urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:138::6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mongo-express-sso.live.oscato.com/
Effective URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd...
Submission: On December 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 30 HTTP transactions. The main IP is 2603:1036:3000:138::6, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 16.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 9th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.160.8.8 396982 (GOOGLE-CL...)
6 2001:4860:480... 15169 (GOOGLE)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2603:1036:300... 8075 (MICROSOFT...)
7 2606:2800:21f... 15133 (EDGECAST)
1 20.190.190.196 8075 (MICROSOFT...)
2 2620:1ec:46::40 8075 (MICROSOFT...)
30 11
1    34.160.8.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.8.160.34.bc.googleusercontent.com
mongo-express-sso.live.oscato.com
6    2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
img.icons8.com
1    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
www.googleapis.com
2    2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)
identitytoolkit.googleapis.com
2    2603:1036:3000:138::6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
7    2606:2800:21f:1b88:6342:f8de:86c:e98b (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.190.196 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
www.googleapis.com — Cisco Umbrella Rank: 22
identitytoolkit.googleapis.com — Cisco Umbrella Rank: 3562
3 KB
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 974
269 KB
6 run.app
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
875 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3507
146 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16
27 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 80
1 icons8.com
img.icons8.com — Cisco Umbrella Rank: 30684
6 KB
1 oscato.com
mongo-express-sso.live.oscato.com
1001 B
30 9
Domain Requested by
7 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
6 www.googleapis.com iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
6 iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
2 aadcdn.msftauthimages.net
2 login.microsoftonline.com iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
aadcdn.msftauth.net
2 identitytoolkit.googleapis.com iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
2 fonts.gstatic.com fonts.googleapis.com
1 login.live.com login.microsoftonline.com
1 fonts.googleapis.com client
1 img.icons8.com iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
1 mongo-express-sso.live.oscato.com 1 redirects
30 11

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.a.run.app
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
1004834818.rsc.cdn77.org
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-09 -
2024-11-09		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-11-10 -
2024-11-10		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2023-11-25 -
2024-11-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Frame ID: 9AA584623C30CC93A9C0B9ED2D1B88C0
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://mongo-express-sso.live.oscato.com/ HTTP 302
    https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express... Page URL
  2. https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo... Page URL
  3. https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt... Page URL
  4. https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt... Page URL

Page Statistics

30
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

11
IPs

1
Countries

1358 kB
Transfer

2299 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mongo-express-sso.live.oscato.com/ HTTP 302
    https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg Page URL
  2. https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp Page URL
  3. https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app Page URL
  4. https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mongo-express-sso.live.oscato.com/ HTTP 302
  • https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
Redirect Chain
  • https://mongo-express-sso.live.oscato.com/
  • https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/...
781 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
1b34f0506570aee83401813c56d2621febe7e7c84bd2f7b0e21682c5c7b1338f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
781
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 11:48:18 GMT
server
Google Frontend
x-cloud-trace-context
d2e2d8f28a9bbfb9e2f8dac36cdef05b;o=1
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
content-type
text/html
date
Sat, 09 Dec 2023 11:48:18 GMT
location
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
server
Google Frontend
via
1.1 google
x-goog-iap-generated-response
true
script.js
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/ 		782 KB
785 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/script.js
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
9d02d07fbda0125bede904e0e67f56a471f05760150481523f3f29f170076f67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:48:18 GMT
last-modified
Tue, 20 Jun 2023 17:57:15 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"c3867-188d9f42078"
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
f9ed05d61f09de2be321dd4d9aca9228
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
800871
cloud.png
img.icons8.com/cotton/2x/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/cotton/2x/cloud.png
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f693e596bd255e64c26bdbabfb059178e31f7037f20718039be5e8eeb477ba84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Sat, 09 Dec 2023 11:48:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
x-age-lb
172042
icon-format
png
x-77-cache
HIT
x-accel-date
1701950457
content-length
5139
x-77-nzt
EgwBWbuxDwH3CqACAAwBnJI73wH3sQcAAA
x-accel-expires
@1702251025
x-77-age
174011
x-cache-lb
HIT
not-found-platform
false
icon-size
256
last-modified
Fri, 24 Nov 2023 09:41:47
from-mongo-cache
false
server
CDN77-Turbo
x-77-nzt-ray
49be140875813cdb035474652f4c1b01
vary
Origin
from-redis-cache
true
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
91867
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 11:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 10:22:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 11:48:19 GMT
config
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/ 		960 B
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/config
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
13d3abb27a74de95eb09aab2efc653b781835fbdd7b1e33ff499ecc73d9921f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:48:20 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"3c0-7K7yjUXVgYrSseYbUXupLmK+PzE"
content-type
application/json; charset=utf-8
x-cloud-trace-context
3f5d8901b552a3dd0f49737b02a0a5c0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
960
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:01:02 GMT
x-content-type-options
nosniff
age
269237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 09:01:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:34:27 GMT
x-content-type-options
nosniff
age
54832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:34:27 GMT
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		312 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getProjectConfig?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
064f806299b82681ca35a489f6fc4b6d614c6c93471ef6f2c6738c8e6f107299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
X-Client-Version
Chrome/CIAP/1.0.1/ui-0.1.13
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getProjectConfig?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version
Access-Control-Request-Method
GET
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Dec 2023 11:48:20 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
projects
identitytoolkit.googleapis.com/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/projects?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-locale
Access-Control-Request-Method
GET
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-locale
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Dec 2023 11:48:20 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
projects
identitytoolkit.googleapis.com/v1/ 		312 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/projects?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
X-Client-Version
Chrome/JsCore/9.8.4/FirebaseCore-web
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Firebase-Locale
en
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
handler
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/ 		462 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/static/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
ce225ee3bd2a8ad914e3da1ad3c2fb7dfb42e901d54d358b718c449eededb254
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&mode=login&tid=mongo-express-lf8fp&redirect_uri=https://iap.googleapis.com/v1beta1/gcip/resources/29672271CEDB9CA8:handleRedirect&state=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=1800
content-encoding
gzip
content-length
280
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 11:48:20 GMT
origin-trial
AsJLZ4vyY2ORU5w3PpXkCY24qwPZPIS5vhU7v2bOIN/0bBRyfdahqmyS8TVFm5y/M0UpaS2paS/SJ+gGGZ9FeA8AAACfeyJvcmlnaW4iOiJodHRwczovL2ZpcmViYXNlYXBwLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZVRoaXJkUGFydHlTZXNzaW9uU3RvcmFnZVBhcnRpdGlvbmluZ0FmdGVyR2VuZXJhbFBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcxNDY5NDM5OSwiaXNTdWJkb21haW4iOnRydWV9
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
1b0a0995114431ca0d7758b86179fd6f
x-powered-by
Express
x-served-by
cache-ams21063-AMS
x-timer
S1702122501.645573,VS0,VE188
experiments.js
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/ 		570 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/experiments.js
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
f8080380beb017e5fe694e286aa1f282a5097e542c969c8ea0d07996e43aee33
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Sat, 09 Dec 2023 11:48:21 GMT
x-powered-by
Express
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-served-by
cache-ams21069-AMS
server
Google Frontend
x-timer
S1702122501.976138,VS0,VE184
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
7594061d39e048549cc265c28df3f555
cache-control
max-age=1800
origin-trial
AsJLZ4vyY2ORU5w3PpXkCY24qwPZPIS5vhU7v2bOIN/0bBRyfdahqmyS8TVFm5y/M0UpaS2paS/SJ+gGGZ9FeA8AAACfeyJvcmlnaW4iOiJodHRwczovL2ZpcmViYXNlYXBwLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZVRoaXJkUGFydHlTZXNzaW9uU3RvcmFnZVBhcnRpdGlvbmluZ0FmdGVyR2VuZXJhbFBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcxNDY5NDM5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-cache-hits
0
handler.js
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/ 		278 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler.js
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
1ee9272f18dabe52ff16697ca183c53f620ed11f18c7254d5fbc69e028bd6b80
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler?apiKey=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&appName=mongo-express-lf8fp-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app%2F%3FapiKey%3DAIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0%26mode%3Dlogin%26tid%3Dmongo-express-lf8fp%26redirect_uri%3Dhttps%3A%2F%2Fiap.googleapis.com%2Fv1beta1%2Fgcip%2Fresources%2F29672271CEDB9CA8%3AhandleRedirect%26state%3DeyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IklkcDZKZyJ9.ALEydkAJhPLIhBcBMnNsq-hlC5I579dmq5QEFN4q1YxnEAOHhdZegkbm3nQWMVVlsgr-9q3njUTM3kbGKlSXY4AX3CwV49kLfiz7WhLmksSX03AqkU5WI37miQJ3cKGoYWuYLaF9YiTljOjK1fDis29L0zJB4ZIgCAMUdzCH198NwvvP-61S9A5MESV12ZkSOYdjxJacxVGmiq8wg8_4lbXwTummW9TZIPTwreNWavO8L_LNHXyjqjuMtDy_gnYts5bEZd6XZIIiajAtYzrQ5eiifcpLS5b-7aCyDxZenl0OGYZZTZJ-NJ0vQxfPtk2MIMu1DbqeSb1mbwkqx1AEv5if5HuVJFF_iqGdwGHmd1n0k_skZNH1Qmw9svK4nyVRSzWwrdEtfPX-1OWaQgl2REpDXaqN1Fo6OfdsclzqGR2K3Vfu9GjGUCFbX757wXSPWSg8SqrYcEIKP9-5Ykn6ALMaeUajtYVjmTb8SKCtDiuQRbZva4Jghl5kTRxfdlOdeHoKYP2ZlJa8Cs1M4iE675oDy9DolIDtLxDD4kAFdNMFSH2Cu7Z1.YRjjJeBFI7w6hxj5AfEgvLfeQ2q3dEdLZFWZ4Fyt14QCoulneLo7W2W8VtZEa3J2vdNpiPSmpMNaSTuJGgMRZg&v=9.8.4&providerId=saml.mongo-express&tid=mongo-express-lf8fp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Sat, 09 Dec 2023 11:48:21 GMT
x-powered-by
Express
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89622
x-served-by
cache-ams21038-AMS
server
Google Frontend
x-timer
S1702122501.978938,VS0,VE413
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
b752b15d12b348cf80a54ba0290fe7de
cache-control
max-age=1800
origin-trial
AsJLZ4vyY2ORU5w3PpXkCY24qwPZPIS5vhU7v2bOIN/0bBRyfdahqmyS8TVFm5y/M0UpaS2paS/SJ+gGGZ9FeA8AAACfeyJvcmlnaW4iOiJodHRwczovL2ZpcmViYXNlYXBwLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZVRoaXJkUGFydHlTZXNzaW9uU3RvcmFnZVBhcnRpdGlvbmluZ0FmdGVyR2VuZXJhbFBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcxNDY5NDM5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-cache-hits
0
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		312 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getProjectConfig?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&cb=1702122501511
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
064f806299b82681ca35a489f6fc4b6d614c6c93471ef6f2c6738c8e6f107299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
X-Client-Version
Chrome/Handler/2.20.2/FirebaseCore-web
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getProjectConfig?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0&cb=1702122501511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version
Access-Control-Request-Method
GET
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Dec 2023 11:48:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6c1c75c1ad278bb37fe3e06f0b1bf775cb94bcc58ae46651d9a29b5218f34f2

Request headers

Referer
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
createAuthUri
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		1 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/createAuthUri?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
X-Client-Version
Chrome/Handler/2.20.2/FirebaseCore-web
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 11:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
940
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
createAuthUri
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/createAuthUri?key=AIzaSyCRzngIqqMDPWYeDT6woXRsN4Is8kEB7n0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version
Access-Control-Request-Method
POST
Origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Dec 2023 11:48:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
saml2
login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Requested by
Host: iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
URL: https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/__/auth/handler.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:138::6 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e32ea1b2a0a983eff9ef556da5576edb42e68e0f4c34cc8c99b35bab105668a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8939
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:48:21 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.16919.4 - FRC ProdSlices
x-ms-request-id
e8af2b54-0fb6-4bcb-a3a8-bd81926b0c00
BssoInterrupt_Core_G8nbIKerNCoHF1cUBcOz7w2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_G8nbIKerNCoHF1cUBcOz7w2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4685) /
Resource Hash
0ea7628423c80e4e8d0791f57aa8b205cb64886686a360467ae645c7cf6aa99b

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
content-encoding
gzip
content-md5
cIEj39mjpvtGzkv+5yGy3Q==
age
1853114
x-cache
HIT
content-length
48848
x-ms-lease-status
unlocked
last-modified
Wed, 15 Nov 2023 23:32:09 GMT
server
ECAcc (nyb/4685)
etag
0x8DBE633167FEC89
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0727d104-401e-00b3-32ba-195164000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/ 		43 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_G8nbIKerNCoHF1cUBcOz7w2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:138::6 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
446be1706e1aa01860576ecd07073af8e2451cabe7b8f538b330efbf8816d529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15795
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Dec 2023 11:48:22 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.16919.4 - FRC ProdSlices
x-ms-request-id
fbe42804-9e21-48f1-9474-7d775b5e0d00
converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4749) /
Resource Hash
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
content-encoding
gzip
content-md5
cclsNwaya3AD0ci2cGBnrw==
age
1857783
x-cache
HIT
content-length
20226
x-ms-lease-status
unlocked
last-modified
Fri, 17 Nov 2023 00:22:21 GMT
server
ECAcc (nyb/4749)
etag
0x8DBE70343D336EF
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
caff8fc8-801e-0083-49b0-197075000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_2TS5K5gxo-zWGrXS7stGhw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		421 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2TS5K5gxo-zWGrXS7stGhw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/476C) /
Resource Hash
8af9b303e5e3a3623a9520e74be0ed612595812f0e5ffa704aa7ae3a9a0f269d

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
content-encoding
gzip
content-md5
fP0s+FFOVUxsHiQ8GxcvnQ==
age
1857783
x-cache
HIT
content-length
118205
x-ms-lease-status
unlocked
last-modified
Wed, 15 Nov 2023 23:32:14 GMT
server
ECAcc (nyb/476C)
etag
0x8DBE63319028C82
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
80096ba5-001e-004b-50b0-19ac20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_fmhisaxpoaglzwf5og-iag2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_fmhisaxpoaglzwf5og-iag2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4723) /
Resource Hash
b797cd27c5cbc7ce1ec29665a5d2bfb1a582caff1096bdd22f944370a0333edb

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
content-encoding
gzip
content-md5
giqjQqeQlnBve2p+c+x+gA==
age
2216098
x-cache
HIT
content-length
15157
x-ms-lease-status
unlocked
last-modified
Fri, 10 Nov 2023 01:29:03 GMT
server
ECAcc (nyb/4723)
etag
0x8DBE18C6C4814E6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
563370cb-b01e-0048-786d-16d126000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/decee90c-ce03-461e-8c21-dd538e181c75/saml2?SAMLRequest=fZJPb9swDMW%2FiqG7ZMt%2FkliIU2QrhhXosKBxd9glkGUu0WaLnihnwT79DCcBukuPgh75yN%2Fj%2BuHSd9EZPFl0FZMiYRE4g611x4q91p%2F4ij1s1qT7Lh3Udgwn9wK%2FR6AQTYWO1PWnYqN3CjVZUk73QCoYtd9%2BeVapSNTgMaDBjkVbIvBhsvqIjsYe%2FB782Rp4fXmu2CmEgVQcWz3woxn4CSlAy0fLe3RHhAunq5r%2FCT8ha361pDn8FVr40Qk9DPHhEOtpxPikXduBZ9HjNKh1OszL3ft3eLRO9NZ4JPwR0HXWgTDYxy0YgDIx3ECS8Xwhga9MKnnbFtkK5EqaZRHPG7Po6bFiB5mW%2BVRRFMWiKTLIc7OErDQSyqaReSknGdEIT46CdqFiaZJmXKY8KWspVb5SqRTLRfmdRbsbow%2FWXdm%2FB7S5ikh9rusd333d1yz6ds9wErBbYmp292%2Bjer%2BxvufDNndaM3sOl8EDESdC0dkzCCSjA87U1vFbs83t%2Bf%2B1bP4B&RelayState=AMbdmDnflpzyMwzptDpI-jYeRgYhTg4XLEk4Wu5uwR3Wf-zaLMqFEctJca8HgtUpWQLoIPh4sZOtsFKN-l3nIo1abIBfOAoRem2zOAOSz2ONcE4Kc0EcwPCKPz8ITGZis1ATyEDeYjituFP3-I72qvZmwR6w20uvxdN8Xg0oomZam8f8W-T-9xBr8REnV8N8NIC8qo66ZrQKSUgsHZ4yM5Li6OfkhKNk0xNlp8TZCf-kCnStNao9ZBRvpcWahoeIzYWwdRlSbTNshg3-9iQ_IEBSFLIlBuyfYfmRNqJALWqbpnQggFfsdjvMugqeHJdmJaWC4lI1bgMqQkzir_mijt61wja1sPGf88Jaai8vpwcpT60zscEmqrNm&context_uri=https%3A%2F%2Fiap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.190.196 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_e510439e6f2355f97577.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_e510439e6f2355f97577.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2TS5K5gxo-zWGrXS7stGhw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4717) /
Resource Hash
fb77bb1d43b2d95229ad7bc71b3b259a0b83bf64351212b448a27c172fe61ffa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
content-encoding
gzip
content-md5
278jD8ZrCAMM3faz9ltcjA==
age
2216097
x-cache
HIT
content-length
34609
x-ms-lease-status
unlocked
last-modified
Fri, 03 Nov 2023 21:43:47 GMT
server
ECAcc (nyb/4717)
etag
0x8DBDCB5F5E6BECD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cfc1a71d-201e-0075-656d-162f2c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/c1c6b6c8-7prhwieizc3kvm-yvgph9xxmyucsb0dbgnvycho9sdk/logintenantbranding/0/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-7prhwieizc3kvm-yvgph9xxmyucsb0dbgnvycho9sdk/logintenantbranding/0/illustration?ts=637598839776652661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c637f963ac04978b12b1e98a68a9ff611cbf2212d70f21b69cb0fad96722bc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
last-modified
Mon, 21 Jun 2021 14:52:57 GMT
etag
0x8D934C442496DD3
x-azure-ref
20231209T114822Z-5e0gzu8r2d1w74h5yhpzxtvybg00000000ag000000003h3m
x-cache
TCP_HIT
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
b0884a9c-301e-002c-10bd-28b703000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
140517
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-7prhwieizc3kvm-yvgph9xxmyucsb0dbgnvycho9sdk/logintenantbranding/0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-7prhwieizc3kvm-yvgph9xxmyucsb0dbgnvycho9sdk/logintenantbranding/0/bannerlogo?ts=637599376586080133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
401786897a75a740a92b94f1aa27726e522d70855d163371e298422d482be69c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
last-modified
Tue, 22 Jun 2021 05:47:39 GMT
etag
0x8D935413EA8B764
x-azure-ref
20231209T114822Z-5e0gzu8r2d1w74h5yhpzxtvybg00000000ag000000003h3k
x-cache
TCP_MISS
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
3069c029-f01e-0023-3995-2ac16f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
7719
convergedlogin_pstringcustomizationhelper_50b92a7b991422dd39ff.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_50b92a7b991422dd39ff.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2TS5K5gxo-zWGrXS7stGhw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4719) /
Resource Hash
969486e23eab84d16be606d82c2b166aba2ad28b8582583a068987f0b9c39d7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:22 GMT
content-encoding
gzip
content-md5
R+2cBZ2hn5qlUOCtLPDiNA==
age
2215669
x-cache
HIT
content-length
35914
x-ms-lease-status
unlocked
last-modified
Fri, 03 Nov 2023 21:43:48 GMT
server
ECAcc (nyb/4719)
etag
0x8DBDCB5F6A4CC11
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
07094962-d01e-00a2-206e-16ca44000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/474B) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 11:48:23 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
15104540
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (nyb/474B)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
123ea262-901e-0088-2d35-a101ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_e510439e6f2355f97577 boolean| __convergedlogin_pstringcustomizationhelper_50b92a7b991422dd39ff

12 Cookies

Domain/Path Name / Value
mongo-express-sso.live.oscato.com/ Name: GCP_IAP_XSRF_NONCE_tp04gAZIOH8uAGTD-BSxFA
Value: 1
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AUcADOnO3gPOHkaMId1Tjhgcdcnr8c27BkZLuP7oR_u6TwpHAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-gapuyHuf7FOiQ8zMAZFJk_3wWNXeh7T1F87MrB-hT53cH2whxbmCWPgM5pWVKCY0iIunxOFvh7ZgNdokgG4EZRqJ8YCEHPKyB1l8oSW-bK0gAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ--jXQy8IEru4TdiLZakT_5Sm7BbQ3JaxF9p3Ho4nVuyZeCQU3Rp5xD-mawbfgrFbx0-kPrrzQ_aNmay6-glPEqwbWwIEXFthomsQ_pUkFXrShnxU37BlxOEkMnXib49jRZZbGqslEvKDSzgBXpicgk5elq7IJHDdnSytTzmtSlhsgAA
.login.microsoftonline.com/ Name: esctx-VsJ26RP1RWU
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-kgNScMieYtSlNk13IHZgD-YMpkeEoFido_foaxUM4Fkx2YU-zl7t1dYeQxGWFIYCNz-WwQv4piqqQOmA83CQsCkqtOKBDcnhmt49lXDiYugOBnWyJPBFl--bjAtkIM7SGZNptYpBNCKfJqfSnt3dSCAA
login.microsoftonline.com/ Name: fpc
Value: AoC8ycXR34hHtRAmdQmL4BkEBUSKAQAAAAVLBt0OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 3f0ec9950d364be8b4eb5ba2b536fcc6
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1702122502&co=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
fonts.googleapis.com
fonts.gstatic.com
iap-gcp-hosted-ui-mongoex-service-wtje3bkdsa-ez.a.run.app
identitytoolkit.googleapis.com
img.icons8.com
login.live.com
login.microsoftonline.com
mongo-express-sso.live.oscato.com
www.googleapis.com
20.190.190.196
2001:4860:4802:32::35
2603:1036:3000:138::6
2606:2800:21f:1b88:6342:f8de:86c:e98b
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::200a
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::200a
2620:1ec:46::40
2a02:6ea0:c400::12
34.160.8.8
064f806299b82681ca35a489f6fc4b6d614c6c93471ef6f2c6738c8e6f107299
0c637f963ac04978b12b1e98a68a9ff611cbf2212d70f21b69cb0fad96722bc5
0ea7628423c80e4e8d0791f57aa8b205cb64886686a360467ae645c7cf6aa99b
13d3abb27a74de95eb09aab2efc653b781835fbdd7b1e33ff499ecc73d9921f9
1b34f0506570aee83401813c56d2621febe7e7c84bd2f7b0e21682c5c7b1338f
1ee9272f18dabe52ff16697ca183c53f620ed11f18c7254d5fbc69e028bd6b80
401786897a75a740a92b94f1aa27726e522d70855d163371e298422d482be69c
446be1706e1aa01860576ecd07073af8e2451cabe7b8f538b330efbf8816d529
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89
8af9b303e5e3a3623a9520e74be0ed612595812f0e5ffa704aa7ae3a9a0f269d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
969486e23eab84d16be606d82c2b166aba2ad28b8582583a068987f0b9c39d7f
9d02d07fbda0125bede904e0e67f56a471f05760150481523f3f29f170076f67
9e32ea1b2a0a983eff9ef556da5576edb42e68e0f4c34cc8c99b35bab105668a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b797cd27c5cbc7ce1ec29665a5d2bfb1a582caff1096bdd22f944370a0333edb
ce225ee3bd2a8ad914e3da1ad3c2fb7dfb42e901d54d358b718c449eededb254
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
e6c1c75c1ad278bb37fe3e06f0b1bf775cb94bcc58ae46651d9a29b5218f34f2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f693e596bd255e64c26bdbabfb059178e31f7037f20718039be5e8eeb477ba84
f8080380beb017e5fe694e286aa1f282a5097e542c969c8ea0d07996e43aee33
fb77bb1d43b2d95229ad7bc71b3b259a0b83bf64351212b448a27c172fe61ffa