urlscan.io logo urlscan.io
SecurityTrails logo

prospectlogin.b2clogin.com Open in urlscan Pro
20.190.129.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crm.prospect365.com/
Effective URL: https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-...
Submission: On January 12 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 10 domains to perform 18 HTTP transactions. The main IP is 20.190.129.130, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is prospectlogin.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 22nd 2020. Valid for: a year.
This is the only time prospectlogin.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 20.190.129.130 8075 (MICROSOFT...)
3 20.150.42.4 8075 (MICROSOFT...)
1 2606:2800:233... 15133 (EDGECAST)
2 51.107.59.180 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 11
5    2a02:26f0:1700:d::1737:6e8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
crm.prospect365.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    20.190.129.130 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prospectlogin.b2clogin.com
3    20.150.42.4 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
liidentityb2csto.blob.core.windows.net
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
5 crm.prospect365.com 1 redirects crm.prospect365.com
3 liidentityb2csto.blob.core.windows.net prospectlogin.b2clogin.com
2 fonts.gstatic.com fonts.googleapis.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 prospectlogin.b2clogin.com crm.prospect365.com
prospectlogin.b2clogin.com
1 fonts.googleapis.com liidentityb2csto.blob.core.windows.net
1 az416426.vo.msecnd.net prospectlogin.b2clogin.com
1 cdnjs.cloudflare.com crm.prospect365.com
1 code.jquery.com crm.prospect365.com
1 maxcdn.bootstrapcdn.com crm.prospect365.com
18 10

This site contains no links.

Subject Issuer Validity Valid
cert00046-azurecdn.akamaized.net
R3		 2020-12-23 -
2021-03-23		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2020-10-22 -
2021-10-21		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2020-12-03 -
2021-12-03		 a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
Frame ID: 9C8A00A805CEA4757A5D5A849CAFCD7B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://crm.prospect365.com/ HTTP 301
    https://crm.prospect365.com/ Page URL
  2. https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

11
IPs

6
Countries

253 kB
Transfer

646 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crm.prospect365.com/ HTTP 301
    https://crm.prospect365.com/ Page URL
  2. https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://crm.prospect365.com/ HTTP 301
  • https://crm.prospect365.com/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
crm.prospect365.com/
Redirect Chain
  • http://crm.prospect365.com/
  • https://crm.prospect365.com/
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82a9e4f4a530449a2cbf7abe1033b231f40aace8e65b8b89c0ee395b73e72ce7

Request headers

:method
GET
:authority
crm.prospect365.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ARRAffinity=e3a3383cfa652ec1287d153a4e25f486e2d4849aeefc81eff199e6cce3c70227
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length
5164
content-type
text/html
content-encoding
gzip
last-modified
Fri, 08 Jan 2021 15:05:08 GMT
accept-ranges
bytes
etag
"0ea30a7cfe5d61:0",""
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
expires
Tue, 12 Jan 2021 13:44:30 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Tue, 12 Jan 2021 13:44:30 GMT

Redirect headers

Content-Length
151
Content-Type
text/html; charset=UTF-8
ETag
""
Location
https://crm.prospect365.com/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Expires
Tue, 12 Jan 2021 13:44:30 GMT
Cache-Control
max-age=0, no-cache
Pragma
no-cache
Date
Tue, 12 Jan 2021 13:44:30 GMT
Connection
keep-alive
Set-Cookie
ARRAffinity=e3a3383cfa652ec1287d153a4e25f486e2d4849aeefc81eff199e6cce3c70227;Path=/;HttpOnly;Domain=crm.prospect365.com
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crm.prospect365.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
chrome.png
crm.prospect365.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crm.prospect365.com/images/chrome.png
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
009d6ddd374f73bf54b4f7164d5f3cf83f0468d4e38d1f36e1c8512b1bdc0fa6

Request headers

Referer
https://crm.prospect365.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:44:30 GMT
last-modified
Fri, 08 Jan 2021 15:05:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e5a49ba7cfe5d61:0",""
content-type
image/png
cache-control
max-age=459147
accept-ranges
bytes
content-length
14151
firefox.png
crm.prospect365.com/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crm.prospect365.com/images/firefox.png
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://crm.prospect365.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:44:30 GMT
last-modified
Fri, 08 Jan 2021 15:05:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"610aca7cfe5d61:0",""
content-type
image/png
cache-control
max-age=502317
accept-ranges
bytes
content-length
27132
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://crm.prospect365.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:44:30 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2016 22:32:34 GMT
server
nginx
etag
W/"57e45c02-152b5"
vary
Accept-Encoding
x-hw
1610459070.dop210.fr8.t,1610459070.cds264.fr8.hn,1610459070.cds012.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30070
vue.min.js
cdnjs.cloudflare.com/ajax/libs/vue/2.5.13/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/vue/2.5.13/vue.min.js
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50daae61836617a7d7d894cfbeb0811739c51bf014520d4b10d735ef2c1aa60
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://crm.prospect365.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:44:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1504016
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
28129
cf-request-id
07987057f70000c29a5d18b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402c-151ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=64QmQi6jWOp%2Fjqz6BkCRiU17ISBXxubTfYw6rkLRcYdehCdV5zVF2m9LLqgfVxOHABR7m8DdTnDochqB8jirH%2FjrfXIGHM%2BsabfDrKNzbPbfe%2B8K8NB3ya1Qnr2uO7v33g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
610750065f72c29a-FRA
expires
Sun, 02 Jan 2022 13:44:30 GMT
app-authentication.min.js
crm.prospect365.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crm.prospect365.com/app-authentication.min.js?v=1
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
795ad07d0b795b0a106a27bfc87bda3f555a5a99d86470e0aa32114fb0c79bde

Request headers

Referer
https://crm.prospect365.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:44:30 GMT
content-encoding
gzip
etag
"0ea30a7cfe5d61:0",""
last-modified
Fri, 08 Jan 2021 15:05:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=502361
accept-ranges
bytes
content-length
4031
Primary Request Cookie set authorize
prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/ 		44 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
Requested by
Host: crm.prospect365.com
URL: https://crm.prospect365.com/app-authentication.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.129.130 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5279d0fa8389084ded6c4c91d70717658e0992b053b2f944466c0590cf162c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
prospectlogin.b2clogin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://crm.prospect365.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://crm.prospect365.com/

Response headers

Cache-Control
no-store, must-revalidate, no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
x-ms-gateway-requestid
8e3b342a-a733-43f1-bdc0-d84a9fa4a368
X-UA-Compatible
IE=edge
X-Request-ID
a279e8b4-24fd-476b-adde-643e70cbacc6
X-Build
1.0.1830.0
Set-Cookie
x-ms-cpim-csrf=MkxESFljQUtZbG9DZVJlZ0J0czhwNVdPanRmMHovblRSMDUwT0xxcEl5dit0M2RRK1ZwRUx6aHhYcGt0MmswQWR2ekl1MTdoMDc5K0kwYkZJeGNQS0E9PTsyMDIxLTAxLTEyVDEzOjQ0OjMwLjkwODM0ODlaO253UHhGUEZyNnN0ZngwTld1aTNEYkE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==; domain=prospectlogin.b2clogin.com; path=/; SameSite=None; secure; HttpOnly x-ms-cpim-cache|toh5ov0ka0et3mq-cmusxg_0=m1.1Cwb8/3LsWdt3n0a.+GaWpayanu08dFAk+mBnRg==.0.Z6X0GoQlizIkSHto/V+2yh2cxvwJh9GGxPhFnkYzsHCrbAwZFWtNz5KQUdKh4eyCyPAlltQ1qMbwMXAGSQxpMtiI4FKkBZZW2VJnH8g7b2nCK33g7MfLF1VrVVcz/PM+E+zhmR5U4fO8Q75RAnhmKw/NtTA6wZEdbZR+Ki6VMir0xUT+uxVqWkX4rS5+kkqYyXFCMaik+9TpeBidRBcoq3yPl0oKtiJQzJc/rk3J/J1uSo3x0L2RrAdvflKysUUHcM4CPhJjIncPt68/zp9OkJSDRJkTodJvZTFJnzMmHlk9oj9MnL6LbiHjLvKf7nyNp786IJN+ZYeL2aAzHQRp9o76tSxv3TlbGpj2EXEWDqeFL81iLFPpl4bb8vZVP3puUSKH+F5Bn2HtaKkCBdcP2o2yzRAvLGcs0kMxlLYVZn1r7yoIPEQ4qoJX0JnMJ17KCBoXqsFtgHgYaOAW6FyjdFpTCprdqPsWPUQf6O0VcaTJm1HXecuBUyk91i4qXHQKI6Qt/io5H4toeo2PzERajzXwD44j2vpKTyZG23ibVAC8jnBGxVhkpQhvYJZL2qE18yp+SmZ+l5GbktIUS8DYWi8AMRVAoVNP7rbU4Wd5oG9+z/qwtyryjM8UMKUUTx99Kh6a8PtJIwCa06+j4sSdip+oNUKaVz9Lp+jTJ9qIYljIgmOSDfZiDbXl/aCMcy6nlvi0Ieye2oIiv/aCT8KQJhz0yzd+axY977jTRvcWrAUjmJHVjrEk6yeXe9vhafLss+sywVLoUXTUp15LX6ZxeGCSA1/7UETrgf4Q6A0GZbIch8o+vtFNPXXjXPYSh6UYapevYIHKlngNKrR5SAjJX+KNjFpQZv3wHeFiOKyuz7E9SjRjGbdaznPQ+jclj6QAffk5g8JGqhRAcw==; domain=prospectlogin.b2clogin.com; path=/; SameSite=None; secure; HttpOnly x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6ImEyNzllOGI0LTI0ZmQtNDc2Yi1hZGRlLTY0M2U3MGNiYWNjNiIsIlQiOiJwcm9zcGVjdGxvZ2luLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJCMkNfMUFfcHJvc3BlY3Rfc2lnbmluIiwiQyI6IjczMjdiNTY1LTA1YTktNDE0OC1hZjZjLTM1N2U1NjQ0ZDhiMSIsIlMiOjEsIk0iOnt9LCJEIjowfV0sIkNfSUQiOiJhMjc5ZThiNC0yNGZkLTQ3NmItYWRkZS02NDNlNzBjYmFjYzYifQ==; domain=prospectlogin.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Date
Tue, 12 Jan 2021 13:44:29 GMT
Content-Length
17562
jquery-bundle-1.10.2.min.js
prospectlogin.b2clogin.com/static/bundles/ 		100 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prospectlogin.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=DB3
Requested by
Host: prospectlogin.b2clogin.com
URL: https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.129.130 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Dec 2020 08:11:47 GMT
ETag
"80a3134595cfd61:0"
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Date
Tue, 12 Jan 2021 13:44:30 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
36135
X-XSS-Protection
1; mode=block
enteremail.html
liidentityb2csto.blob.core.windows.net/journey/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://liidentityb2csto.blob.core.windows.net/journey/enteremail.html
Requested by
Host: prospectlogin.b2clogin.com
URL: https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.42.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
967f58956a3a9b80fefd3f6bab2c4ef579d953f45846cc851a973769330a8018

Request headers

Referer
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Jan 2021 13:44:31 GMT
Last-Modified
Wed, 12 Feb 2020 09:15:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
HdaKaT9e9ELAU5yiiWTSJQ==
ETag
0x8D7AF9C2C5D9F91
Vary
Origin
Content-Type
text/html
Access-Control-Allow-Origin
https://prospectlogin.b2clogin.com
x-ms-request-id
87a56d6c-f01e-0036-55e9-e8cc27000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
2028
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: prospectlogin.b2clogin.com
URL: https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Jan 2021 13:44:31 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1526
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Fri, 23 Oct 2020 22:12:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D877A0CD108633
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
85105b36-801e-008b-43e5-e8930b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 12 Jan 2021 14:14:31 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://prospectlogin.b2clogin.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Tue, 12 Jan 2021 13:44:30 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32d3da93ca24c34e684e0778354de9d63359e548d3f762240c23b056c592bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
A3AA128F-60A7-4AE7-A40F-FC77087B8D19
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 12 Jan 2021 13:44:31 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
style.css
liidentityb2csto.blob.core.windows.net/journey/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://liidentityb2csto.blob.core.windows.net/journey/css/style.css
Requested by
Host: prospectlogin.b2clogin.com
URL: https://prospectlogin.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=DB3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.42.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
13d6b02eb5fb3b5c235e306ac432addd0c4709e27590d5d7e209d42493bf07df

Request headers

Referer
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Jan 2021 13:44:30 GMT
Last-Modified
Wed, 12 Feb 2020 09:15:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
si1gDK0YuZhwi9gN3bJCcA==
ETag
0x8D7AF9C2C605F3B
Vary
Origin
Content-Type
text/css
x-ms-request-id
dee70810-401e-000c-45e9-e8d65f000000
x-ms-version
2009-09-19
Content-Length
22070
prospect.svg
liidentityb2csto.blob.core.windows.net/journey/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liidentityb2csto.blob.core.windows.net/journey/assets/prospect.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.42.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
03d8f1d0e5cdd39f1bd1821ecbf66ae2b9ed35fcee29c12c101fdcad9e86ab8c

Request headers

Referer
https://prospectlogin.b2clogin.com/prospectlogin.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_prospect_signin&client_id=7327b565-05a9-4148-af6c-357e5644d8b1&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fcrm.prospect365.com%2F&scope=profile%20https://prospectlogin.onmicrosoft.com/prospect/Prospectsoft.OData%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.PostcodeAnywhere%20https://prospectlogin.onmicrosoft.com/prospect/ProspectSoft.Clearbit%20offline_access&response_type=code&response_mode=fragment&code_challenge=90ckVUELlm3V5Scpy45WZTkk7xM1fbp23KFtqgEzBifRGp9l3gArOsIYHjmr8SVYPdAfXixy3pK76uBcjPAf4Q85BfPvC3r2MJHRq7sQAgRDaDCDl6OCkNfwmkqyPkMr&code_challenge_method=plain
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 12 Jan 2021 13:44:31 GMT
Last-Modified
Wed, 12 Feb 2020 09:15:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8BFjSq58Z80nasiAmS7kcA==
ETag
0x8D7AF9C2C5D9F91
Vary
Origin
Content-Type
image/svg+xml
x-ms-request-id
34300193-c01e-002d-18e9-e8f224000000
x-ms-version
2009-09-19
Content-Length
3836
css
fonts.googleapis.com/ 		4 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: liidentityb2csto.blob.core.windows.net
URL: https://liidentityb2csto.blob.core.windows.net/journey/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://liidentityb2csto.blob.core.windows.net/journey/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 12:49:45 GMT
server
ESF
date
Tue, 12 Jan 2021 13:44:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jan 2021 13:44:31 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f361c3f1db6e6fa2371ba4aceef790aac0e37ed6d084792e54b91058dcdec57

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		612 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83fd03c9500dbda5062b110ed129289835b252a5efad7e10ef7f2a105a2a870d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://prospectlogin.b2clogin.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 06 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
498921
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 06 Jan 2022 19:09:10 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://prospectlogin.b2clogin.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 11:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
353259
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 08 Jan 2022 11:36:52 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer object| $cors object| $i2e object| $element boolean| pageReady object| Handlebars object| appInsights object| AI object| Microsoft function| __extends function| _endsWith boolean| contentReady boolean| bodyReady

4 Cookies

Domain/Path Name / Value
prospectlogin.b2clogin.com/ Name: ai_user
Value: OwesP|2021-01-12T13:44:31.161Z
.prospectlogin.b2clogin.com/ Name: x-ms-cpim-cache|toh5ov0ka0et3mq-cmusxg_0
Value: m1.1Cwb8/3LsWdt3n0a.+GaWpayanu08dFAk+mBnRg==.0.Z6X0GoQlizIkSHto/V+2yh2cxvwJh9GGxPhFnkYzsHCrbAwZFWtNz5KQUdKh4eyCyPAlltQ1qMbwMXAGSQxpMtiI4FKkBZZW2VJnH8g7b2nCK33g7MfLF1VrVVcz/PM+E+zhmR5U4fO8Q75RAnhmKw/NtTA6wZEdbZR+Ki6VMir0xUT+uxVqWkX4rS5+kkqYyXFCMaik+9TpeBidRBcoq3yPl0oKtiJQzJc/rk3J/J1uSo3x0L2RrAdvflKysUUHcM4CPhJjIncPt68/zp9OkJSDRJkTodJvZTFJnzMmHlk9oj9MnL6LbiHjLvKf7nyNp786IJN+ZYeL2aAzHQRp9o76tSxv3TlbGpj2EXEWDqeFL81iLFPpl4bb8vZVP3puUSKH+F5Bn2HtaKkCBdcP2o2yzRAvLGcs0kMxlLYVZn1r7yoIPEQ4qoJX0JnMJ17KCBoXqsFtgHgYaOAW6FyjdFpTCprdqPsWPUQf6O0VcaTJm1HXecuBUyk91i4qXHQKI6Qt/io5H4toeo2PzERajzXwD44j2vpKTyZG23ibVAC8jnBGxVhkpQhvYJZL2qE18yp+SmZ+l5GbktIUS8DYWi8AMRVAoVNP7rbU4Wd5oG9+z/qwtyryjM8UMKUUTx99Kh6a8PtJIwCa06+j4sSdip+oNUKaVz9Lp+jTJ9qIYljIgmOSDfZiDbXl/aCMcy6nlvi0Ieye2oIiv/aCT8KQJhz0yzd+axY977jTRvcWrAUjmJHVjrEk6yeXe9vhafLss+sywVLoUXTUp15LX6ZxeGCSA1/7UETrgf4Q6A0GZbIch8o+vtFNPXXjXPYSh6UYapevYIHKlngNKrR5SAjJX+KNjFpQZv3wHeFiOKyuz7E9SjRjGbdaznPQ+jclj6QAffk5g8JGqhRAcw==
.prospectlogin.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImEyNzllOGI0LTI0ZmQtNDc2Yi1hZGRlLTY0M2U3MGNiYWNjNiIsIlQiOiJwcm9zcGVjdGxvZ2luLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJCMkNfMUFfcHJvc3BlY3Rfc2lnbmluIiwiQyI6IjczMjdiNTY1LTA1YTktNDE0OC1hZjZjLTM1N2U1NjQ0ZDhiMSIsIlMiOjEsIk0iOnt9LCJEIjowfV0sIkNfSUQiOiJhMjc5ZThiNC0yNGZkLTQ3NmItYWRkZS02NDNlNzBjYmFjYzYifQ==
.prospectlogin.b2clogin.com/ Name: x-ms-cpim-csrf
Value: MkxESFljQUtZbG9DZVJlZ0J0czhwNVdPanRmMHovblRSMDUwT0xxcEl5dit0M2RRK1ZwRUx6aHhYcGt0MmswQWR2ekl1MTdoMDc5K0kwYkZJeGNQS0E9PTsyMDIxLTAxLTEyVDEzOjQ0OjMwLjkwODM0ODlaO253UHhGUEZyNnN0ZngwTld1aTNEYkE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdnjs.cloudflare.com
code.jquery.com
crm.prospect365.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
liidentityb2csto.blob.core.windows.net
maxcdn.bootstrapcdn.com
prospectlogin.b2clogin.com
20.150.42.4
20.190.129.130
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:125e
2a00:1450:4001:800::200a
2a00:1450:4001:824::2003
2a02:26f0:1700:d::1737:6e8f
51.107.59.180
009d6ddd374f73bf54b4f7164d5f3cf83f0468d4e38d1f36e1c8512b1bdc0fa6
03d8f1d0e5cdd39f1bd1821ecbf66ae2b9ed35fcee29c12c101fdcad9e86ab8c
13d6b02eb5fb3b5c235e306ac432addd0c4709e27590d5d7e209d42493bf07df
32d3da93ca24c34e684e0778354de9d63359e548d3f762240c23b056c592bfe1
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5279d0fa8389084ded6c4c91d70717658e0992b053b2f944466c0590cf162c71
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4
795ad07d0b795b0a106a27bfc87bda3f555a5a99d86470e0aa32114fb0c79bde
7f361c3f1db6e6fa2371ba4aceef790aac0e37ed6d084792e54b91058dcdec57
82a9e4f4a530449a2cbf7abe1033b231f40aace8e65b8b89c0ee395b73e72ce7
83fd03c9500dbda5062b110ed129289835b252a5efad7e10ef7f2a105a2a870d
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
967f58956a3a9b80fefd3f6bab2c4ef579d953f45846cc851a973769330a8018
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
d50daae61836617a7d7d894cfbeb0811739c51bf014520d4b10d735ef2c1aa60
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c