login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fbfs.pm.beyondtrustcloud.com/
Effective URL:
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c67...
Submission: On May 03 via api (May 3rd 2024, 8:26:30 am UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 2603:1026:3000:148::7, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 4th 2024. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 20	40.78.177.34 40.78.177.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.190.35.221 35.190.35.221	15169 (GOOGLE) (GOOGLE)
5	35.184.35.160 35.184.35.160	15169 (GOOGLE) (GOOGLE)
3	2603:1026:300... 2603:1026:3000:148::7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:48:1... 2620:1ec:48:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef	() ()
32	7

20 40.78.177.34 (Des Moines, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fbfs.pm.beyondtrustcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbfs-services.pm.beyondtrustcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.35.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.35.190.35.bc.googleusercontent.com

web-sdk.aptrinsic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.184.35.160 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 160.35.184.35.bc.googleusercontent.com

esp.aptrinsic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1026:3000:148::7 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (None, )

ASN- ()

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	beyondtrustcloud.com 3 redirects fbfs.pm.beyondtrustcloud.com fbfs-services.pm.beyondtrustcloud.com	3 MB
7	aptrinsic.com web-sdk.aptrinsic.com — Cisco Umbrella Rank: 4211 esp.aptrinsic.com — Cisco Umbrella Rank: 2171	259 KB
3	msftauth.net aadcdn.msftauth.net	37 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 10	30 KB
1	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 892	49 KB
0	live.com Failed login.live.com Failed
32	6

	Domain	Requested by
13	fbfs.pm.beyondtrustcloud.com	fbfs.pm.beyondtrustcloud.com
7	fbfs-services.pm.beyondtrustcloud.com	3 redirects fbfs.pm.beyondtrustcloud.com
5	esp.aptrinsic.com	web-sdk.aptrinsic.com fbfs.pm.beyondtrustcloud.com
3	aadcdn.msftauth.net	login.microsoftonline.com
3	login.microsoftonline.com	fbfs.pm.beyondtrustcloud.com aadcdn.msauth.net
2	web-sdk.aptrinsic.com	fbfs.pm.beyondtrustcloud.com web-sdk.aptrinsic.com
1	aadcdn.msauth.net	login.microsoftonline.com
0	login.live.com Failed	login.microsoftonline.com
32	8

This site contains no links.

Subject Issuer	Validity	Valid
*.pm.beyondtrustcloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-18` - `2025-03-18`	a year	crt.sh
*.aptrinsic.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-03-28`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2024-04-04` - `2025-04-04`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-04-30` - `2025-04-30`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0&sso_reload=true
Frame ID: 8515952027D2B129706EC0D37F77D3BB
Requests: 31 HTTP requests in this frame

Frame: https://fbfs.pm.beyondtrustcloud.com/silent-renew.html?error=login_required&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&session_state=PlUKKpGZltzpE7hok2HLWoidVMR-gHOjCsMtXtOdZq8.2AE5141B31D6962256FB91B44C8EA4CA
Frame ID: 95B07E3B366575F3EB25B1A9041AC72C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fbfs.pm.beyondtrustcloud.com/ Page URL
https://fbfs-services.pm.beyondtrustcloud.com/oauth/connect/authorize?client_id=ic3-portal-js&redirect_uri=https%3A%2F%2Ff... HTTP 302
https://fbfs-services.pm.beyondtrustcloud.com/oauth/Account/Login?ReturnUrl=%2Foauth%2Fconnect%2Fauthorize%2Fcallback%3Fcl... HTTP 302
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de9... Page URL
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de9... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

32
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

3701 kB
Transfer

4724 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fbfs.pm.beyondtrustcloud.com/ Page URL
https://fbfs-services.pm.beyondtrustcloud.com/oauth/connect/authorize?client_id=ic3-portal-js&redirect_uri=https%3A%2F%2Ffbfs.pm.beyondtrustcloud.com%2Fcallback&response_type=code&scope=openid%20urn%3Aportal%20urn%3Aapi%3Areports%20urn%3Aapi%20urn%3Aapi%3Aconsole&nonce=07d8127828a2c7b621101e81824740f29eDhx1yB7&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&code_challenge=5AzTzTiOJrvPoPKUEsizkgX_8eOcY_cBmKyZ9cl_2Rg&code_challenge_method=S256 HTTP 302
https://fbfs-services.pm.beyondtrustcloud.com/oauth/Account/Login?ReturnUrl=%2Foauth%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dic3-portal-js%26redirect_uri%3Dhttps%253A%252F%252Ffbfs.pm.beyondtrustcloud.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520urn%253Aportal%2520urn%253Aapi%253Areports%2520urn%253Aapi%2520urn%253Aapi%253Aconsole%26nonce%3D07d8127828a2c7b621101e81824740f29eDhx1yB7%26state%3D55cccbd493f3bb9900209ac9011e7d1183nTUhzIS%26code_challenge%3D5AzTzTiOJrvPoPKUEsizkgX_8eOcY_cBmKyZ9cl_2Rg%26code_challenge_method%3DS256 HTTP 302
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0 Page URL
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://fbfs-services.pm.beyondtrustcloud.com/oauth/connect/authorize?client_id=ic3-portal-js&redirect_uri=https%3A%2F%2Ffbfs.pm.beyondtrustcloud.com%2Fsilent-renew.html&response_type=code&scope=openid%20urn%3Aportal%20urn%3Aapi%3Areports%20urn%3Aapi%20urn%3Aapi%3Aconsole&nonce=95e815f3f1b1c9ea70d9b070c6c6f09175DNlYPqA&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&code_challenge=0tp0_gRp0g-e3aMVIMyW9kG1iAjQuk3sUsodrA9cetg&code_challenge_method=S256&prompt=none HTTP 302
https://fbfs.pm.beyondtrustcloud.com/silent-renew.html?error=login_required&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&session_state=PlUKKpGZltzpE7hok2HLWoidVMR-gHOjCsMtXtOdZq8.2AE5141B31D6962256FB91B44C8EA4CA

Request Chain 24

https://fbfs-services.pm.beyondtrustcloud.com/oauth/connect/authorize?client_id=ic3-portal-js&redirect_uri=https%3A%2F%2Ffbfs.pm.beyondtrustcloud.com%2Fcallback&response_type=code&scope=openid%20urn%3Aportal%20urn%3Aapi%3Areports%20urn%3Aapi%20urn%3Aapi%3Aconsole&nonce=07d8127828a2c7b621101e81824740f29eDhx1yB7&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&code_challenge=5AzTzTiOJrvPoPKUEsizkgX_8eOcY_cBmKyZ9cl_2Rg&code_challenge_method=S256 HTTP 302
https://fbfs-services.pm.beyondtrustcloud.com/oauth/Account/Login?ReturnUrl=%2Foauth%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dic3-portal-js%26redirect_uri%3Dhttps%253A%252F%252Ffbfs.pm.beyondtrustcloud.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520urn%253Aportal%2520urn%253Aapi%253Areports%2520urn%253Aapi%2520urn%253Aapi%253Aconsole%26nonce%3D07d8127828a2c7b621101e81824740f29eDhx1yB7%26state%3D55cccbd493f3bb9900209ac9011e7d1183nTUhzIS%26code_challenge%3D5AzTzTiOJrvPoPKUEsizkgX_8eOcY_cBmKyZ9cl_2Rg%26code_challenge_method%3DS256 HTTP 302
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
fbfs.pm.beyondtrustcloud.com/ 22 KB
23 KB 1101ms
151ms Document
text/html 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ec424555c212feb1e3b5a3e7f75d363db8c6d82985e9aa21d818b419316732b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 22623
content-type: text/html
date: Fri, 03 May 2024 08:26:23 GMT
etag: "1da91fde7a5e95f"
expires: -1
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK all.min.css
fbfs.pm.beyondtrustcloud.com/assets/fontawesome/css/ 99 KB
100 KB 166ms
146ms Stylesheet
text/css 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/assets/fontawesome/css/all.min.css

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ccd819169e1ee3bf2b1cf1ec5711673d835ae146cef5807fd466fa3e333e9a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
etag: "1da91fde7a43dda"
x-download-options: noopen
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 101594
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK gainsight.js Show response
fbfs.pm.beyondtrustcloud.com/scripts/ 361 B
836 B 404ms
135ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/scripts/gainsight.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

088e9661860b1e4efd434a0b97e20fa9310b278622745ebc8712b8cbbc015d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 02:04:25 GMT
etag: "1da91fde70d1be9"
x-download-options: noopen
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 361
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK styles.3631072f2f5bec54.css
fbfs.pm.beyondtrustcloud.com/ 615 KB
615 KB 561ms
299ms Stylesheet
text/css 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/styles.3631072f2f5bec54.css

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9ab29336d6cdde003ab4ec8318b0f044cbd9c7d9ed7c2f05ead6ebed1f30bcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 02:04:25 GMT
etag: "1da91fde7048100"
x-download-options: noopen
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 629632
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK runtime.de82f0f1fdd0220e.js Show response
fbfs.pm.beyondtrustcloud.com/ 3 KB
4 KB 540ms
135ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/runtime.de82f0f1fdd0220e.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f485c0c2351a9b3d12f573ad40ad3a55d4af7adc8826db59219a5ff7728bc05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Origin: https://fbfs.pm.beyondtrustcloud.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-length: 3139
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 19 Apr 2024 02:04:25 GMT
etag: "1da91fde70d16c3"
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: -1

GET
H/1.1 200
OK polyfills.d08cf9e2ea741234.js Show response
fbfs.pm.beyondtrustcloud.com/ 33 KB
34 KB 547ms
137ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

44dcc88bf3581e5fc8978393098eb56bf607474e632e0da4060f1bcefb509a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Origin: https://fbfs.pm.beyondtrustcloud.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-length: 33900
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
etag: "1da91fde7a5356c"
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: -1

GET
H/1.1 200
OK scripts.22c69d749507d627.js Show response
fbfs.pm.beyondtrustcloud.com/ 179 KB
180 KB 148ms
148ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/scripts.22c69d749507d627.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b24f619672961285b59c182852cb775baaa3a08c844c1a3fc8b607cc79698ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 02:04:25 GMT
etag: "1da91fde70fd7b3"
x-download-options: noopen
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 183603
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK main.3a5d7fc1ae278b97.js Show response
fbfs.pm.beyondtrustcloud.com/ 2 MB
2 MB 553ms
138ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/main.3a5d7fc1ae278b97.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2590354ca62fd66cab7fa5f5e161fd4b1002a3c5b8da3212072ea42dd619d065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Origin: https://fbfs.pm.beyondtrustcloud.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 08:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-length: 1978728
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 19 Apr 2024 02:04:25 GMT
etag: "1da91fde7132be8"
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: -1

GET
H2 200 aptrinsic.js Show response
web-sdk.aptrinsic.com/api/ 606 KB
203 KB 76ms
22ms Script
application/javascript 35.190.35.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-ZHBCC4KREWQ6-2

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/scripts/gainsight.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.35.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.35.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

aa78adcf83390800bef97afdd9949cba6a6dcf6fe72b1b40d390da58c962e5f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;, max-age=3600;, max-age=3600;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600;, max-age=3600;, max-age=3600;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 May 2024 08:07:31 GMT
via: 1.1 google
age: 1133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207311
pragma: public
last-modified: Sat, 27 Apr 2024 09:56:26 GMT
server: nginx
etag: W/"662ccbca-97804"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=1200,public
expires: Fri, 03 May 2024 08:27:31 GMT

GET
H/1.1 200
OK AP-ZHBCC4KREWQ6-2 Show response
esp.aptrinsic.com/rte/v1/configuration/ 7 KB
8 KB 414ms
133ms XHR
application/json 35.184.35.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/configuration/AP-ZHBCC4KREWQ6-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-ZHBCC4KREWQ6-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ffde8f6a085950a85b8cc0082a9ce72a60adb832fd8a95142c643e38c38e5b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 08:26:25 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Application-Context: application:prod

GET
H2 200 style.css
web-sdk.aptrinsic.com/ 52 KB
10 KB 30ms
29ms Stylesheet
text/css 35.190.35.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.aptrinsic.com/style.css?a=AP-ZHBCC4KREWQ6-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-ZHBCC4KREWQ6-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.35.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.35.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

60ec4783f17368f6f08562b73fe100097a1735289a9de3f154ff98062b6ad7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;, max-age=3600;, max-age=3600;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600;, max-age=3600;, max-age=3600;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 May 2024 08:07:32 GMT
via: 1.1 google
age: 1133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10037
pragma: public
last-modified: Wed, 24 Apr 2024 13:32:45 GMT
server: nginx
etag: W/"662909fd-cea0"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=1200,public
expires: Fri, 03 May 2024 08:27:32 GMT

GET
H/1.1 200
OK command Show response
esp.aptrinsic.com/rte/v1/ 73 B
407 B 140ms
135ms XHR
application/json 35.184.35.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/command?p=AP-ZHBCC4KREWQ6-2&sv=0.53.0&v=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&ai=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&vt=0&s=AP-ZHBCC4KREWQ6-2-1714724785279-71282375&et=sessionInitialized&rf&sc=https%3A%2F%2F&ho=fbfs.pm.beyondtrustcloud.com&pa=%2F&q&ha&sch=1200&scw=1600&pt=PMC&ep=%7B%7D&cb=1714724785285-9911

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-ZHBCC4KREWQ6-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

69d8e505e7b05141c79d5f7087f2e994acb06e640dd1396aff73f96dc1d89b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 08:26:25 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK client Show response
esp.aptrinsic.com/rte/api/v1/feature/ 37 KB
37 KB 273ms
132ms XHR
application/json 35.184.35.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/api/v1/feature/client?p=AP-ZHBCC4KREWQ6-2&sv=0.53.0&v=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&ai=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&vt=0&s=AP-ZHBCC4KREWQ6-2-1714724785279-71282375&wsv=0.53.0&cb=1714724785285-4399

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-ZHBCC4KREWQ6-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3669722514c511767fc3b9023caebc5ce064754bf5d0df496333b3a1e12da6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 08:26:25 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK command Show response
esp.aptrinsic.com/rte/v1/ 73 B
407 B 394ms
130ms XHR
application/json 35.184.35.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/command?p=AP-ZHBCC4KREWQ6-2&sv=0.53.0&v=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&ai=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&vt=0&s=AP-ZHBCC4KREWQ6-2-1714724785279-71282375&et=pageview&rf&sc=https%3A%2F%2F&ho=fbfs.pm.beyondtrustcloud.com&pa=%2F&q&ha&sch=1200&scw=1600&pt=PMC&ep=%7B%7D&cb=1714724785293-3882

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-ZHBCC4KREWQ6-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

69d8e505e7b05141c79d5f7087f2e994acb06e640dd1396aff73f96dc1d89b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 08:26:25 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK en-US.json Show response
fbfs.pm.beyondtrustcloud.com/assets/i18n/ 110 KB
111 KB 142ms
142ms XHR
application/json 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/assets/i18n/en-US.json?cb=UNKNOWN

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8d5061ba269702a6cc67bb6432242d0124e18ca889b277ebb4c9b6a9443b91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
etag: "1da91fde7a40859"
x-download-options: noopen
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 112985
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK features Show response
fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/config/ 135 B
587 B 1290ms
244ms XHR
application/json 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/config/features

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

618c915e22bc8a5867d471f57fa1d00a5f10ec44e61ef14ec782553aaf9e9027

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:26 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
server: Kestrel
transfer-encoding: chunked
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK common.01eac2cff95169f4.js Show response
fbfs.pm.beyondtrustcloud.com/ 17 KB
18 KB 140ms
140ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/common.01eac2cff95169f4.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/runtime.de82f0f1fdd0220e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0f820e67b770e61aa565f44800dea49d4b1d8f0316da34ae26be5264da307e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Origin: https://fbfs.pm.beyondtrustcloud.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 08:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-length: 17695
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
etag: "1da91fde7a5f41f"
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: -1

GET
H/1.1 200
OK 361.410964047588cd05.js Show response
fbfs.pm.beyondtrustcloud.com/ 267 KB
268 KB 153ms
153ms Script
text/javascript 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/361.410964047588cd05.js

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/runtime.de82f0f1fdd0220e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b9ae5587ecf4716f6927484631a2e063524b250a0a14d6f8913c6c61aa8f8fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Origin: https://fbfs.pm.beyondtrustcloud.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 08:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-length: 273739
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
etag: "1da91fde7a19c4b"
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: -1

GET
H/1.1 204
No Content inapp Show response
esp.aptrinsic.com/rte/v1/ 0
257 B 133ms
133ms XHR
text/plain 35.184.35.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/inapp?p=AP-ZHBCC4KREWQ6-2&sv=0.53.0&v=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&ai=AP-ZHBCC4KREWQ6-2-1714724785277-29397639&vt=0&s=AP-ZHBCC4KREWQ6-2-1714724785279-71282375&sc=https%3A%2F%2F&ho=fbfs.pm.beyondtrustcloud.com&pa=%2F&q&ha&u=fbfs.pm.beyondtrustcloud.com%2F&gcx=%7B%7D&cb=1714724786048-8713

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 08:26:26 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 401
Unauthorized current Show response
fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/user/ 0
421 B 870ms
142ms XHR
text/plain 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/user/current

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:26 GMT
strict-transport-security: max-age=2592000
www-authenticate: Bearer
x-content-type-options: nosniff
server: Kestrel
x-frame-options: deny
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
fbfs.pm.beyondtrustcloud.com/ 31 KB
32 KB 145ms
145ms Other
image/x-icon 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aecb90238f054c7ce44cc8cc9a36ed1ffae047d24a9bf8d39e1e847119c17628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 02:04:26 GMT
etag: "1da91fde7a5cc26"
x-download-options: noopen
content-type: image/x-icon
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 32038
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK config Show response
fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/ 477 B
930 B 599ms
188ms XHR
application/json 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/config

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e08ca2eef7b8d79b88d5cd4b729c417a38fc2a191023c3cf8534e90dcf791e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
server: Kestrel
transfer-encoding: chunked
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK openid-configuration Show response
fbfs-services.pm.beyondtrustcloud.com/oauth/.well-known/ 5 KB
6 KB 275ms
274ms XHR
application/json 40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs-services.pm.beyondtrustcloud.com/oauth/.well-known/openid-configuration

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/polyfills.d08cf9e2ea741234.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

44462ec5e93ed1ac47d7e7e0a120346726ac1744378ec486bb0dfe0aecd7720b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://fbfs.pm.beyondtrustcloud.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json
Referer: https://fbfs.pm.beyondtrustcloud.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 08:26:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
x-frame-options: ALLOW-FROM https://fbfs.pm.beyondtrustcloud.com
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fbfs.pm.beyondtrustcloud.com
cache-control: no-cache, no-store

GET
H/1.1

200
OK

silent-renew.html
fbfs.pm.beyondtrustcloud.com/ Frame 95B0
Redirect Chain

https://fbfs-services.pm.beyondtrustcloud.com/oauth/connect/authorize?client_id=ic3-portal-js&redirect_uri=https%3A%2F%2Ffbfs.pm.beyondtrustcloud.com%2Fsilent-renew.html&response_type=code&scope=op...
https://fbfs.pm.beyondtrustcloud.com/silent-renew.html?error=login_required&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&session_state=PlUKKpGZltzpE7hok2HLWoidVMR-gHOjCsMtXtOdZq8.2AE5141B31D6962...

898 B
1 KB

145ms
145ms

Document
text/html

40.78.177.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fbfs.pm.beyondtrustcloud.com/silent-renew.html?error=login_required&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&session_state=PlUKKpGZltzpE7hok2HLWoidVMR-gHOjCsMtXtOdZq8.2AE5141B31D6962256FB91B44C8EA4CA

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/main.3a5d7fc1ae278b97.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.78.177.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://fbfs.pm.beyondtrustcloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 898
content-type: text/html
date: Fri, 03 May 2024 08:26:27 GMT
etag: "1da91fde70d1902"
expires: -1
last-modified: Fri, 19 Apr 2024 02:04:25 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store
content-length: 0
date: Fri, 03 May 2024 08:26:27 GMT
location: https://fbfs.pm.beyondtrustcloud.com/silent-renew.html?error=login_required&state=55cccbd493f3bb9900209ac9011e7d1183nTUhzIS&session_state=PlUKKpGZltzpE7hok2HLWoidVMR-gHOjCsMtXtOdZq8.2AE5141B31D6962256FB91B44C8EA4CA#_=_
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOW-FROM https://fbfs.pm.beyondtrustcloud.com

GET
H2

200

authorize Show response
login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/
Redirect Chain

https://fbfs-services.pm.beyondtrustcloud.com/oauth/connect/authorize?client_id=ic3-portal-js&redirect_uri=https%3A%2F%2Ffbfs.pm.beyondtrustcloud.com%2Fcallback&response_type=code&scope=openid%20ur...
https://fbfs-services.pm.beyondtrustcloud.com/oauth/Account/Login?ReturnUrl=%2Foauth%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dic3-portal-js%26redirect_uri%3Dhttps%253A%252F%252Ffbfs.pm.beyond...
https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.c...

21 KB
10 KB

305ms
143ms

Document
text/html

2603:1026:3000:148::7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0

Requested by

Host: fbfs.pm.beyondtrustcloud.com
URL: https://fbfs.pm.beyondtrustcloud.com/main.3a5d7fc1ae278b97.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:148::7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4782aecdaaf2b7a0089ef6c9eec655ae61879ab29d93a4811ade8372acfcdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://fbfs.pm.beyondtrustcloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
content-length: 9301
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 08:26:28 GMT
expires: -1
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-ms-clitelem: 1,50168,0,,
x-ms-ests-server: 2.1.17968.10 - SCUS ProdSlices
x-ms-request-id: 13a9be41-ae40-43b2-ad1d-cc9d83497600
x-ms-srs: 1.P
x-xss-protection: 0

Redirect headers

cache-control: no-cache, no-store
content-length: 0
date: Fri, 03 May 2024 08:26:28 GMT
location: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOW-FROM https://fbfs.pm.beyondtrustcloud.com

GET
H2 200 BssoInterrupt_Core_Ggyc2EJnCaHFrI6xkBPLcg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 138 KB
49 KB 196ms
45ms Script
application/x-javascript 2620:1ec:48:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Ggyc2EJnCaHFrI6xkBPLcg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 May 2024 08:26:29 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 49609
x-ms-lease-status: unlocked
last-modified: Mon, 01 Apr 2024 18:07:19 GMT
etag: 0x8DC527692402A16
x-azure-ref: 20240503T082629Z-16c994687bdlbvrrmc6w6qzg8s00000001r00000000032mg
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0713cb01-901e-0033-0b9c-9ab989000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H2 200 reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 30ms
29ms Ping
application/json 2603:1026:3000:148::7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1800&client-request-id=e5bebd30-5e4c-465d-affa-36375a2a6bf1&hpgrequestid=13a9be41-ae40-43b2-ad1d-cc9d83497600

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Ggyc2EJnCaHFrI6xkBPLcg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:148::7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 May 2024 08:26:28 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
content-security-policy-report-only: script-src 'self' 'nonce-tt_qFvffPB_xIUAHiYyR7Q' 'unsafe-eval' 'unsafe-inline' 'report-sample'; object-src 'none'; frame-src 'self' https://*.live.com https://*.office.com https://*.microsoft.com https://autologon.microsoftazuread-sso.com https://webshell.suite.office.com https://outlook.office365.com https://portal.azure.com https://signout.sharepoint.com https://portal.microsoftonline.com https://apps.powerapps.com https://admin.microsoft365.com https://account.activedirectory.windowsazure.com https://www.msn.com https://www.microsoftstart.com https://www.start.com https://jarvis-west-int-aux-tm.trafficmanager.net https://www.onenote.com https://admin.exchange.microsoft.com https://www.yammer.com https://web.yammer.com https://businesscentral.dynamics.com https://app.vssps.visualstudio.com https://o365spo-signout.sharepoint-df.com https://admin.teams.microsoft.com https://login.windows.net https://portal.rescueicm.com https://ccs.login.microsoftonline.com https://make.powerautomate.com https://insights.cloud.microsoft https://insights.viva.office.com; base-uri 'self'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
content-length: 265
x-xss-protection: 0
pragma: no-cache
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
content-type: application/json; charset=utf-8
x-ms-request-id: 89679419-a9ff-4054-85d8-d5799dfe4200
cache-control: no-store, no-cache
x-ms-ests-server: 2.1.17968.10 - WEULR1 ProdSlices
expires: -1

GET
H2 200 Primary Request authorize
login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/ 55 KB
19 KB 417ms
416ms Document
text/html 2603:1026:3000:148::7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Ggyc2EJnCaHFrI6xkBPLcg2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:148::7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
content-length: 18294
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 08:26:29 GMT
expires: -1
link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: DENY
x-ms-clitelem: 1,0,0,,
x-ms-ests-server: 2.1.17968.10 - SCUS ProdSlices
x-ms-request-id: 13a9be41-ae40-43b2-ad1d-cc9da1497600
x-ms-srs: 1.P
x-xss-protection: 0

GET
H2 200 converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 110 KB
20 KB 145ms
29ms Stylesheet
text/css 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef -, , ASN (),
Reverse DNS
Software: ECAcc (frc/4CBB) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 May 2024 08:26:30 GMT
content-encoding: gzip
content-md5: kqhA3D0Xczna4D/t8ioitQ==
age: 3473120
x-cache: HIT
content-length: 20314
x-ms-lease-status: unlocked
last-modified: Wed, 27 Dec 2023 18:19:21 GMT
server: ECAcc (frc/4CBB)
etag: 0x8DC070858CA028D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e56748d7-801e-0017-2a9d-7d3b0a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_IDwaQXicOTFiRVOQGoK9bQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 320 KB
0 147ms
31ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IDwaQXicOTFiRVOQGoK9bQ2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef -, , ASN (),
Reverse DNS
Software: ECAcc (frc/4CAE) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 May 2024 08:26:30 GMT
content-encoding: gzip
content-md5: B86dIybsPdvBpavR5Hlk6g==
age: 1831065
x-cache: HIT
content-length: 121286
x-ms-lease-status: unlocked
last-modified: Wed, 10 Apr 2024 19:54:09 GMT
server: ECAcc (frc/4CAE)
etag: 0x8DC5997FCCA1D18
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 48ea1e92-e01e-0011-6f8c-8cc106000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-de.min_424c1i9crqdf0lqqgcslza2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 60 KB
17 KB 146ms
31ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_424c1i9crqdf0lqqgcslza2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6196e5de-af8f-4f37-98f4-e5d9a91862c8/oauth2/authorize?client_id=68ddfeff-de96-49c3-9b45-55c49c670fce&redirect_uri=https%3A%2F%2Ffbfs-services.pm.beyondtrustcloud.com%2Foauth%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=3pfRY7-sv8hldgTB_I_nxvmG1S7M-gHl76uZCeQUixU&code_challenge_method=S256&response_mode=form_post&nonce=638503215890707854.MDMwNzRjNjQtNzQzYy00MWJlLWE0MTQtOTNhN2ZiYTZhNTAzYTYxZTMxY2ItNDZkMS00OGU1LWE2MWUtM2MxODg4NDk5ODZj&state=CfDJ8PzbrRR0A_9Pn5bUkrjIHZRKOb_k1i7OV7eq21gSHdH7fIMmvw8b1fmJfqJssEynuIHmkoXX82slEpY5U9jiw5-iedwtJcQdQq_raqnoEn3PuEvVlFZIXQUXjHJ9825a1ttNd1U57w5gmkj_UW0j9fNgyMcT6iR0uTnzSrxXqkFQHFf6snT10XfdJ-st-1HiNTccpmv_8OIPwi0yVtj3FJ9b88ztgf5qAoQ88bVwrr2ItH7Kll55_sXNZ9j8485Qt_Vt2yJdUojeOYhoBPsw1fm_g0NNhmtmeCPgH2rfR_LlLeI-yUouhGScqVyUPb47OeQtuzj-Q6srGYMr__YBmNvEYRqsav_rxyrPyPoS-tePzQihwJFp_5vbs-g4vj8EHWsByuo8pHPZnLBrx-dRYAiZ9O6r7x2Qjqpw9KQ4wz9JY2Fvf5Jhx90-4hVFhkIe-C9VQXY2npK5bN0tjKa2qKw7VNa8RBfov3UhRvYXSkhjhgys37R1folf_nDJElW7AIECpy5b5okWxHS0Y705X29b3VbgJXLZIuiP74TClYXJM4A3ds8ZLmx_zCsXiQyzecDqt4GM6trTPS2ROdKW3NFZjFmplt9zfnJoCRpAm394_MMqSGVUkCP4vBB9VAXHDlZawijoSNZ20hZenk_GnWlDQDNgXKycXHqRjJPQoXu-yTNk15EMBfyfW6ZNci1TNLnJVwvkmgB9NoNAtac6ZTJngEPHUE-sOt7YR5YJObwNoKKRFZJKCj5RBUJdWpaYiF3KL1yFRZjwiQxE1JaUr0fu-m6OSE6WGhIAhh1IsCBHY76MYtL_erp5FO3qsm6gTIc7z62j2DcRwEETUlQKU3yd9GXkYRGzANHXckp98i4g5Iq4N_PfaET0ivdfZcewcTn1jKutt7jE0bLEGNndH03QeEc3ZQPp8SMlWzd36L74bsrY-9DCZXUszgf96ScOi9UGzgjsa2Zzk2NEk2TLVhXEdydu1mQ7WH1CB-nNgfc5CNniAgK4LtWl0-ee0lXEPdFYdGPcNyJFY5X87Ci8yIc&x-client-SKU=ID_NET6_0&x-client-ver=6.25.1.0&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef -, , ASN (),
Reverse DNS
Software: ECAcc (frc/4D02) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 May 2024 08:26:30 GMT
content-encoding: gzip
content-md5: jOiousyUYhNqKTm5ZmwfKQ==
age: 2570081
x-cache: HIT
content-length: 17396
x-ms-lease-status: unlocked
last-modified: Tue, 02 Apr 2024 21:28:34 GMT
server: ECAcc (frc/4D02)
etag: 0x8DC535BDA0182DE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6bcd2892-a01e-0051-6dd3-851217000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET Me.htm
login.live.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.live.com
URL: https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fbfs-services.pm.beyondtrustcloud.com/oauth/signin-oidc	1970-01-20 20:18:45	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8PzbrRR0A_9Pn5bUkrjIHZQab2ehsAoYW6jgA6Q8y-RRZ60xHTH8n26t85FmG4b4-kDzsbBGPelCKRQQFP2ojIjBNczFsyt8ATRuEpEeoEu2UpwC9ZwyCBU3rg3WzQA7nwvCHXbcyz_mbLUdJVRfkLbO-n1ZXbMes8DScWsTryZ9qazzmWbA2lW6HfxVtm-08sckacNOJLpsr1B5L3tOiqI9nBLmU7jB1cj3DQp4ds_DUTwcLYi_dkVinl8QzAQwwC5MYQSUSaCyscQ9XmMYreQ Value: N
fbfs-services.pm.beyondtrustcloud.com/oauth/signin-oidc	1970-01-20 20:18:45	Name: .AspNetCore.Correlation.2LgWIunnKsi8zaQpgFAaerFKO9wzKfKPOqopLbkdTtg Value: N
.beyondtrustcloud.com/	1970-01-21 05:04:20	Name: apt.uid Value: AP-ZHBCC4KREWQ6-2-1714724785277-29397639.0.0
.beyondtrustcloud.com/	1970-01-20 20:18:46	Name: apt.sid Value: AP-ZHBCC4KREWQ6-2-1714724785279-71282375
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-WPugouuC6A Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8Fe1QfDEybX89yhmwF2b5vvvMi35bX1hTQXmbreyMslEQw4zqLF7HW2DjoZ1YtZd4Rrn0oLzQqCepTSXyjNmLb7S0OgGFN5WgnCKfFp9zuItpkvB70bCsFhHBOFOonadZu5pPjqT7VIosbPW61bBQ-iAA
login.microsoftonline.com/	1970-01-20 21:01:56	Name: fpc Value: AnHUEicP2o1NnpMEsFftMmk
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8yFXTogre5fIrE8mU9h5Fy66XOX9ZWsXM6iv5Y0KoLL0Xv_XMCphbvtZXcvoMsogicdgyxJ1Dscwll8hXFQaiC4BY-O67kK5pdhZDCDLCHXkniN9dfisxMjs4e_FzdVdJjftyXzIfke5EWTtR_yTHYgDI3-o2iKgzRYAHtx4M99QgAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 20:18:44	Name: SSOCOOKIEPULLED Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fbfs-services.pm.beyondtrustcloud.com/portal-api/v1/user/current Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
esp.aptrinsic.com
fbfs-services.pm.beyondtrustcloud.com
fbfs.pm.beyondtrustcloud.com
login.live.com
login.microsoftonline.com
web-sdk.aptrinsic.com
login.live.com
2603:1026:3000:148::7
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:48:1::45
35.184.35.160
35.190.35.221
40.78.177.34
088e9661860b1e4efd434a0b97e20fa9310b278622745ebc8712b8cbbc015d7d
0f820e67b770e61aa565f44800dea49d4b1d8f0316da34ae26be5264da307e4d
2590354ca62fd66cab7fa5f5e161fd4b1002a3c5b8da3212072ea42dd619d065
3b24f619672961285b59c182852cb775baaa3a08c844c1a3fc8b607cc79698ae
44462ec5e93ed1ac47d7e7e0a120346726ac1744378ec486bb0dfe0aecd7720b
44dcc88bf3581e5fc8978393098eb56bf607474e632e0da4060f1bcefb509a4e
60ec4783f17368f6f08562b73fe100097a1735289a9de3f154ff98062b6ad7b5
618c915e22bc8a5867d471f57fa1d00a5f10ec44e61ef14ec782553aaf9e9027
69d8e505e7b05141c79d5f7087f2e994acb06e640dd1396aff73f96dc1d89b28
7ec424555c212feb1e3b5a3e7f75d363db8c6d82985e9aa21d818b419316732b
9ab29336d6cdde003ab4ec8318b0f044cbd9c7d9ed7c2f05ead6ebed1f30bcbe
aa78adcf83390800bef97afdd9949cba6a6dcf6fe72b1b40d390da58c962e5f8
aecb90238f054c7ce44cc8cc9a36ed1ffae047d24a9bf8d39e1e847119c17628
b4782aecdaaf2b7a0089ef6c9eec655ae61879ab29d93a4811ade8372acfcdf3
b9ae5587ecf4716f6927484631a2e063524b250a0a14d6f8913c6c61aa8f8fd9
c8d5061ba269702a6cc67bb6432242d0124e18ca889b277ebb4c9b6a9443b91f
ccd819169e1ee3bf2b1cf1ec5711673d835ae146cef5807fd466fa3e333e9a80
e08ca2eef7b8d79b88d5cd4b729c417a38fc2a191023c3cf8534e90dcf791e84
e3669722514c511767fc3b9023caebc5ce064754bf5d0df496333b3a1e12da6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f485c0c2351a9b3d12f573ad40ad3a55d4af7adc8826db59219a5ff7728bc05b
ffde8f6a085950a85b8cc0082a9ce72a60adb832fd8a95142c643e38c38e5b7a

login.microsoftonline.com Open in urlscan Pro 2603:1026:3000:148::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

3701 kBTransfer

4724 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::7 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

3701 kB
Transfer

4724 kB
Size

11
Cookies

32 HTTP transactions
0 data transactions