urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:150::6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bfh.wizard.3vrooms.app/
Effective URL: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a2...
Submission: On October 31 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 36 HTTP transactions. The main IP is 2603:1026:3000:150::6, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 19.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 25 142.132.246.207 24940 (HETZNER-AS)
2 23.55.225.89 16625 (AKAMAI-AS)
2 2603:1026:300... 8075 (MICROSOFT...)
8 2606:2800:233... 15133 (EDGECAST)
1 20.190.159.68 8075 (MICROSOFT...)
1 2620:1ec:bdf::63 8075 (MICROSOFT...)
36 6
25    142.132.246.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.207.246.132.142.clients.your-server.de
bfh.wizard.3vrooms.app
bfh.book.3vrooms.app
bfh.idp.3vrooms.app
2    23.55.225.89 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-225-89.deploy.static.akamaitechnologies.com
appsforoffice.microsoft.com
2    2603:1026:3000:150::6 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
8    2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.159.68 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
25 3vrooms.app
bfh.wizard.3vrooms.app
bfh.book.3vrooms.app
bfh.idp.3vrooms.app
2 MB
8 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1018
270 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 19
27 KB
2 microsoft.com
appsforoffice.microsoft.com — Cisco Umbrella Rank: 1296
54 KB
1 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3478
5 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 77
36 6
Domain Requested by
19 bfh.wizard.3vrooms.app bfh.wizard.3vrooms.app
8 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
4 bfh.idp.3vrooms.app 3 redirects bfh.wizard.3vrooms.app
2 login.microsoftonline.com bfh.wizard.3vrooms.app
aadcdn.msftauth.net
2 bfh.book.3vrooms.app bfh.wizard.3vrooms.app
2 appsforoffice.microsoft.com bfh.wizard.3vrooms.app
appsforoffice.microsoft.com
1 aadcdn.msftauthimages.net
1 login.live.com login.microsoftonline.com
36 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
bfh.book.3vrooms.app
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
appsforoffice.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2023-01-04 -
2023-12-30		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-08-25 -
2024-08-25		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-01-31 -
2024-01-31		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-06-29 -
2024-06-29		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true
Frame ID: A2C0544322BCCA11CDCDB74056259E0A
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://bfh.wizard.3vrooms.app/ Page URL
  2. https://bfh.idp.3vrooms.app/connect/authorize?client_id=rooms-addin&redirect_uri=https%3A%2F%2Fbfh.wizar... HTTP 302
    https://bfh.idp.3vrooms.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Droom... HTTP 302
    https://bfh.idp.3vrooms.app/External/Challenge?provider=microsoft&returnUrl=%2Fconnect%2Fauthorize%2Fcal... HTTP 302
    https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e0556... Page URL
  3. https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e0556... Page URL

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

6
IPs

4
Countries

2898 kB
Transfer

3815 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bfh.wizard.3vrooms.app/ Page URL
  2. https://bfh.idp.3vrooms.app/connect/authorize?client_id=rooms-addin&redirect_uri=https%3A%2F%2Fbfh.wizard.3vrooms.app%2Fcallback.html&response_type=code&scope=openid+profile+rooms_api&state=81155c1937454b16836c69386f2cbd8e&code_challenge=7SEW4iehSElioSB9F_e0sEhuvmU8FTXweOq3J4QBpkQ&code_challenge_method=S256&response_mode=query&acr_values=idp%3Amicrosoft HTTP 302
    https://bfh.idp.3vrooms.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Drooms-addin%26redirect_uri%3Dhttps%253A%252F%252Fbfh.wizard.3vrooms.app%252Fcallback.html%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520rooms_api%26state%3D81155c1937454b16836c69386f2cbd8e%26code_challenge%3D7SEW4iehSElioSB9F_e0sEhuvmU8FTXweOq3J4QBpkQ%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Amicrosoft HTTP 302
    https://bfh.idp.3vrooms.app/External/Challenge?provider=microsoft&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Drooms-addin%26redirect_uri%3Dhttps%253A%252F%252Fbfh.wizard.3vrooms.app%252Fcallback.html%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520rooms_api%26state%3D81155c1937454b16836c69386f2cbd8e%26code_challenge%3D7SEW4iehSElioSB9F_e0sEhuvmU8FTXweOq3J4QBpkQ%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Amicrosoft HTTP 302
    https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0 Page URL
  3. https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://bfh.idp.3vrooms.app/connect/authorize?client_id=rooms-addin&redirect_uri=https%3A%2F%2Fbfh.wizard.3vrooms.app%2Fcallback.html&response_type=code&scope=openid+profile+rooms_api&state=81155c1937454b16836c69386f2cbd8e&code_challenge=7SEW4iehSElioSB9F_e0sEhuvmU8FTXweOq3J4QBpkQ&code_challenge_method=S256&response_mode=query&acr_values=idp%3Amicrosoft HTTP 302
  • https://bfh.idp.3vrooms.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Drooms-addin%26redirect_uri%3Dhttps%253A%252F%252Fbfh.wizard.3vrooms.app%252Fcallback.html%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520rooms_api%26state%3D81155c1937454b16836c69386f2cbd8e%26code_challenge%3D7SEW4iehSElioSB9F_e0sEhuvmU8FTXweOq3J4QBpkQ%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Amicrosoft HTTP 302
  • https://bfh.idp.3vrooms.app/External/Challenge?provider=microsoft&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Drooms-addin%26redirect_uri%3Dhttps%253A%252F%252Fbfh.wizard.3vrooms.app%252Fcallback.html%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520rooms_api%26state%3D81155c1937454b16836c69386f2cbd8e%26code_challenge%3D7SEW4iehSElioSB9F_e0sEhuvmU8FTXweOq3J4QBpkQ%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Amicrosoft HTTP 302
  • https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bfh.wizard.3vrooms.app/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
101e15e4e807c4933948e57ad14c5e7a7b28ea9eae61a15407ac1d2b803e92f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
12168
content-type
text/html
date
Tue, 31 Oct 2023 05:05:41 GMT
etag
"651c3c38-2f88"
last-modified
Tue, 03 Oct 2023 16:07:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
office.js
appsforoffice.microsoft.com/lib/1/hosted/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appsforoffice.microsoft.com/lib/1/hosted/office.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.225.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-225-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
15edaa54855fd34e680fc571faf68b244920ebcfefdb22a6486bb88172e71ca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfh.wizard.3vrooms.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 05:05:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 07:41:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0effcca283da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=11309
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17118
customscript.js
bfh.wizard.3vrooms.app/assets/config/ 		0
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/assets/config/customscript.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfh.wizard.3vrooms.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 19 Oct 2023 00:58:55 GMT
accept-ranges
bytes
etag
"65307f4f-0"
content-length
0
content-type
application/javascript
styles.b59d0065ac450a37.css
bfh.wizard.3vrooms.app/ 		512 KB
513 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/styles.b59d0065ac450a37.css
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
6b9c9550449de5858a9a98c1ee11919ab7c4b372455544d5c825101987762206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfh.wizard.3vrooms.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-7fffe"
content-length
524286
content-type
text/css
runtime.6f394235aab67c51.js
bfh.wizard.3vrooms.app/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
ef350828a4cf64d0bda8f239293e8a754377bf384eec2f4d33c62ebb3a9dbff4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-141f"
content-length
5151
content-type
application/javascript
polyfills.cdbe512c6430fa9a.js
bfh.wizard.3vrooms.app/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/polyfills.cdbe512c6430fa9a.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
f33f34c657281eef3d4c7b7661b5399c2f6f01c7d487f11f1a637c0359dd6d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-9c94"
content-length
40084
content-type
application/javascript
main.ccf87eb7e642fe61.js
bfh.wizard.3vrooms.app/ 		810 KB
812 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/main.ccf87eb7e642fe61.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
ad08b3d282248b283fd359ba0f3c20ae82fb72b8f62b506faf5434fa940c5f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-ca972"
content-length
829810
content-type
application/javascript
o15apptofilemappingtable.js
appsforoffice.microsoft.com/lib/1/hosted/ 		167 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appsforoffice.microsoft.com/lib/1/hosted/o15apptofilemappingtable.js
Requested by
Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1/hosted/office.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.225.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-225-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 05:05:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 07:41:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0effcca283da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=7378
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37609
4307.3bfbddb5ce93db02.js
bfh.wizard.3vrooms.app/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/4307.3bfbddb5ce93db02.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
552583e3997d475fc222bd96d0988ffa995ee3e34126bf3e6a9d7856a749f75d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-59f"
content-length
1439
content-type
application/javascript
9998.19ee01a4aaf837b8.js
bfh.wizard.3vrooms.app/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/9998.19ee01a4aaf837b8.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
0d5855a2c73c16e0b6b1b1f20be443b3329450e15c08895f12581f666d9259c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-493"
content-length
1171
content-type
application/javascript
4211.be3a4d901402c5c2.js
bfh.wizard.3vrooms.app/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/4211.be3a4d901402c5c2.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
cae625bf8e75c1ed4eec01fbfb57ecddc4b45289844348bac9b9fbb01515be47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-628"
content-length
1576
content-type
application/javascript
1636.6f16424918413eb2.js
bfh.wizard.3vrooms.app/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/1636.6f16424918413eb2.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
24d6d1d8b93ff53e020213a840b9016a4315d8ff780d22679b9ca110a4d8e42b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-7ba"
content-length
1978
content-type
application/javascript
config.json
bfh.wizard.3vrooms.app/assets/config/ 		495 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/assets/config/config.json
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/polyfills.cdbe512c6430fa9a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
28be173715cc757228685dbd0da4488dc6e66d633f43ef2a1518b7659ead6ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://bfh.wizard.3vrooms.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 19 Oct 2023 00:58:55 GMT
accept-ranges
bytes
etag
"65307f4f-1ef"
content-length
495
content-type
application/json
logo.png
bfh.book.3vrooms.app/Default/Content/wizard/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bfh.book.3vrooms.app/Default/Content/wizard/logo.png?ignoreLocalFiles=true&cacheBuster=1698728741784
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/polyfills.cdbe512c6430fa9a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://bfh.wizard.3vrooms.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://bfh.wizard.3vrooms.app
date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
content-length
0
en.json
bfh.book.3vrooms.app/Default/Content/wizard/translations/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bfh.book.3vrooms.app/Default/Content/wizard/translations/en.json?ignoreLocalFiles=true&cacheBuster=1698728741938
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/polyfills.cdbe512c6430fa9a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://bfh.wizard.3vrooms.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://bfh.wizard.3vrooms.app
date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
content-length
0
6814.7727e13ede9b3847.js
bfh.wizard.3vrooms.app/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/6814.7727e13ede9b3847.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
6bf4a67801bfdfe4e11099407ebc9e2594fc41eb10feabd732333e8fb220a234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-437"
content-length
1079
content-type
application/javascript
en.json
bfh.wizard.3vrooms.app/assets/translations/ 		14 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/assets/translations/en.json
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/polyfills.cdbe512c6430fa9a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
9d17c9293568a4fcdf7e52820867295d7d71e5b8d4f6bfb291b7488295dabdf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfh.wizard.3vrooms.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-3616"
content-length
13846
content-type
application/json
common.613ec74ef42a9d45.js
bfh.wizard.3vrooms.app/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/common.613ec74ef42a9d45.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
d1a652b9737b9d316a69b261ac1cd44c83b2806e68cc1ad292b1824c587eedea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-41a3"
content-length
16803
content-type
application/javascript
53.d6235c97e318f907.js
bfh.wizard.3vrooms.app/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/53.d6235c97e318f907.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
5c91730fc8d40247cb4884b1db0219231da001e1ab8bdae5e8f3eedda3b7c7f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-a67e"
content-length
42622
content-type
application/javascript
5416.5530db06e9d56303.js
bfh.wizard.3vrooms.app/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/5416.5530db06e9d56303.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
5caf4c6cd902f2f627e1e22dfd323d85d51fc2f3ad8f05caa9eeeeca4cd0fb02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-14891"
content-length
84113
content-type
application/javascript
802.27a22ee3dbfd0d34.js
bfh.wizard.3vrooms.app/ 		260 KB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/802.27a22ee3dbfd0d34.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
5ab52d726d9f344c9e4ed208bc0f9dcd178759bc5a9d506418a3e883c46cb6d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-40e4b"
content-length
265803
content-type
application/javascript
2657.3ee2d1f5bb70b5ce.js
bfh.wizard.3vrooms.app/ 		731 KB
732 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/2657.3ee2d1f5bb70b5ce.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
2b178f9c466068cb57cd4f6e8e1fcbc99c4b9fc464ee6df60e232b76b9795440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-b6ba7"
content-length
748455
content-type
application/javascript
openid-configuration
bfh.idp.3vrooms.app/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bfh.idp.3vrooms.app/.well-known/openid-configuration
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/polyfills.cdbe512c6430fa9a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/jwk-set+json, application/json
Referer
https://bfh.wizard.3vrooms.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://bfh.wizard.3vrooms.app
date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
content-type
application/json; charset=UTF-8
3262.25e10497ec7aabe2.js
bfh.wizard.3vrooms.app/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfh.wizard.3vrooms.app/3262.25e10497ec7aabe2.js
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/runtime.6f394235aab67c51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.246.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.207.246.132.142.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Origin
https://bfh.wizard.3vrooms.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 03 Oct 2023 16:07:19 GMT
accept-ranges
bytes
etag
"651c3c37-73f"
content-length
1855
content-type
application/javascript
authorize
login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/
Redirect Chain
  • https://bfh.idp.3vrooms.app/connect/authorize?client_id=rooms-addin&redirect_uri=https%3A%2F%2Fbfh.wizard.3vrooms.app%2Fcallback.html&response_type=code&scope=openid+profile+rooms_api&state=81155c1...
  • https://bfh.idp.3vrooms.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Drooms-addin%26redirect_uri%3Dhttps%253A%252F%252Fbfh.wizard.3vrooms.app%252Fcallback.html%26respo...
  • https://bfh.idp.3vrooms.app/External/Challenge?provider=microsoft&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Drooms-addin%26redirect_uri%3Dhttps%253A%252F%252Fbfh.wizard.3vrooms.app%2...
  • https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-m...
20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0
Requested by
Host: bfh.wizard.3vrooms.app
URL: https://bfh.wizard.3vrooms.app/main.ccf87eb7e642fe61.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d0fa594e0ed50bb5d72f674ff0c351649547e99f1ade76727d6c40c212c3b12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bfh.wizard.3vrooms.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8574
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Oct 2023 05:05:41 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.16651.6 - FRC ProdSlices
x-ms-request-id
92c8eb76-8fc0-429d-863d-25364cbc0700

Redirect headers

content-length
0
date
Tue, 31 Oct 2023 05:05:42 GMT
location
https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0
strict-transport-security
max-age=31536000; includeSubDomains
BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/671A) /
Resource Hash
002c2c1163e76cbf2e84d56cf869b76235038529893ebf30757cfe24b817cf03

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:42 GMT
content-encoding
gzip
content-md5
ZMFy5HcA9P2mV6uiFqhObw==
age
5122655
x-cache
HIT
content-length
48732
x-ms-lease-status
unlocked
last-modified
Thu, 31 Aug 2023 16:33:27 GMT
server
ECAcc (frb/671A)
etag
0x8DBAA4001543B19
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fdfac130-a01e-0039-2320-dd0824000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/ 		43 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3872b7025be2b1951209a3374ea6e25884df521e541efd21499f575454e77e1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
16073
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Oct 2023 05:05:41 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.16651.6 - SEC ProdSlices
x-ms-request-id
dfbde38f-f5f9-4e9d-a512-10bf58560800
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/670C) /
Resource Hash
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:42 GMT
content-encoding
gzip
content-md5
znAMuOwBXwRYMjVZ8p4wCw==
age
4622740
x-cache
HIT
content-length
20208
x-ms-lease-status
unlocked
last-modified
Wed, 06 Sep 2023 21:24:15 GMT
server
ECAcc (frb/670C)
etag
0x8DBAF1F9F5D8653
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1cda790c-001e-00df-36ac-e1e75f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_qEXQbrILMMB9aM8-LvObPA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		418 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_qEXQbrILMMB9aM8-LvObPA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67C4) /
Resource Hash
dffe9bb4e5c9ee3ec8d54f6a3d8ec6f00c3ffe59d7f95731c9a1a553cde76662

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:42 GMT
content-encoding
gzip
content-md5
0hq6ZqI38Flc2M/Nb5TwMQ==
age
1580257
x-cache
HIT
content-length
117659
x-ms-lease-status
unlocked
last-modified
Wed, 11 Oct 2023 19:32:27 GMT
server
ECAcc (frb/67C4)
etag
0x8DBCA90CD989B3F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f3426a5c-001e-00cf-7658-fd577d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_cb22tdfjwbhgd_ph2v9uta2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_cb22tdfjwbhgd_ph2v9uta2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/679E) /
Resource Hash
8ce920042b4cda1a137cc4a2220144db237c2e22557c19e921394a6899b26d70

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:42 GMT
content-encoding
gzip
content-md5
W+XaiNg+uxeU0euXnPRejg==
age
1723432
x-cache
HIT
content-length
16324
x-ms-lease-status
unlocked
last-modified
Mon, 09 Oct 2023 06:04:15 GMT
server
ECAcc (frb/679E)
etag
0x8DBC88D9133147B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
324a1dc4-001e-004b-5d0b-fcac20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d6a1cf8c-768e-4187-a738-b6e50c4deb4a/oauth2/v2.0/authorize?client_id=20e05566-6607-454f-8b0b-4a288e71d4aa&redirect_uri=https%3A%2F%2Fbfh.idp.3vrooms.app%2Fsignin-microsoft&response_type=code&scope=openid%20profile%20email&code_challenge=l-8hplhoWa0DgyqG_LyAvxLwChRbDMQzA19zkCZsH1U&code_challenge_method=S256&response_mode=form_post&nonce=638343255424049402.MzQ1NzcwZjItNmVlYS00NmVhLWIzNTktZmYwYmNkNDRmYzNkYmM2ZmE1YTItNjJiNy00OTQ4LWJjMDYtMmI0OTliNGQ1OTg1&state=CfDJ8Gd_nLkcaXFOr0coCTc99NbBdxFpNgTHPLkZu93XSHPYdgjbuKpwwqQFJg3s2o1iUw4vSYGOwV5gBlGEGLy95IfSa3eycY19-ZJoDJTK6hL6iNXRfZ7jJnPmdFw8wT752bpY7WTF-qPpl0l8WCRnFpWBAp4dsxZgYlnkBrH4C2Pf&x-client-SKU=ID_NET6_0&x-client-ver=6.32.0.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_6a0a93f432ff1bd21896.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6a0a93f432ff1bd21896.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_qEXQbrILMMB9aM8-LvObPA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6695) /
Resource Hash
62958a7a610d9ab060a681661a74fd96ecaecfffe6f63506baa0fa2ff0c62307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:42 GMT
content-encoding
gzip
content-md5
OnkOoulmGcNNEMlZtm3IAg==
age
1807039
x-cache
HIT
content-length
34604
x-ms-lease-status
unlocked
last-modified
Fri, 06 Oct 2023 01:13:34 GMT
server
ECAcc (frb/6695)
etag
0x8DBC6097671DA27
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
89a08a42-601e-00f5-2048-fb7879000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6733) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:43 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
6408054
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (frb/6733)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6aa894d4-701e-00a8-5c6f-d1c451000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-r-gkqa-zpcgdm-k8hyodntkeq9jp515pbo2ivl99oso/logintenantbranding/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-r-gkqa-zpcgdm-k8hyodntkeq9jp515pbo2ivl99oso/logintenantbranding/0/bannerlogo?ts=637469205890667036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3250dd2553714e0f4748b3583cfcbe9b4db86f449be480979bae9bec18988d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:43 GMT
last-modified
Fri, 22 Jan 2021 13:56:29 GMT
etag
0x8D8BEDD84791467
x-azure-ref
20231031T050543Z-ued0wd36g536z2vdfc7srbp23w00000001kg00000000pb1m
x-cache
TCP_REMOTE_HIT
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
96209a2f-f01e-0023-46ac-0bc16f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
4178
convergedlogin_pstringcustomizationhelper_9746a172068dc48a03ee.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_9746a172068dc48a03ee.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_qEXQbrILMMB9aM8-LvObPA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67C9) /
Resource Hash
bec216cfa6e40efdc61e8ca41b96242d59fa72b6b4e1ee301b8e5e43c4ff2b62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:43 GMT
content-encoding
gzip
content-md5
CErHHv5EYTNZwpjhqEPv3w==
age
1580258
x-cache
HIT
content-length
35920
x-ms-lease-status
unlocked
last-modified
Wed, 11 Oct 2023 19:32:24 GMT
server
ECAcc (frb/67C9)
etag
0x8DBCA90CB952401
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e2e57fe5-b01e-0088-4158-fd5562000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FE) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 05:05:43 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
13247231
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frb/67FE)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
06290279-601e-003a-273c-9335be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6a0a93f432ff1bd21896 boolean| __convergedlogin_pstringcustomizationhelper_9746a172068dc48a03ee

13 Cookies

Domain/Path Name / Value
bfh.idp.3vrooms.app/signin-microsoft Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Gd_nLkcaXFOr0coCTc99NZPwMt28OAkw9IWgvE_dcWeOKY4pRuJi5H8uFYTiY-7PSocPhuPV-ix_zvMIOme4Av-aOEUv1sckaRuengJAZ_kL1Dv4t38iNh1n5xTNSzJ2FKlIBE4RbgiXiamB6RayD85jpMJh_3Kl6tjscF6e6C_GO-38cvcXPHwySF4rnqGKPinMy7ePobRLB7ZamDLi8pZwDR0j9mqh6F8UNqDUZVqz26w7Pl7ePdC6zIOHEHWLunpVLQD25-FGHLfYltXQbo
Value: N
bfh.idp.3vrooms.app/signin-microsoft Name: .AspNetCore.Correlation.OgtiPAMS5h_DLtvwm1t6KdmzLkNQzWqe-R7nBOEGdXM
Value: N
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ARAAjM-h1o52h0GnOLblDE3rSmZV4CAHZk9FiwtKKI5x1KqXAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPTZZGX28xGstQCJg1-MzmSjzc4V5EKmCn4n42QVlGuNgmQ7lud9jzWux4hQI7uH_XqcA3j3hw2yswpenXAYC_Q96IXW0aiudVYMOIqzuiSQUgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEP0n-Uk9Fuu15_uR-Eo4rM0V2lscJ4fWzgFS7vjAFMf5zcc-t7L9sMvzQBFx3eGglGse4ponzDDCM_LXm86d6qCHHLfR5xAKTNI7N7RVdI-WmDXoGPyL4YVpf2iWDsyXplvxWF84WsofQyYCfoIaoVhLJGDwXMk4rxV5ELLOeM4YMgAA
.login.microsoftonline.com/ Name: esctx-cV1YtWZFY
Value: AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPDj11D4dbMVzYo70_SzWCmM57dnO8Ve3wcVve1oEQW4q6Hn_sT89F6Chw2p51-iNsWX53yi6IbUz-ZkmDL6oeHrINFarr7wvwiH9ohfEpwnJUBKial55nGuhLJvX6R6J78HirxJdiR5Wzgq2raNJdACAA
login.microsoftonline.com/ Name: fpc
Value: AnAoeFcrps9BmffXwSNkkFQMgn1YAQAAACWC0twOAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 88e0f72032f9422fb667e2006ba33371
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1698728743&co=1

2 Console Messages

Source Level URL
Text
network error URL: https://bfh.book.3vrooms.app/Default/Content/wizard/logo.png?ignoreLocalFiles=true&cacheBuster=1698728741784
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bfh.book.3vrooms.app/Default/Content/wizard/translations/en.json?ignoreLocalFiles=true&cacheBuster=1698728741938
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
appsforoffice.microsoft.com
bfh.book.3vrooms.app
bfh.idp.3vrooms.app
bfh.wizard.3vrooms.app
login.live.com
login.microsoftonline.com
142.132.246.207
20.190.159.68
23.55.225.89
2603:1026:3000:150::6
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:bdf::63
002c2c1163e76cbf2e84d56cf869b76235038529893ebf30757cfe24b817cf03
0d5855a2c73c16e0b6b1b1f20be443b3329450e15c08895f12581f666d9259c5
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
101e15e4e807c4933948e57ad14c5e7a7b28ea9eae61a15407ac1d2b803e92f8
15edaa54855fd34e680fc571faf68b244920ebcfefdb22a6486bb88172e71ca8
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99
24d6d1d8b93ff53e020213a840b9016a4315d8ff780d22679b9ca110a4d8e42b
28be173715cc757228685dbd0da4488dc6e66d633f43ef2a1518b7659ead6ac6
2b178f9c466068cb57cd4f6e8e1fcbc99c4b9fc464ee6df60e232b76b9795440
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
3250dd2553714e0f4748b3583cfcbe9b4db86f449be480979bae9bec18988d64
3872b7025be2b1951209a3374ea6e25884df521e541efd21499f575454e77e1d
552583e3997d475fc222bd96d0988ffa995ee3e34126bf3e6a9d7856a749f75d
5ab52d726d9f344c9e4ed208bc0f9dcd178759bc5a9d506418a3e883c46cb6d5
5c91730fc8d40247cb4884b1db0219231da001e1ab8bdae5e8f3eedda3b7c7f4
5caf4c6cd902f2f627e1e22dfd323d85d51fc2f3ad8f05caa9eeeeca4cd0fb02
62958a7a610d9ab060a681661a74fd96ecaecfffe6f63506baa0fa2ff0c62307
6b9c9550449de5858a9a98c1ee11919ab7c4b372455544d5c825101987762206
6bf4a67801bfdfe4e11099407ebc9e2594fc41eb10feabd732333e8fb220a234
8ce920042b4cda1a137cc4a2220144db237c2e22557c19e921394a6899b26d70
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9d17c9293568a4fcdf7e52820867295d7d71e5b8d4f6bfb291b7488295dabdf6
ad08b3d282248b283fd359ba0f3c20ae82fb72b8f62b506faf5434fa940c5f0d
bec216cfa6e40efdc61e8ca41b96242d59fa72b6b4e1ee301b8e5e43c4ff2b62
cae625bf8e75c1ed4eec01fbfb57ecddc4b45289844348bac9b9fbb01515be47
d0fa594e0ed50bb5d72f674ff0c351649547e99f1ade76727d6c40c212c3b12b
d1a652b9737b9d316a69b261ac1cd44c83b2806e68cc1ad292b1824c587eedea
dffe9bb4e5c9ee3ec8d54f6a3d8ec6f00c3ffe59d7f95731c9a1a553cde76662
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef350828a4cf64d0bda8f239293e8a754377bf384eec2f4d33c62ebb3a9dbff4
f33f34c657281eef3d4c7b7661b5399c2f6f01c7d487f11f1a637c0359dd6d8d