casurvey.b2clogin.com Open in urlscan Pro
2603:1026:3000:c8::b  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://clientportaldev.campbellsurvey.com/ Page URL
2. https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_CASignup&client_id=175065da-7e3c-45a2-9830-865c6dd48c0e&nonce=0fc3b581-853e-4a77-90cc-cb4a5eec38d9&redirect_uri=https%3A%2F%2Fclientportaldev.campbellsurvey.com%2Fcallback&scope=175065da-7e3c-45a2-9830-865c6dd48c0e%20offline_access&response_type=code&response_mode=query&prompt=login Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response clientportaldev.campbellsurvey.com/	1 KB 797 B	509ms 127ms	Document text/html	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash 008f364d6ee275d03bc9bd26607c936c9bf26072bca9c3fd06cbeeaaab10cf0f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Encoding gzip Content-Length 532 Content-Type text/html Date Mon, 18 Dec 2023 15:52:25 GMT ETag "45a-5fbc1a9b1f414-gzip" Last-Modified Mon, 15 May 2023 20:54:37 GMT Server Apache Vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	124ms 44ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 577150d3276d16537f011c009844748a6add81f672f9f3a692fd73d3b0f60086 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://clientportaldev.campbellsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 18 Dec 2023 15:52:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 18 Dec 2023 14:08:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 18 Dec 2023 15:52:25 GMT
GET H/1.1	200 OK	flexboxgrid.min.css clientportaldev.campbellsurvey.com/assets/	10 KB 2 KB	131ms 130ms	Stylesheet text/css	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/assets/flexboxgrid.min.css Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash 78054ab5ce1fee322e26199d2008e9acc88fd1d277f090a6068b83b26763a2c1 Request headers accept-language de-DE,de;q=0.9 Referer https://clientportaldev.campbellsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:25 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:41 GMT Server Apache ETag "29c6-5fbc1a9e266b4-gzip" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 1410
GET H/1.1	200 OK	styles.b872ea2851392e705f09.css clientportaldev.campbellsurvey.com/	501 KB 126 KB	255ms 122ms	Stylesheet text/css	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/styles.b872ea2851392e705f09.css Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash 1343051f3f6455f8541d8c5356511b1a45659edf46ab0a0df93dd09d5436bb53 Request headers accept-language de-DE,de;q=0.9 Referer https://clientportaldev.campbellsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:25 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:40 GMT Server Apache ETag "7d2a2-5fbc1a9d9d8a0-gzip" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes
GET H/1.1	200 OK	runtime-es2015.052418f84c4d65e1a04f.js Show response clientportaldev.campbellsurvey.com/	2 KB 2 KB	393ms 117ms	Script application/javascript	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/runtime-es2015.052418f84c4d65e1a04f.js Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash f50f339b04998f1210bc8ac5dd1795df9c652c241c87281906f12c48c643aed7 Request headers Referer https://clientportaldev.campbellsurvey.com/ Origin https://clientportaldev.campbellsurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:25 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:39 GMT Server Apache ETag "989-5fbc1a9d286c3-gzip" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 1272
GET H/1.1	200 OK	polyfills-es2015.34906a5f002ccde5c8ac.js Show response clientportaldev.campbellsurvey.com/	36 KB 12 KB	408ms 128ms	Script application/javascript	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/polyfills-es2015.34906a5f002ccde5c8ac.js Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash 708c6e19fae5b7367326fafad3c5f4b49acf6ffa3d4c99904529952ea80c8898 Request headers Referer https://clientportaldev.campbellsurvey.com/ Origin https://clientportaldev.campbellsurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:25 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:39 GMT Server Apache ETag "911c-5fbc1a9c4294f-gzip" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 12403
GET H/1.1	200 OK	main-es2015.6a977a2bd186944db1c5.js Show response clientportaldev.campbellsurvey.com/	2 MB 504 KB	419ms 139ms	Script application/javascript	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/main-es2015.6a977a2bd186944db1c5.js Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash 73cca72b6d65e061ba94ca853dde34f3b25e6cd29f117178e26d3a1f2881dfdb Request headers Referer https://clientportaldev.campbellsurvey.com/ Origin https://clientportaldev.campbellsurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:25 GMT Content-Encoding gzip Last-Modified Fri, 08 Dec 2023 15:56:36 GMT Server Apache ETag "1e8c24-60c01a105c1c4-gzip" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	114ms 35ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://clientportaldev.campbellsurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 12 Dec 2023 08:54:05 GMT x-content-type-options nosniff age 543501 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Dec 2024 08:54:05 GMT
GET H/1.1	200 OK	Primary Request authorize Show response casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/	321 KB 110 KB	1163ms 1020ms	Document text/html	2603:1026:3000:c8::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_CASignup&client_id=175065da-7e3c-45a2-9830-865c6dd48c0e&nonce=0fc3b581-853e-4a77-90cc-cb4a5eec38d9&redirect_uri=https%3A%2F%2Fclientportaldev.campbellsurvey.com%2Fcallback&scope=175065da-7e3c-45a2-9830-865c6dd48c0e%20offline_access&response_type=code&response_mode=query&prompt=login Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/main-es2015.6a977a2bd186944db1c5.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:c8::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 70a18686a8f819cbe534ff4990250e38f0a500ea23cf55f8ea731ac0eec883ff Security Headers Name Value Content-Security-Policy script-src 'strict-dynamic' 'self' 'nonce-qnt1DpQEUxA9cn41H2nTMQ==' 'report-sample'; report-uri /casurvey.onmicrosoft.com/B2C_1_CASignup/client/cspreport?p=B2C_1_CASignup Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://clientportaldev.campbellsurvey.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Allow OPTIONS TRACE GET HEAD POST Cache-Control no-store, must-revalidate, no-cache Content-Encoding gzip Content-Length 110551 Content-Security-Policy script-src 'strict-dynamic' 'self' 'nonce-qnt1DpQEUxA9cn41H2nTMQ==' 'report-sample'; report-uri /casurvey.onmicrosoft.com/B2C_1_CASignup/client/cspreport?p=B2C_1_CASignup Content-Type text/html; charset=utf-8 Date Mon, 18 Dec 2023 15:52:27 GMT Expires -1 Public OPTIONS,TRACE,GET,HEAD,POST Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Build 1.1.18.0 X-Content-Type-Options nosniff X-Frame-Options DENY X-Request-ID 2240199b-a2b0-4c66-a606-901331bde338 X-UA-Compatible IE=edge X-XSS-Protection 1; mode=block x-ms-gateway-requestid fc3abdf9-06a9-4042-9aa7-bb129ee6c7e0
GET H/1.1	200 OK	1-es2015.132784211558c87347a1.js clientportaldev.campbellsurvey.com/	91 KB 18 KB	140ms 139ms	Script application/javascript	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/1-es2015.132784211558c87347a1.js Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/runtime-es2015.052418f84c4d65e1a04f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://clientportaldev.campbellsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:26 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:33 GMT Server Apache ETag "16d33-5fbc1a975afef-gzip" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 18574
GET H/1.1	200 OK	2-es2015.67a32d370a82e9a6bee5.js clientportaldev.campbellsurvey.com/	110 KB 21 KB	136ms 135ms	Script application/javascript	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/2-es2015.67a32d370a82e9a6bee5.js Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/runtime-es2015.052418f84c4d65e1a04f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://clientportaldev.campbellsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:26 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:35 GMT Server Apache ETag "1b7de-5fbc1a98c41ad-gzip" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 21018
GET H/1.1	200 OK	8-es2015.dfb49becce1f93190745.js clientportaldev.campbellsurvey.com/	378 KB 56 KB	141ms 141ms	Script application/javascript	20.49.104.17 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://clientportaldev.campbellsurvey.com/8-es2015.dfb49becce1f93190745.js Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/runtime-es2015.052418f84c4d65e1a04f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.104.17 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://clientportaldev.campbellsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 18 Dec 2023 15:52:26 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2023 20:54:36 GMT Server Apache ETag "5e77d-5fbc1a99fbed7-gzip" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes
GET H/1.1	200 OK	jquery-bundle-1.10.2.min.js Show response casurvey.b2clogin.com/static/bundles/	100 KB 100 KB	677ms 625ms	Script application/javascript	2603:1026:3000:c8::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://casurvey.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=SAN Requested by Host: casurvey.b2clogin.com URL: https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_CASignup&client_id=175065da-7e3c-45a2-9830-865c6dd48c0e&nonce=0fc3b581-853e-4a77-90cc-cb4a5eec38d9&redirect_uri=https%3A%2F%2Fclientportaldev.campbellsurvey.com%2Fcallback&scope=175065da-7e3c-45a2-9830-865c6dd48c0e%20offline_access&response_type=code&response_mode=query&prompt=login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:c8::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_CASignup&client_id=175065da-7e3c-45a2-9830-865c6dd48c0e&nonce=0fc3b581-853e-4a77-90cc-cb4a5eec38d9&redirect_uri=https%3A%2F%2Fclientportaldev.campbellsurvey.com%2Fcallback&scope=175065da-7e3c-45a2-9830-865c6dd48c0e%20offline_access&response_type=code&response_mode=query&prompt=login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Mon, 18 Dec 2023 15:52:27 GMT X-Content-Type-Options nosniff Last-Modified Thu, 07 Dec 2023 10:05:14 GMT ETag "0a9adff428da1:0" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * X-Frame-Options DENY Accept-Ranges bytes Content-Length 101973 X-XSS-Protection 1; mode=block
POST H/1.1	200 OK	cspreport casurvey.b2clogin.com/casurvey.onmicrosoft.com/B2C_1_CASignup/client/	0 447 B	609ms 166ms	Other text/plain	2603:1026:3000:c8::b MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/B2C_1_CASignup/client/cspreport?p=B2C_1_CASignup Requested by Host: clientportaldev.campbellsurvey.com URL: https://clientportaldev.campbellsurvey.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:c8::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_CASignup&client_id=175065da-7e3c-45a2-9830-865c6dd48c0e&nonce=0fc3b581-853e-4a77-90cc-cb4a5eec38d9&redirect_uri=https%3A%2F%2Fclientportaldev.campbellsurvey.com%2Fcallback&scope=175065da-7e3c-45a2-9830-865c6dd48c0e%20offline_access&response_type=code&response_mode=query&prompt=login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/csp-report Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Mon, 18 Dec 2023 15:52:27 GMT X-Content-Type-Options nosniff Allow OPTIONS, TRACE, GET, HEAD, POST X-Frame-Options DENY Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache x-ms-gateway-requestid 02115b88-6b99-4aad-a271-2fc3a9658904 Content-Length 0 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	CampbellLogin.html Show response caazurefiles01.blob.core.windows.net/websitefiles/	1 KB 2 KB	445ms 97ms	XHR text/html	52.239.154.100 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://caazurefiles01.blob.core.windows.net/websitefiles/CampbellLogin.html Requested by Host: casurvey.b2clogin.com URL: https://casurvey.b2clogin.com/casurvey.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_CASignup&client_id=175065da-7e3c-45a2-9830-865c6dd48c0e&nonce=0fc3b581-853e-4a77-90cc-cb4a5eec38d9&redirect_uri=https%3A%2F%2Fclientportaldev.campbellsurvey.com%2Fcallback&scope=175065da-7e3c-45a2-9830-865c6dd48c0e%20offline_access&response_type=code&response_mode=query&prompt=login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.154.100 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 731bf1a3eab5e6446c1067514e9016ebc8fa176c55c92c5ce80e3bf0f26593fa Request headers accept-language de-DE,de;q=0.9 Referer https://casurvey.b2clogin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 18 Dec 2023 15:52:28 GMT Last-Modified Thu, 15 Nov 2018 17:20:49 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 EhRXsqs/NGhbhfinZsoLVA== ETag 0x8D64B1EB00B4D7B Content-Type text/html Access-Control-Allow-Origin * x-ms-request-id 3b8f4f73-b01e-0130-4dca-316364000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 Content-Length 1177
GET H/1.1	200 OK	styles.css caazurefiles01.blob.core.windows.net/websitefiles/css/	12 KB 12 KB	378ms 99ms	Stylesheet text/css	52.239.154.100 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://caazurefiles01.blob.core.windows.net/websitefiles/css/styles.css Requested by Host: casurvey.b2clogin.com URL: https://casurvey.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=SAN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.154.100 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash ebc80b9fcb3cecb1dfcbf0a257a24fcb5193f908a8289d9dcfe8f8acfa677466 Request headers accept-language de-DE,de;q=0.9 Referer https://casurvey.b2clogin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 18 Dec 2023 15:52:28 GMT Last-Modified Thu, 15 Nov 2018 17:21:07 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 DaqD07M7+atsPkVz7HeLYg== ETag 0x8D64B1EBADBA0F9 Content-Type text/css Access-Control-Allow-Origin * x-ms-request-id fb2e00b3-101e-0039-67ca-313fbf000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 Content-Length 12000
GET H/1.1	200 OK	login.css caazurefiles01.blob.core.windows.net/websitefiles/css/	460 B 1 KB	377ms 97ms	Stylesheet text/css	52.239.154.100 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://caazurefiles01.blob.core.windows.net/websitefiles/css/login.css Requested by Host: casurvey.b2clogin.com URL: https://casurvey.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=SAN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.154.100 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c869773b0a56ad433cfe76624628495e86dea6cbed924ed02fb0eed8de795860 Request headers accept-language de-DE,de;q=0.9 Referer https://casurvey.b2clogin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 18 Dec 2023 15:52:28 GMT Last-Modified Thu, 15 Nov 2018 17:21:07 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 sBv6zI9wWTRtiWYfNI9mFA== ETag 0x8D64B1EBAA882AD Content-Type text/css Access-Control-Allow-Origin * x-ms-request-id da20465f-f01e-0011-62ca-314800000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 Content-Length 460
GET H/1.1	200 OK	portalLogo.png caazurefiles01.blob.core.windows.net/websitefiles/img/	12 KB 13 KB	398ms 104ms	Image image/png	52.239.154.100 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://caazurefiles01.blob.core.windows.net/websitefiles/img/portalLogo.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.154.100 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 70c29547fb757360db0d625866a2cfaeeab055141fcb3104cd11be40693b2251 Request headers accept-language de-DE,de;q=0.9 Referer https://casurvey.b2clogin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 18 Dec 2023 15:52:28 GMT Last-Modified Tue, 07 Aug 2018 17:59:03 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 HhWrF1IALa5MMqaLf3R4rw== ETag 0x8D5FC8F75E525B0 Content-Type image/png Access-Control-Allow-Origin * x-ms-request-id 73c47f3e-c01e-00b8-21ca-319de8000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 Content-Length 12350
GET H2	200	css fonts.googleapis.com/	9 KB 933 B	45ms 44ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i Requested by Host: caazurefiles01.blob.core.windows.net URL: https://caazurefiles01.blob.core.windows.net/websitefiles/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 577150d3276d16537f011c009844748a6add81f672f9f3a692fd73d3b0f60086 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://caazurefiles01.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 18 Dec 2023 15:52:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 18 Dec 2023 15:27:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 18 Dec 2023 15:52:29 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	35ms 35ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://casurvey.b2clogin.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 12 Dec 2023 08:54:05 GMT x-content-type-options nosniff age 543504 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Dec 2024 08:54:05 GMT

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer function| sanitizeHtml object| $cors boolean| pageReady object| $i2e object| $element object| Handlebars boolean| contentReady boolean| bodyReady

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.casurvey.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-csrf Value: M0IrK240Q21veHd1Ukd3c2p4NnlsVlNveHNLNVdUMFhxYzI1YTV6VTJ5dzJnWEtudUFIb3NUMEM0VFJVM3hsVCs5Tko0ZlRWdDJFMENTV1lLd0xmREE9PTsyMDIzLTEyLTE4VDE1OjUyOjI3LjI4NjEzNThaO2pGaGl5WXRtWDFUSi83LzJUbzl5TEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
			.casurvey.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache|mxlaircizkymbpatmb3joa_0 Value: m1.ji4HS5PWSgTPtGrX.y89hfDK47nA9p2uLFObxNw==.0.V55ylV+wDRn7xkl3y6AsCwgvYZTNvy1g8CCzwvEQFrvg4NG3wDmd1nw8yKvEomBASoy1kBooGRc8rAYTPXD00FgTGaGENfjFS2SM+p2OAg+UpyKIqVxQ4HE/ZhEiEhRZRmEvlhP0h+ifJBj7lL3FuFGpoG8CpG6WKI3VYk9GGW5YfVBsRxtu1aHL6ycMnJQtgJlmGaqehwXz5D3wUwblf3k1jMX03hCZZpeME2WElB9VvWbEAzYA0KndVSvOXZO3A4BZxLy7hCIlnAZMtMLLo5w1etdzqHVIPycUkcqMyywD6HAfPJcGKaQ0iW25VFdCsxO3lfNR34zLBjpZ0bQHoBzTUtH0v5X4yPms0K7HQCLlwy+InyoXfq+GUYCFQz218rHrkI6I2rZD1pzUaO2J+VChtCEfsF3RNuQmCEv0UBXskEUx5/Lqs6PAghIaR4xLm7FEgXb24mDQb6B8FHelZneqz/Ia7ln0fgTQ6/o38hNsgMKJeVO+2NFgodhhJNGRbhQffRf25/OXbD+BAgYyintgry5uG0b1ZTE4SaT3MPnNaTY7A+l1TXwlppqeacgVlqUPv4kwLHnMOTYSQhL5Pa/LbIJc5zWR5ZV2P/YotyBqJ4EI4ClnU+2RNDjbLqsy7ye3SUcOAJyY0/9MloQovotIc4fa05zb3iVvQmfvqIgr
			.casurvey.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjIyNDAxOTliLWEyYjAtNGM2Ni1hNjA2LTkwMTMzMWJkZTMzOCIsIlQiOiJjYXN1cnZleS5vbm1pY3Jvc29mdC5jb20iLCJQIjoiQjJDXzFfQ0FTaWdudXAiLCJDIjoiMTc1MDY1ZGEtN2UzYy00NWEyLTk4MzAtODY1YzZkZDQ4YzBlIiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiIifV0sIkNfSUQiOiIyMjQwMTk5Yi1hMmIwLTRjNjYtYTYwNi05MDEzMzFiZGUzMzgifQ==
			casurvey.b2clogin.com/	1970-01-20 17:01:58	Name: x-ms-cpim-geo Value: NA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

caazurefiles01.blob.core.windows.net
casurvey.b2clogin.com
clientportaldev.campbellsurvey.com
fonts.googleapis.com
fonts.gstatic.com
20.49.104.17
2603:1026:3000:c8::b
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
52.239.154.100
008f364d6ee275d03bc9bd26607c936c9bf26072bca9c3fd06cbeeaaab10cf0f
1343051f3f6455f8541d8c5356511b1a45659edf46ab0a0df93dd09d5436bb53
577150d3276d16537f011c009844748a6add81f672f9f3a692fd73d3b0f60086
708c6e19fae5b7367326fafad3c5f4b49acf6ffa3d4c99904529952ea80c8898
70a18686a8f819cbe534ff4990250e38f0a500ea23cf55f8ea731ac0eec883ff
70c29547fb757360db0d625866a2cfaeeab055141fcb3104cd11be40693b2251
731bf1a3eab5e6446c1067514e9016ebc8fa176c55c92c5ce80e3bf0f26593fa
73cca72b6d65e061ba94ca853dde34f3b25e6cd29f117178e26d3a1f2881dfdb
78054ab5ce1fee322e26199d2008e9acc88fd1d277f090a6068b83b26763a2c1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
c869773b0a56ad433cfe76624628495e86dea6cbed924ed02fb0eed8de795860
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc80b9fcb3cecb1dfcbf0a257a24fcb5193f908a8289d9dcfe8f8acfa677466
f50f339b04998f1210bc8ac5dd1795df9c652c241c87281906f12c48c643aed7