2 MB
350 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kfh-04.koco-robot.com/scripts.606bc0b1b1acc6cafe0e.js
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56fe8d62f6968d1660efa03b37da62a8c4cf53acfa6a1a00ea3e2b2f526d74a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 12:10:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 14:32:53 GMT
server
cloudflare
etag
W/"62583095-19b213"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuGRc6M75riK2HLQQxpyJWtguPnyvwlS95S3ftc3UgStYebeWzPTd%2Bbr8z8SXwAQL8HV7Svg%2FMAbesle7TCkPSNowKLBEPWlfIFU%2FVpcDHKo0XXGre7W1KttGBCYviS6UEI0hu7SUcV2mxtY6egQkZYfuvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e34463f949631b-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.258ac2ba39767eabb425.js
kfh-04.koco-robot.com/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://kfh-04.koco-robot.com/main.258ac2ba39767eabb425.js
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f5c46b62e74508b30c7ce64ae39583bfbfb7a60b6d2e358b0d55f3b3b73f68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 12:10:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 14:32:53 GMT
server
cloudflare
etag
W/"62583095-96517c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9er0KYITGfcMEwS5sMgbYpiDtPZSsYsvCVLG1FMXt7QuarEFyvq0HzqjSWoh6a7lG042e6iJ5EKyetq%2BEREsgf%2FjHPnnbBWeL5iMz6OJP6PCQ4xlSOhKNMuZq%2FiMbz%2BORsgVm1bk6CQc2uNUDsaBzXza9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e34463f94a631b-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kfh-04.koco-robot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:11:13 GMT
x-content-type-options
nosniff
age
485971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 21:11:13 GMT
openid-configuration
login.microsoftonline.com/tfp/kolektordigital.onmicrosoft.com/b2c_1_signin1/v2.0/.well-known/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/tfp/kolektordigital.onmicrosoft.com/b2c_1_signin1/v2.0/.well-known/openid-configuration
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/polyfills.41024c9a7dec145da7b3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.26.133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kfh-04.koco-robot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sun, 21 Aug 2022 12:10:46 GMT
x-ms-gateway-requestid
aa2b2866-207b-4b43-aff7-cd9016002438
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kfh-04.koco-robot.com
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS, TRACE, GET, HEAD, POST
Content-Length
1363
X-XSS-Protection
1; mode=block
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kfh-04.koco-robot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:42:34 GMT
x-content-type-options
nosniff
age
419291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 15:42:34 GMT
Primary Request authorize
login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/
Redirect Chain
  • https://login.microsoftonline.com/te/kolektordigital.onmicrosoft.com/b2c_1_signin1/oauth2/v2.0/authorize?response_type=id_token&scope=openid%20profile&client_id=cad29921-e7b2-4108-bc0e-d3bc7bb10efb...
  • https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantr...
46 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantredirect%2fauthresp&response_type=id_token&scope=email+openid&response_mode=query&nonce=amHylD0h5iGvzwtZCumhag%3d%3d&nux=1&nca=1&domain_hint=kolektordigital.onmicrosoft.com&mkt=en-US&lc=1033&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTFhOWE2NzQtYmMwZC00OTRjLWEzZTQtNWVkNjBkYmY5M2I0IiwiVElEIjoiZTVhZDhmZDEtM2YxMC00ODFkLWI5MTgtMGIwNGViYWZjNTA5IiwiVE9JRCI6IjA3MTk1MjBjLWM0NDUtNGE5MS05ODQ3LTZlOWM1ZTM2ZTFjMyJ9
Requested by
Host: kfh-04.koco-robot.com
URL: https://kfh-04.koco-robot.com/main.258ac2ba39767eabb425.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.26.133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kfh-04.koco-robot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
112204
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Aug 2022 12:10:50 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server
2.1.13481.11 - NEULR1 ProdSlices
x-ms-request-id
9c071c74-4d2c-41a7-b12f-7ef8f44d4900

Redirect headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Length
772
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Aug 2022 12:10:49 GMT
Location
https://login.microsoftonline.com/kolektordigital.onmicrosoft.com/oauth2/authorize?client_id=bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fte%2ftenantredirect%2fauthresp&response_type=id_token&scope=email+openid&response_mode=query&nonce=amHylD0h5iGvzwtZCumhag%3d%3d&nux=1&nca=1&domain_hint=kolektordigital.onmicrosoft.com&mkt=en-US&lc=1033&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTFhOWE2NzQtYmMwZC00OTRjLWEzZTQtNWVkNjBkYmY5M2I0IiwiVElEIjoiZTVhZDhmZDEtM2YxMC00ODFkLWI5MTgtMGIwNGViYWZjNTA5IiwiVE9JRCI6IjA3MTk1MjBjLWM0NDUtNGE5MS05ODQ3LTZlOWM1ZTM2ZTFjMyJ9
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
959c554b-bbf9-4ef0-a16b-529400ffe420

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

5 Cookies

Domain/Path Name / Value
.login.microsoftonline.com/ Name: x-ms-cpim-rc:91a9a674-bc0d-494c-a3e4-5ed60dbf93b4
Value: OVJWbjg0elYrOHdrMlk3NVNqQmZuQUFGUTE2VGNzTStnMThEcWpmVHdBcWxBTlRFZmtFTHkyNXhnZFFJMzZidG1EUzVrN2taa3VyeVRYQnMzWFlMT3c9PTsyMDIyLTA4LTIxVDEyOjEwOjUwLjA2ODA3NTNaO0ZoWDF6RXZ5YTFuUDdRZTQ0V1gwRVE9PTt7IlRhcmdldEVudGl0eSI6IlNpZ25JbldpdGhMb2dvbk5hbWVFeGNoYW5nZSIsIk9yY2hlc3RyYXRpb25TdGVwIjoyfQ==
.login.microsoftonline.com/ Name: x-ms-cpim-cache|0y-t5ra_hui5gase66_fcq_0
Value: m1.rMpCnLvUpUozke7+.Pk47cPBgfEsGPBZzYLyY2A==.0.VqRvW4nNSYz+ug4zedx+RECJZJjE9tix8akVUsYv3LP1ZddLKpHLjDVEdDUY4AmpqKEbToo3CcDkWT8y+xX+jm0Ss4E8TaeIdFOQ04YFC3PF8yxe9UOzgMBXjouwMyNM8MMx5VyMFcy5onaHBgDHi8x7fKOJATEQZLrpxcPtw8tXvg0ZGqmwgVJZJfO8dQe19Mn1Mrp2iKBCTHlEuHSdsHcCpfCweMXWjpQreH71WkJJdfDkYnQUsMrFsjcHX9qoxQ5H6biOr/UNWpq07ewwHZeRVIpGbU8s++tMvuTa5vb3K35vmWTYoX97SNevcA0EUlO8BZyUDqbKj3wFWvU88NSzcATxKd9WcscYfNnfhp1pH4M3uacWb04bxEnYmtbVkCYqMUiPNM8+vNcJAKbECFapQo8PgVyIVtIj7DbIp3ZiZkRps+RUUt/H1oPPJ/AUdCpt4aJnwu2ThJ0ikQZOIrAt5hBQJSlPvsYrqpi/LvaHufj5P3Hkmuop4IQlNDoHdPYtqyDBAo5VVlN8aktVscA5+i/SNE1jQLv/5+gJXOAqUZpCa/d9/ZMi39LGhl5S7/gu3ImxEqxCj6k6h0JaPlfdX+lAih8AUxFTCNiUSy7Jbb5cikgBsd3V+F/zrXwwAqmeNaiFozT1NuoNMj0CK1oCqv5jaH0OE3FUqB0xjNzpGhpsy5Dbqqlzz0rawaY/y+EBAnPx+w869T9UcC0/WnpzvTzLYJrcMETEHbOc00nrZzBuhcE2gAG7umXHD46OkNq/4M2HOHZLXfvOSikWuJ/I2sNDqHo2Hh6f8NrWfAdySWaI1JkLxBKYOEMCzel7sczEPobm/ClAfSdzdNeM+JBey+gIIwHAeF10NiSRmNY3qpry1K7Two5QJz7axs8OgDGIGLgOnlYIRqQi2LR8S64SvnLn
.login.microsoftonline.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImU1YWQ4ZmQxLTNmMTAtNDgxZC1iOTE4LTBiMDRlYmFmYzUwOSIsIlQiOiJrb2xla3RvcmRpZ2l0YWwub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xX3NpZ25pbjEiLCJDIjoiY2FkMjk5MjEtZTdiMi00MTA4LWJjMGUtZDNiYzdiYjEwZWZiIiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6ImU1YWQ4ZmQxLTNmMTAtNDgxZC1iOTE4LTBiMDRlYmFmYzUwOSJ9
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: 001-000
login.microsoftonline.com/ Name: stsservicecookie
Value: cpim_te