fs.rank.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 137.135.210.201, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fs.rank.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 13th 2022. Valid for: a year.

This is the only time fs.rank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2603:1026:c0d... 2603:1026:c0d:72::8	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2603:1026:c0d... 2603:1026:c0d:81a::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.190.159.0 20.190.159.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	137.135.210.201 137.135.210.201	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2

1 2603:1026:c0d:72::8 (Frankfurt am Main, Germany) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autodiscover.grosvenorcasinos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:c0d:81a::2 (Frankfurt am Main, Germany) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

outlook.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.159.0 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.135.210.201 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fs.rank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	rank.com fs.rank.com	75 KB
2	microsoftonline.com 1 redirects login.microsoftonline.com — Cisco Umbrella Rank: 30	59 KB
1	office365.com 1 redirects outlook.office365.com — Cisco Umbrella Rank: 82	7 KB
1	grosvenorcasinos.com 1 redirects autodiscover.grosvenorcasinos.com	553 B
4	4

	Domain	Requested by
3	fs.rank.com	login.microsoftonline.com fs.rank.com
2	login.microsoftonline.com	1 redirects
1	outlook.office365.com	1 redirects
1	autodiscover.grosvenorcasinos.com	1 redirects
4	4

This site contains no links.

Subject Issuer	Validity	Valid
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-03-02` - `2024-03-02`	a year	crt.sh
fs.rank.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2023-08-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2
Frame ID: CB8BC401F2CEEAC7A58F452C7F7343D6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

http://autodiscover.grosvenorcasinos.com/ HTTP 301
https://outlook.office365.com/owa/?realm=grosvenorcasinos.com&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... HTTP 302
https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa... Page URL

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

131 kB
Transfer

228 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://autodiscover.grosvenorcasinos.com/ HTTP 301
https://outlook.office365.com/owa/?realm=grosvenorcasinos.com&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof Page URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof&sso_reload=true HTTP 302
https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://autodiscover.grosvenorcasinos.com/ HTTP 301
https://outlook.office365.com/owa/?realm=grosvenorcasinos.com&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

authorize Show response
login.microsoftonline.com/common/oauth2/
Redirect Chain

http://autodiscover.grosvenorcasinos.com/
https://outlook.office365.com/owa/?realm=grosvenorcasinos.com&vd=autodiscover
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...

153 KB
55 KB

199ms
71ms

Document
text/html

20.190.159.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.159.0 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

6d90f3f72216ccc79fd40b27847395a9bead9ae585e3f60f088e28b2eef5cff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55745
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 18:25:36 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.15175.9 - WEULR2 ProdSlices
x-ms-request-id: e8afd25d-3fdf-41ed-a2e1-59feb70d0f00

Redirect headers

Alt-Svc: h3=":443",h3-29=":443"
Content-Length: 875
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 18:25:35 GMT
Location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HHN"}],"include_subdomains":true}
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-BEServer: FR2P281MB2857
X-BackEnd-Begin: 2023-04-26T18:25:36.647
X-BackEnd-End: 2023-04-26T18:25:36.647
X-BackEndHttpStatus: 302 302
X-BeSku: WCS7
X-CalculatedBETarget: FR2P281MB2857.DEUP281.PROD.OUTLOOK.COM
X-CalculatedFETarget: FR2P281CU003.internal.outlook.com
X-Content-Type-Options: nosniff
X-DiagInfo: FR2P281MB2857
X-FEEFZInfo: HHN
X-FEProxyInfo: FR3P281CA0081.DEUP281.PROD.OUTLOOK.COM
X-FEServer: FR2P281CA0041 FR3P281CA0081
X-FirstHopCafeEFZ: HHN
X-IIDs: 0
X-OWA-DiagnosticsInfo: 1;0;0
X-Proxy-BackendServerStatus: 302
X-Proxy-RoutingCorrectness: 1
X-RUM-NotUpdateQueriedDbCopy: 1
X-RUM-NotUpdateQueriedPath: 1
X-RUM-Validated: 1
X-UA-Compatible: IE=EmulateIE7
request-id: 9651d4a2-27c4-eeed-67b5-0ce5675c12a7

GET
H/1.1

200
OK

Primary Request / Show response
fs.rank.com/adfs/ls/
Redirect Chain

https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA...

17 KB
18 KB

240ms
94ms

Document
text/html

137.135.210.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

137.135.210.201 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

8b88a12fc338826b8080fb27e8c6fe99437eafb5c3dab73177185715601b410c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=grosvenorcasinos.com&nonce=638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62&state=DctNDsIgEEBh0Lu4owWGTGHReBaGH9PEdhJQvL4svrd7Ughxn26T1DNiQ_DGG9AAiG4DbdwCNZuSKKhItShnAymqwarkqg9oiDJaOV-98i-uz1bi-9xfjfsoF7cU-3FxXxKfj5H3-P1wPnriUdof
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store
Content-Length: 17707
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 18:25:37 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-frame-options: DENY

Redirect headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 912
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 18:25:36 GMT
Expires: -1
Location: https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2#
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.15175.9 - NEULR2 ProdSlices
x-ms-request-id: 2804f3d7-63ed-4b3d-8f2e-04ff5f1c1000

GET
H/1.1 200
OK style.css
fs.rank.com/adfs/portal/css/ 8 KB
8 KB 48ms
47ms Stylesheet
text/css 137.135.210.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.rank.com/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Requested by: Host: fs.rank.com
URL: https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 137.135.210.201 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: Fri, 26 May 2023 18:25:37 GMT
Date: Wed, 26 Apr 2023 18:25:37 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Content-Length: 7812
Content-Type: text/css

GET
H/1.1 200
OK illustration.png
fs.rank.com/adfs/portal/illustration/ 49 KB
50 KB 52ms
51ms Image
image/png 137.135.210.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.rank.com/adfs/portal/illustration/illustration.png?id=440C9507F5F936A19568298B38E3348D042CB33AF8A2042834983CE1BA2A17DB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 137.135.210.201 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 440c9507f5f936a19568298b38e3348d042cb33af8a2042834983ce1ba2a17db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.rank.com/adfs/ls/?client-request-id=9651d4a2-27c4-eeed-67b5-0ce5675c12a7&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE9aBNxAMXv30vPtlYbioODgxyCUr0kd_fvJRfokOby0SSkSduk9Ytw33e53P2T-8hX6e4idhCHjkUQOgqCdHJw6hRBEDqJoJRCRXRx0wYXx_6Gx4M3PHhvAacjdPJW7B8MNVYqpmk0Jatj9x_u_Ex4_2P1xfvbZ9_1N7Nf9Ufzr_bANd1FXld1kCuLnukgLyIj-wCQhu-3vWQ0igK_hZAVQZpmyirLLY7zKOqJ0bcAjAA4AeBgIs6xCTpBszGW5TgYZ2M0jLCaQquyxFOipKkUZHiJkjSeoWSoJXiOliSFY44n5lZTgW8wY0GuOVR_TkxryLUbbeT5e_hzIMh-WfBW9Exm2YiVAoh6m7mNXH5NXRZzeb6SUYxCtVuCXtdV4jXd6DsMt0ELZbPaEHI5PpUyc1CQlF66_CBYLxaNFX_dcFIDu9MTXauj88gUCuJqneITJhUMacmk-L7W1DyUjcs1is32t_pFrbmYZ6kK3as4rllTkHaAX2jv1zhxPpWNnCOcQG3VMZVRCHwOgdPQbAxPTk3NhLHr2E3sdwjsT55f8-lX6M6ZvFR8Fgn9adwIY0eTUSuuB3Ur20lDvlaDrbRqpbYUtNqEsNCsMKVWfYDkAcvGs8P7SzBJ7xJglyAOiekpPIyReLpCnxDgBwGeXMIOpy9w6OgyOJ6FM4TcEk3bm1_YJk2l4SNLdcjkNtm3vYYsj11XbAWqRyYfkucV5OOdnZ13V7DfV799efn0cPThLH86dy_fsTaHxXLTX1fX3J7VUkp1PTu46_pCChaFgmcbHa_a7iuCmln6Cw2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: Fri, 26 May 2023 18:25:37 GMT
Date: Wed, 26 Apr 2023 18:25:37 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 440C9507F5F936A19568298B38E3348D042CB33AF8A2042834983CE1BA2A17DB
Content-Length: 50679
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
outlook.office365.com/	1970-01-20 20:09:15	Name: ClientId Value: A88BE71179EF4C2B9A9F1AA5F73331EA
outlook.office365.com/	1970-01-20 15:45:44	Name: OIDC Value: 1
outlook.office365.com/	1969-12-31 23:59:59	Name: domainName Value: grosvenorcasinos.com
outlook.office365.com/	1970-01-20 11:22:17	Name: OpenIdConnect.nonce.v3.Ldu0XjIeebAZo36YbaJ-o2Qz5eV3a-lGT5yU9E3KUm0 Value: 638181303366473014.3fd1ecb9-abfe-429b-bf92-c4f8961bbd62
outlook.office365.com/	1970-01-20 11:22:35	Name: X-OWA-RedirectHistory Value: ArLym14BNlV0oYNG2wg
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 11:22:13	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 12:05:25	Name: buid Value: 0.AREAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrqJ6weD7rgYdkwDdIZS7xKQ8YnAezYMzbENMPXO4CJDRVVcYmCtNy8_6P7jhAjxHOizmqbAUf06876GRQETKCkeCOqy4IyHTZj34v-mL-VDEgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevryXF7c0N6g_DuO9gZ5VodaluCkt_2cl-bP_9mog_JsH410DKwFiUsVhj_ZGqFHglscIUFsL-vWhbZH5vEOIh22cQdNDIAffkns91At1yVGM8wQWHWZw8NTtgkt2RInlQnkXymJSKV7CPMruORVmNTwpSJ8J-EmzjYIJXTlYYr9DY3osicTsGIr9yjMEAUTkDBnUX0zGIO_WpPj1ZYhlGzWrr3USVpkidNf7AHWem4hWpS6LSg50VivjuRNHEv00vTKc45d86wX12rjvkc-YCnD9j485jLjM9duzs-ItbS1bu-02uKNish4tBQdCln24nkkCK4BSHtMdx3GUVncHtQyqbZHUwkOTkYC_KIfTDl43HWEnC2rAXK8z4ojwwpD59h_yOzwRMJA8juQpPdElPNCKJ4YVyNr2TS5Rox4441zeDU8uMO5moNLT7O7fgy8gwgftjoaU4TqsgJRPDpMdLmJnUh4ZDxrL1Co_W9b0SL0og_Js5IBqgAa-IyZCVrjgtG55gumRjWf489Pd1mMvRInxQu4WFtHkbAbUO1F-FHX7otd8bX3H-Kz-ZjJz4eMhEVITTsMjazwIEgb2QfVbq038kfqqbLo5Ahbv6mYqSINAOMXshU1qTw2RFiQF-1Ii4Qxv8o5e0fgAX-kGLSk3xMzSOMoGj01lcpyvss-V4nwRMgAA
login.microsoftonline.com/	1970-01-20 12:05:25	Name: fpc Value: AiiWjXGZx_VKp3yunkcWgOCerOTJAQAAAKBj29sOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr1fDDG84OJg49R1tftT0P-D7IyziPZX9g02eGno1-T9nNU8Gz8a01LaH80loOJtJYnnIzEoZu449h6cFPze9PsSXA2rYWkazcgH1IlcIqrapOqobJaM1KLbiqP7eswL6M-2c8Q5lBTHwlCap-P261RsxutiFTeTSR_aJ0pfNVhCEgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: cltm Value: CgAQABoAIgQIDBAF

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

autodiscover.grosvenorcasinos.com
fs.rank.com
login.microsoftonline.com
outlook.office365.com
137.135.210.201
20.190.159.0
2603:1026:c0d:72::8
2603:1026:c0d:81a::2
440c9507f5f936a19568298b38e3348d042cb33af8a2042834983ce1ba2a17db
6d90f3f72216ccc79fd40b27847395a9bead9ae585e3f60f088e28b2eef5cff8
8b88a12fc338826b8080fb27e8c6fe99437eafb5c3dab73177185715601b410c
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99

fs.rank.com Open in urlscan Pro 137.135.210.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

131 kBTransfer

228 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

14 Cookies

Security Headers

Indicators

fs.rank.com Open in urlscan Pro
137.135.210.201 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

131 kB
Transfer

228 kB
Size

14
Cookies

4 HTTP transactions
0 data transactions