![](/screenshots/980eecda-d437-471d-bcba-f3d43076793e.png)
login.microsoftonline.com
Open in
urlscan Pro
2603:1026:3000:150::8
Public Scan
Effective URL: https://login.microsoftonline.com/40deb382-ae66-45c8-80a9-9ddf1a0c4fcd/saml2?SAMLRequest=fVLLjpswFN3nKxB7gzEOBiuJlE76iJQm0STtopvKm...
Submission Tags: phishingrod
Submission: On July 09 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 144.178.203.39 144.178.203.39 | 39686 (ASN-EUROF...) (ASN-EUROFIBER) | |
2 | 2603:1026:300... 2603:1026:3000:150::8 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | 15133 (EDGECAST) (EDGECAST) | |
1 | 20.190.159.4 20.190.159.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2603:1026:300... 2603:1026:3000:148::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
31 | 6 |
ASN39686 (ASN-EUROFIBER, NL)
PTR: 144-178-203-39.static.ef-service.nl
portal.ocinitrogen.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
ocinitrogen.com
portal.ocinitrogen.com |
717 KB |
9 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 2214 |
318 KB |
3 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 6431 |
275 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 15 |
17 KB |
1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1013 |
1 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 37 |
|
31 | 6 |
Domain | Requested by | |
---|---|---|
15 | portal.ocinitrogen.com |
portal.ocinitrogen.com
|
9 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
3 | aadcdn.msftauthimages.net | |
2 | login.microsoftonline.com |
portal.ocinitrogen.com
aadcdn.msftauth.net |
1 | autologon.microsoftazuread-sso.com | |
1 | login.live.com |
login.microsoftonline.com
|
31 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
portal.ocinitrogen.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-04 - 2024-07-14 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2024-05-25 - 2025-05-25 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-09 - 2025-05-09 |
a year | crt.sh |
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 07 |
2024-05-12 - 2025-05-07 |
a year | crt.sh |
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/40deb382-ae66-45c8-80a9-9ddf1a0c4fcd/saml2?SAMLRequest=fVLLjpswFN3nKxB7gzEOBiuJlE76iJQm0STtopvKmEvGEtjUNn38fcFpNZ1F5%2B7u4xydc%2ByVE3038O3on%2FQjfBvB%2BUUU%2Few77XhYrePRam6EU45r0YPjXvLL9uOBkwTzwRpvpOniF6DXMcI5sF4ZPYP2u3V8Or49nN7vj18ZVGUugQiaUZAFtCWjS8oACJmahlQsz4DlzQz8DNZNHOt4ogxEzo2w184L7achJhRhhnB1xSXPMp4vv8xXu8mf0sIH5JP3g%2BNp2pmb0kmvpDXOtN7oTmlIpOlTihuo85IgAUWB6FKWqMSiQlXTtJnAkraySWfHZCY%2F%2FwnjjdKN0rfXU6jvR45%2FuF7P6Hy6XGeK7d9sHox2Yw%2F2Ava7kvDp8fCsdzDWiy4xUmnlrbmBDmLFoIKWNN5MTFG0mhsecrEbN2he1xlgKhiqcpojWjCGRIsrRGqWl1O2VbGUq%2FRf1DPPwI%2BThf3ubDolf4X5XO%2BM7YX%2Fv9MsycJENagNp3zUbgCpWgXhGe%2B17Trz48GC8LCOvR0hjtLNYnEX8%2FJ3bn4D&RelayState=%2F
Frame ID: 87BD6679AF43CB3464C79342E27FC9F7
Requests: 31 HTTP requests in this frame
Screenshot
![](/screenshots/980eecda-d437-471d-bcba-f3d43076793e.png)
Page Title
Aanmelden bij uw accountPage URL History Show full URLs
- https://portal.ocinitrogen.com/ Page URL
- https://login.microsoftonline.com/40deb382-ae66-45c8-80a9-9ddf1a0c4fcd/saml2?SAMLRequest=fVLLjpswFN3nKxB7gzEOB... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://portal.ocinitrogen.com/ Page URL
- https://login.microsoftonline.com/40deb382-ae66-45c8-80a9-9ddf1a0c4fcd/saml2?SAMLRequest=fVLLjpswFN3nKxB7gzEOBiuJlE76iJQm0STtopvKmEvGEtjUNn38fcFpNZ1F5%2B7u4xydc%2ByVE3038O3on%2FQjfBvB%2BUUU%2Few77XhYrePRam6EU45r0YPjXvLL9uOBkwTzwRpvpOniF6DXMcI5sF4ZPYP2u3V8Or49nN7vj18ZVGUugQiaUZAFtCWjS8oACJmahlQsz4DlzQz8DNZNHOt4ogxEzo2w184L7achJhRhhnB1xSXPMp4vv8xXu8mf0sIH5JP3g%2BNp2pmb0kmvpDXOtN7oTmlIpOlTihuo85IgAUWB6FKWqMSiQlXTtJnAkraySWfHZCY%2F%2FwnjjdKN0rfXU6jvR45%2FuF7P6Hy6XGeK7d9sHox2Yw%2F2Ava7kvDp8fCsdzDWiy4xUmnlrbmBDmLFoIKWNN5MTFG0mhsecrEbN2he1xlgKhiqcpojWjCGRIsrRGqWl1O2VbGUq%2FRf1DPPwI%2BThf3ubDolf4X5XO%2BM7YX%2Fv9MsycJENagNp3zUbgCpWgXhGe%2B17Trz48GC8LCOvR0hjtLNYnEX8%2FJ3bn4D&RelayState=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
portal.ocinitrogen.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.183d375ca9442f8e.js
portal.ocinitrogen.com/nl/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.63a306ed4ae535f2.js
portal.ocinitrogen.com/nl/ |
34 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.50d2f1ba0213ea71.js
portal.ocinitrogen.com/nl/ |
383 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.f0b7517e03b82f16.js
portal.ocinitrogen.com/nl/ |
1 MB 425 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.ec035e7dca6af567.css
portal.ocinitrogen.com/nl/ |
64 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
portal.ocinitrogen.com/api/v2/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Open-Sans-regular.woff2
portal.ocinitrogen.com/assets/fonts/Open-Sans-regular/ |
67 KB 68 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
portal.ocinitrogen.com/api/v2/sessions/current/ |
0 261 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
portal.ocinitrogen.com/api/v2/branding/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
portal.ocinitrogen.com/api/v2/configuration-info/ |
256 B 979 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Open-Sans-300.woff2
portal.ocinitrogen.com/assets/fonts/Open-Sans-300/ |
64 KB 65 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
portal.ocinitrogen.com/api/v2/branding/generate-pre-auth-url/ |
707 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
portal.ocinitrogen.com/api/v2/branding-images/3/image/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
saml2
login.microsoftonline.com/40deb382-ae66-45c8-80a9-9ddf1a0c4fcd/ |
40 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon-32.png
portal.ocinitrogen.com/ |
654 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
438 KB 119 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-nl.min_yenl8zdj_ofjac_ylkbd8g2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
58 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
397 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon
aadcdn.msftauthimages.net/c1c6b6c8-8gzvm6mzpt-awpevskti0cl5bpyj67pvwcaafoysssg/logintenantbranding/0/ |
676 B 1 KB |
Other
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-8gzvm6mzpt-awpevskti0cl5bpyj67pvwcaafoysssg/logintenantbranding/0/ |
268 KB 268 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-8gzvm6mzpt-awpevskti0cl5bpyj67pvwcaafoysssg/logintenantbranding/0/ |
5 KB 6 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/40deb382-ae66-45c8-80a9-9ddf1a0c4fcd/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 647 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 784 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6c7dc46bb93924417b57 boolean| __convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2 boolean| __convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
portal.ocinitrogen.com/ | Name: locale Value: nl |
|
login.microsoftonline.com/ | Name: buid Value: 0.AXMAgrPeQGauyEWAqZ3fGgxPzacEHrtDk3dGrwkrc4lzllxzAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY86N-6ACH_T5Zlka2Z0OHqeWVS4V4qo8_L8d-X6QEOFNlBeJR7F_zACAHB-p7pOLb4rtXnIg8P-8YMDlDxnfUDcSpwInug9cny-DFHxzlvu0gAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYTtbnddoVT2ZYNrj8CItoZ5h--qj4EKkDC0RvQ6VAkdk1eeIdrtzCNlLXaxnh8M98Nc-otfVfbLfddV4Lyv9sZBWrnJ0HRdXmLMD08-lSnZkSqbvZL17yFxFSA3q2kYK92mCTRnTOi3LZt8HrLs45MCPzprAYHpn4u-77kb4kbY0gAA |
|
.login.microsoftonline.com/ | Name: esctx-pUOBlniBinA Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYnnxJcP2b72j7L96KEROTgNDhyTPacDtEjiwbHPi8LAbyv6y0pcIQIsTIGC3XoX8Eqm6FzIEnf_yJlVhW1Qj6bieVBDseqVWKmCfeRTtmkagBkxDKq4_1Ag9kUExO1591KXD9ViSUB2LYJk02O-Jt0yAA |
|
login.microsoftonline.com/ | Name: fpc Value: ArpZgudKrfJHg_00kWqwgsXLcEI9AQAAALjnHt4OAAAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
|
.login.live.com/ | Name: uaid Value: 35533db4564d411e9fa9e34a71bbabc5 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1720512696&co=1 |
|
autologon.microsoftazuread-sso.com/ | Name: fpc Value: AlvcBZk2cIJDm6ITvSimnR8 |
|
autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | connect-src 'self' wss://portal.ocinitrogen.com blob: data:; default-src 'none'; font-src 'self'; frame-src 'self'; img-src 'self' data:; manifest-src 'self'; media-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
portal.ocinitrogen.com
144.178.203.39
20.190.159.4
2603:1026:3000:148::7
2603:1026:3000:150::8
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
1047223f59910d429fc60ba59256e32dcbe016bb33d5a39412e99fe1d29f0e78
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
25d9cd9543c049e2bb77f968de536295538be1a06453e78a7bfb853e6e30cf67
432531714a6235282422e3e0c70b1dd29d8f0a02a4e9f295d5627313769a7329
6ccb8269bb7f5b0bc2cdea95c73f0d9bbae8d06d1264a2c13d3bf39722c6ffaf
702d966db30125cfbfc7c5daafa5da22a9e20a5482f9885fc8efba11433fa622
7845474e1319449b0e2dbd3817dba373f70d29022e319ff3f2664f50cf01f1df
81d3bf3cc3e7293e4ccc540868a49a433457497921d4c573825fd6340d4ff079
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
961b9502d12e9cef712de92636ff86ec121cba4a56f67960386c9354f3e788cd
99ab9b30f5e954936975948d2b4e590b2e9c8f9ecd08acd41aaf27faa2fcaf86
9ad7e492ffd2f24782098d73321c88653aaeede295f0d9c394da67eaf98ae2cf
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb
bb8f9319bf8edc7ff084b8ad77268d3cd6c8e044d3713ed96db7326e05bd3932
c2bd443fb2b554fb28a5c216387d279f22b49a92f6d495d9eb35871a50931b96
c53241bbddb27dfe368cbdd01fb3a72b160bd91850d48a7f07ff01d0d1748fbb
c765dd9f9651af51d254a3123a59df5c729a39fdb771371cf99fc5512931d677
cc4fdd472546e312fffd7943f0839e6a0220be9cc8a66832a53ad049b4519403
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81aa2e0f526788668546740523c66d00b6ab8e814e8a014632b6eb354ecccad
ecec2327136b458840b95560f60070ef91522db624644ef14abe6edac5420635
f3d6ac1801feafc2cb6d94f9ad94c4742c5e6b79ed02ad589e308a50a7619f49