login.microsoftonline.com Open in urlscan Pro
2603:1016:1400:68::5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://one.cbre.com/
Effective URL:
https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306...
Submission Tags: @phish_report
Submission: On January 03 via api (January 3rd 2024, 6:36:31 pm UTC) from FI — Scanned from NZ

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 41 HTTP transactions. The main IP is 2603:1016:1400:68::5, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 24.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 18th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	45.223.62.188 45.223.62.188	19551 (INCAPSULA) (INCAPSULA)
2	2404:6800:400... 2404:6800:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
2	13.35.144.155 13.35.144.155	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.163.144.222 35.163.144.222	16509 (AMAZON-02) (AMAZON-02)
2	2603:1016:140... 2603:1016:1400:68::5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2606:2800:247... 2606:2800:247:8f3c:39fe:2753:7a35:e3da	15133 (EDGECAST) (EDGECAST)
1	40.126.14.161 40.126.14.161	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:46::31 2620:1ec:46::31	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2603:1016:140... 2603:1016:1400:68::2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
41	12

8 45.223.62.188 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

one.cbre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80a::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.144.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-144-155.syd1.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:809::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b32 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.144.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-144-222.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1016:1400:68::5 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2800:247:8f3c:39fe:2753:7a35:e3da (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.14.161 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1016:1400:68::2 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 2605	240 KB
8	cbre.com 1 redirects one.cbre.com	977 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 2554	45 KB
2	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1253	9 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 24	17 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 2979	30 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	174 KB
1	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 7218	2 KB
1	live.com login.live.com — Cisco Umbrella Rank: 53
1	segment.io api.segment.io — Cisco Umbrella Rank: 1619	171 B
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 10750 n2.mouseflow.com Failed	58 KB
41	12

	Domain	Requested by
12	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
8	one.cbre.com	1 redirects one.cbre.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	aadcdn.msauth.net	autologon.microsoftazuread-sso.com
2	autologon.microsoftazuread-sso.com	aadcdn.msftauth.net aadcdn.msauth.net
2	login.microsoftonline.com	one.cbre.com aadcdn.msftauth.net
2	cdn.segment.com	one.cbre.com cdn.segment.com
2	www.googletagmanager.com	one.cbre.com www.googletagmanager.com
1	aadcdn.msftauthimages.net
1	login.live.com	login.microsoftonline.com
1	api.segment.io	cdn.segment.com
1	cdn.mouseflow.com	www.googletagmanager.com
0	n2.mouseflow.com Failed	cdn.mouseflow.com
41	13

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-18` - `2024-04-15`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
cdn.mouseflow.com Cloudflare Inc ECC CA-3	`2023-10-25` - `2024-10-23`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-11-18` - `2024-11-18`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03	`2023-11-25` - `2024-11-19`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-10-29` - `2024-10-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback
Frame ID: BB3BD9D723E0CD0E227412CFFD2F2883
Requests: 37 HTTP requests in this frame

Frame: https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/iframe?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&isAdalRequest=False
Frame ID: 1D6B9E8590F38D088BEC08A5E9AE4535
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

http://one.cbre.com/ HTTP 301
https://one.cbre.com/ Page URL
https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da5... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

90 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

12
IPs

2
Countries

1573 kB
Transfer

5352 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-NZ/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-NZ/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://one.cbre.com/ HTTP 301
https://one.cbre.com/ Page URL
https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://one.cbre.com/ HTTP 301
https://one.cbre.com/

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
one.cbre.com/
Redirect Chain

http://one.cbre.com/
https://one.cbre.com/

5 KB
3 KB

1136ms
1061ms

Document
text/html

45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ec0e55ca8c4a4e4cd3e68714849dbf484fecddeabd3f9c1e3350bf3d3b4c098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 03 Jan 2024 18:36:16 GMT
etag: W/"4b401057ab6a031f04a287bee61a04fc"
last-modified: Tue, 19 Dec 2023 01:03:19 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 38cc7bfda72a51992e6c8fdd562a6bc6.cloudfront.net (CloudFront)
x-amz-cf-id: F3IHddfSBNp9TDO64bo4SuDktv5xq71by7cOi05NldnzFuvR77WZOA==
x-amz-cf-pop: AKL50-C1
x-amz-replication-status: FAILED
x-amz-server-side-encryption: AES256
x-amz-version-id: gY5evSWqg0Dy3eJKG03ERAS9x2mZxTlC
x-cache: Miss from cloudfront
x-cdn: Imperva
x-iinfo: 6-19790519-19790522 NNNN CT(1 8 0) RT(1704306974033 40) q(0 0 0 -1) r(0 10) U24

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Wed, 03 Jan 2024 18:36:14 GMT
Location: https://one.cbre.com/
Server: CloudFront
Via: 1.1 cb7bb64fd4d523ee530bde6c5261888c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: dK4ZCJgirl4WY7SMs1tP0FgNtKeMClP7BP_gH7vOY44UPiE3AhRxCg==
X-Amz-Cf-Pop: AKL50-C1
X-CDN: Imperva
X-Cache: Redirect from cloudfront
X-Iinfo: 14-57351504-57351505 NNNN CT(1 -1 0) RT(1704306973956 0) q(0 0 0 0) r(0 0) U24

GET
H2 200 pdf.worker.js Show response
one.cbre.com/ 670 KB
194 KB 1165ms
1164ms Script
application/javascript 45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/pdf.worker.js

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

498771d2c9b103619f9e8ed6c4277cb368ee01bad1cb2845d4eae3676a6b7076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:17 GMT
x-amz-version-id: ivLW9zb2fc_8yNw_zqHRt8TRswb8d5RP
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 5b915d1c02d71eb34db39db3e6752d5c.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: AKL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-iinfo: 6-19790519-19790547 NNNN CT(3 11 0) RT(1704306974033 1111) q(0 0 0 -1) r(0 11) U24
x-amz-replication-status: FAILED
last-modified: Tue, 19 Dec 2023 01:03:19 GMT
server: AmazonS3
etag: W/"a444854a46b0aad6281ceca767000b27"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: 1rFsueMtn7t-r9KGIQDBGDErIxkVojMXEJqE8NwqM0SVMnCkTd4rSw==

GET
H2 200 2.cc96d9d8.chunk.css
one.cbre.com/static/css/ 7 KB
2 KB 998ms
996ms Stylesheet
text/css 45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/static/css/2.cc96d9d8.chunk.css

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dc2c2c86cdca88dd3e1f1618db6384aab1240184c59f2ed7a581264a6498db2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:17 GMT
x-amz-version-id: V5qhoJQ_Yxxob4IxN8f_jP8S8XxV5zG5
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 38cc7bfda72a51992e6c8fdd562a6bc6.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: AKL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-iinfo: 6-19790519-19790522 PNNN RT(1704306974033 1107) q(0 0 0 -1) r(10 10) U24
x-amz-replication-status: FAILED
last-modified: Tue, 19 Dec 2023 01:03:19 GMT
server: AmazonS3
etag: W/"83b7cdd19e695dd228c320e8ae6f98bf"
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: UJmv-JXhzIFWDUOsFpmQj4Wc7Fv8TUCW11t04kLWzZ51u3N4sQ-u7g==

GET
H2 200 main.6ecf84c9.chunk.css
one.cbre.com/static/css/ 856 B
708 B 1004ms
1003ms Stylesheet
text/css 45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/static/css/main.6ecf84c9.chunk.css

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

82ad66f54a123768abcfd07f1966a2a56971f266f0195ce54f3ea4d6858aa070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:17 GMT
x-amz-version-id: urCOIBj4AfjvZ_Dq70uEVh1H8GpKKuiW
via: 1.1 e13938f256976e68729d67ae7b39e8cc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: AKL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-iinfo: 6-19790519-19790545 NNYN CT(2 5 0) RT(1704306974033 1110) q(0 0 0 -1) r(0 10) U24
x-amz-replication-status: FAILED
last-modified: Tue, 19 Dec 2023 01:03:19 GMT
server: AmazonS3
etag: "903b8154209dcec02255acbebba1aca8"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: L9GjPiCI1c5cUszsnrzWPPHdQVf6dOMegPe6RtRxhf8HvWKnUMKaNQ==

GET
H2 200 2.07bf8f10.chunk.js Show response
one.cbre.com/static/js/ 2 MB
750 KB 1120ms
1119ms Script
application/javascript 45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/static/js/2.07bf8f10.chunk.js

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd115754f07404fbcbef7c74dcc71f99dc777b58d7d7a0798e29e85acdb9f957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:17 GMT
x-amz-version-id: uLjaUSqa8pDwUhmJ84_Gqw.lTbPnPD3.
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 d67c8849fe670ca3fd6d3888de84e16a.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: AKL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-iinfo: 6-19790519-19790549 NNNN CT(2 11 0) RT(1704306974033 1112) q(0 0 0 -1) r(0 11) U24
x-amz-replication-status: FAILED
last-modified: Tue, 19 Dec 2023 01:03:19 GMT
server: AmazonS3
etag: W/"749fad534a15cf6f15323e1b220fab30"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: 5D0FCkP2re72W9F6rAuHwGhWr97YR0oZB-TO7BGj0hskPm6Z47ertw==

GET
H2 200 main.56e08ad2.chunk.js Show response
one.cbre.com/static/js/ 13 KB
5 KB 1007ms
1006ms Script
application/javascript 45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/static/js/main.56e08ad2.chunk.js

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f525e91ac26301933df0b076ee3b6f4202fe28700de921a399cd60cbf3f3017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:17 GMT
x-amz-version-id: m.ICpVn_CVYpUNWq7gng6chixAxzsaqB
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 38cc7bfda72a51992e6c8fdd562a6bc6.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: AKL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-iinfo: 6-19790519-19790551 NNNN CT(1 5 0) RT(1704306974033 1114) q(0 0 0 -1) r(0 10) U24
x-amz-replication-status: FAILED
last-modified: Tue, 19 Dec 2023 01:03:20 GMT
server: AmazonS3
etag: W/"c45c072402a4667daf9869945390cea6"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: X_gx0ijswtW_Aa0ZBt9sbw0DRg3b4RCMGV_Etvm3utFo-6khIUxO_Q==

GET
H2 200 _Incapsula_Resource Show response
one.cbre.com/ 151 KB
21 KB 43ms
42ms Script
application/javascript 45.223.62.188
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://one.cbre.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=736146793

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.62.188 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63cdb975da2719ecf285aac520fb36754533cd6e6099eb9d6b7a6991139fbcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21757
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
86 KB 684ms
284ms Script
application/javascript 2404:6800:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXBCBLT

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7650627a2fce63dbdc21fae617f0e76a89dbce3c663fd209f7de1cdb2178a0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87261
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 18:36:18 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/hVUaU4NBmVVPzCEuLcSuvxLrXoLu53av/ 108 KB
29 KB 928ms
724ms Script
text/javascript 13.35.144.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/hVUaU4NBmVVPzCEuLcSuvxLrXoLu53av/analytics.min.js
Requested by: Host: one.cbre.com
URL: https://one.cbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.144.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-144-155.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e423efa551bd16047a72d750d6a6cbe06748efe16951e7b49d05e3c70974284

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:20 GMT
x-amz-version-id: w9yZET3V62M8Dw1nGH2N1vFhOUqWByx0
content-encoding: br
via: 1.1 bc447bebac6752b9d1351a9e5ee7d13a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Dec 2023 18:05:53 GMT
server: AmazonS3
etag: W/"4e5d726f4cd97dbc5e3bd4648c8f61db"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: fBpFr29_S7hFufgxqls3irT5siLdsVr3Hy6T9aTtmiK4UspHH2UxOg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 265ms
264ms Script
application/javascript 2404:6800:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-94P7ZJ2E4Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXBCBLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9113c3f65e8f2a60eb63bad2c4afe1a3bd45cbe8b115d0ac6dd6d3a2208b1f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 18:36:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 550ms
152ms Script
text/javascript 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXBCBLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 17:16:38 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4781
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 03 Jan 2024 19:16:38 GMT

GET
H2 200 9e04b6cf-62c4-423d-b1b3-bbddcd422173.js Show response
cdn.mouseflow.com/projects/ 195 KB
58 KB 1317ms
1232ms Script
application/javascript 2606:4700::6812:1b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/9e04b6cf-62c4-423d-b1b3-bbddcd422173.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXBCBLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172f13a709b3e7e44a99313da320518f78aceffcb0284caf4f6756a0135f51b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-mf-script-region: US
last-modified: Mon, 01 Jan 2024 08:56:08 GMT
server: cloudflare
etag: W/"be19675c903cda1:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 83fd58bd8cf31c5c-AKL
expires: Thu, 04 Jan 2024 18:36:20 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/hVUaU4NBmVVPzCEuLcSuvxLrXoLu53av/ 603 B
1 KB 856ms
713ms Fetch
application/json 13.35.144.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/hVUaU4NBmVVPzCEuLcSuvxLrXoLu53av/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/hVUaU4NBmVVPzCEuLcSuvxLrXoLu53av/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.144.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-144-155.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2aafd851e649f1c74986b5fffa2ccb55b46b5f4ac9a55387d8d124fcf083dadf

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jan 2024 18:36:21 GMT
x-amz-version-id: TqHSQtwwyccCG1Imh9Aic7qhTs7nYsaW
via: 1.1 26cfb3bc5100503427ae192845c72eca.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 603
last-modified: Tue, 11 Oct 2022 21:29:16 GMT
server: AmazonS3
etag: "f04433ad3b14ef6405e3e6749ff94ee6"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
x-amz-cf-id: -wbyqcYfq61BOjJ7P0fINGauh2dABALDjtVKO8E2-oJMCqyfDvCBUw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 249ms
249ms Ping
text/plain 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-94P7ZJ2E4Q&gtm=45je3bt0v869579022z8840873050&_p=1704306978309&gcd=11l1l1l1l1&dma=0&cid=2000201861.1704306980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704306979&sct=1&seg=0&dl=https%3A%2F%2Fone.cbre.com%2F&dt=CBRE%20ONE&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5046
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94P7ZJ2E4Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:36:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://one.cbre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 248ms
248ms XHR
text/plain 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1758409172&t=pageview&_s=1&dl=https%3A%2F%2Fone.cbre.com%2F&ul=en-us&de=UTF-8&dt=CBRE%20ONE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=254748197&gjid=1416331622&cid=2000201861.1704306980&tid=UA-97896300-12&_gid=2110816461.1704306980&_r=1&_slc=1&gtm=45He3bt0n81NXBCBLTv840873050&gcd=11l1l1l1l1&dma=0&z=790175761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://one.cbre.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:36:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://one.cbre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 539ms
178ms Fetch
application/json 35.163.144.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/hVUaU4NBmVVPzCEuLcSuvxLrXoLu53av/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-144-222.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://one.cbre.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://one.cbre.com
date: Wed, 03 Jan 2024 18:36:20 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET cbre.png
one.cbre.com/ 0
0

GET
H/1.1 200
OK Primary Request authorize Show response
login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/ 38 KB
16 KB 474ms
266ms Document
text/html 2603:1016:1400:68::5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback

Requested by

Host: one.cbre.com
URL: https://one.cbre.com/static/js/2.07bf8f10.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1016:1400:68::5 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e138445782a40707af269585ea38b49cd5d7292fe26a30684b282933d651eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://one.cbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14522
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 18:36:25 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
x-ms-ests-server: 2.1.16942.4 - WUS3 ProdSlices
x-ms-request-id: 234672aa-e0db-4f71-8b03-d1061db14202

GET init
n2.mouseflow.com/ 0
0

GET survey
one.cbre.com/api/survey/ 0
0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 248ms
248ms Ping
text/plain 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-94P7ZJ2E4Q&gtm=45je3bt0v869579022&_p=1704306978309&gcd=11l1l1l1l1&dma=0&cid=2000201861.1704306980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704306979&sct=1&seg=0&dl=https%3A%2F%2Fone.cbre.com%2F&dt=CBRE%20ONE&en=scroll&epn.percent_scrolled=90&_et=9&tfd=10229
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94P7ZJ2E4Q&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.cbre.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:36:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://one.cbre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
www.google-analytics.com/g/ 0
0

GET
H2 200 converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 109 KB
20 KB 266ms
65ms Stylesheet
text/css 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7C0) /
Resource Hash: 5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:25 GMT
content-encoding: gzip
content-md5: cclsNwaya3AD0ci2cGBnrw==
age: 4034631
x-cache: HIT
content-length: 20226
x-ms-lease-status: unlocked
last-modified: Fri, 17 Nov 2023 00:22:21 GMT
server: ECAcc (nwa/E7C0)
etag: 0x8DBE70343D336EF
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: bc77775d-201e-00dd-4bc1-19b15b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 419 KB
115 KB 328ms
127ms Script
application/x-javascript 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7CA) /
Resource Hash: 62c7b35c728130c5a262f659268709c22995a19e96b39d66dd1a41489d1eb4f3

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:25 GMT
content-encoding: gzip
content-md5: 9KFk2J8ez5wderfE1yvVmg==
age: 2946149
x-cache: HIT
content-length: 118032
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 18:06:22 GMT
server: ECAcc (nwa/E7CA)
etag: 0x8DBF105E5246EF5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: aff4b402-201e-000d-77a8-23853d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en.min_uwo3eukwj1jimmqictgmkq2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 52 KB
15 KB 266ms
66ms Script
application/x-javascript 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_uwo3eukwj1jimmqictgmkq2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E79A) /
Resource Hash: 37119e9799d67c0beeaf93167c0006be310cb8afa32bd6666f427a799ffad845

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:25 GMT
content-encoding: gzip
content-md5: Jp4pCVSUbVaQb8WvW3hZzg==
age: 3034519
x-cache: HIT
content-length: 15176
x-ms-lease-status: unlocked
last-modified: Tue, 28 Nov 2023 23:05:01 GMT
server: ECAcc (nwa/E79A)
etag: 0x8DBF066735CDA91
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec30eab2-201e-0059-03da-224a06000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 518ms
252ms Other
text/html 40.126.14.161
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/oauth2/v2.0/authorize?client_id=4f01da51-113c-413f-a44b-306231185b3b&scope=openid+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fone.cbre.com%2Fsso-callback
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.14.161 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_560f3c6ac4b56ef7114c.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 153 KB
34 KB 237ms
60ms Script
application/x-javascript 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_560f3c6ac4b56ef7114c.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7C7) /
Resource Hash: 3fd4de4b26a7acec23971755c0e54a144f523b8322c669293fced93b587de41f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-encoding: gzip
content-md5: 4c2/q0kG7m1qkRlb83TqgA==
age: 2946148
x-cache: HIT
content-length: 34608
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 18:05:33 GMT
server: ECAcc (nwa/E7C7)
etag: 0x8DBF105C7DB2D3B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2391c228-d01e-00a2-11a8-23ca44000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_1c6985b2fc78cc36a2ce.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 60ms
60ms Script
application/x-javascript 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_1c6985b2fc78cc36a2ce.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E794) /
Resource Hash: da3aa4c3ab7973dba455d709dad6f0cd73729afc99d049ef9fbb930fa0c907e7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-encoding: gzip
content-md5: /X3M4plA4YMZAWfZr/fYkA==
age: 2923647
x-cache: HIT
content-length: 5517
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 18:05:39 GMT
server: ECAcc (nwa/E794)
etag: 0x8DBF105CBC3B90C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1674fbd0-a01e-00f9-61dc-238c60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 60ms
59ms Image
image/gif 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E79F) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 18812598
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nwa/E79F)
etag: 0x8DB5C3F4982FD30
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 32132532-801e-004d-3b5a-9310a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 62ms
61ms Image
image/gif 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E797) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 18812598
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nwa/E797)
etag: 0x8DB5C3F492F3EE5
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 649a43f6-b01e-009a-145a-93b3aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 2 KB
838 B 63ms
62ms Image
image/svg+xml 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7BE) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 18807546
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:43 GMT
server: ECAcc (nwa/E7BE)
etag: 0x8DB5C3F466DE917
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a83661bd-b01e-0010-6c66-9361ad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-reqkveclrai6zrt6avbekmjywas-snivwttdnyzk7xg/logintenantbranding/0/ 2 KB
2 KB 152ms
40ms Image
image/* 2620:1ec:46::31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-reqkveclrai6zrt6avbekmjywas-snivwttdnyzk7xg/logintenantbranding/0/bannerlogo?ts=638203447725631669
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 436fc662dc2aee31559d25ef218f9d758786e8197437196efe28a903fe3e6bb4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
x-azure-ref-originshield: 001uUZQAAAAA/q777tibfRbu+K3osmJk6U1lEMDNFREdFMTgwNgA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
content-md5: a6FDtdFDA4zlcND44EpyUg==
x-cache: TCP_HIT
content-length: 1644
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 09:32:52 GMT
etag: 0x8DB5AA7843EF3CD
x-azure-ref: 0KqmVZQAAAADHHc7JRdlGRI9gZDVk+WMfQUtMMzBFREdFMDMyMAA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: a5f12048-301e-004c-4dad-3d9763000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 60ms
59ms Image
image/gif 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E79F) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 18812598
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nwa/E79F)
etag: 0x8DB5C3F4982FD30
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 32132532-801e-004d-3b5a-9310a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 60ms
60ms Image
image/gif 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E797) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 18812598
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (nwa/E797)
etag: 0x8DB5C3F492F3EE5
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 649a43f6-b01e-009a-145a-93b3aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK iframe Show response
autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/ Frame 1D6B 16 KB
8 KB 838ms
634ms Document
text/html 2603:1016:1400:68::2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/iframe?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&isAdalRequest=False

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1016:1400:68::2 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

76a210a1f5d8bd5756291eebc71e3c6439152b38b9e5574249390aefe07e0522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 7183
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 18:36:26 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-XSS-Protection: 0
x-ms-ests-server: 2.1.16942.4 - NCUS ProdSlices
x-ms-request-id: eb9141d2-bf0a-49ae-bf7f-b94f69ac6600

GET
H2 200 jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame 1D6B 117 KB
40 KB 134ms
40ms Script
application/x-javascript 2620:1ec:46::31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by: Host: autologon.microsoftazuread-sso.com
URL: https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/iframe?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&isAdalRequest=False
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

Referer: https://autologon.microsoftazuread-sso.com/
Origin: https://autologon.microsoftazuread-sso.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-encoding: gzip
x-azure-ref-originshield: 0XQqCZQAAAAB3bffplSWST5owLgrwA6eIU1lEMDNFREdFMTgxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
x-cache: TCP_HIT
content-length: 40454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Feb 2021 06:12:05 GMT
etag: 0x8D8DA1D70FBDD97
x-azure-ref: 0K6mVZQAAAADgo4T+LAegSLpZVyiEiuQHQUtMMzBFREdFMDMwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1a19c9ed-001e-0057-27e1-31854e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 dsso.iframe.min_ola-etxskuesqyfim_hgua2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame 1D6B 11 KB
5 KB 134ms
39ms Script
application/x-javascript 2620:1ec:46::31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/dsso.iframe.min_ola-etxskuesqyfim_hgua2.js
Requested by: Host: autologon.microsoftazuread-sso.com
URL: https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/iframe?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&isAdalRequest=False
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1efb19fc32cd366f1169412e329d220a5d289ccff71f88284f8e810c60b4076b

Request headers

Referer: https://autologon.microsoftazuread-sso.com/
Origin: https://autologon.microsoftazuread-sso.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:26 GMT
content-encoding: gzip
x-azure-ref-originshield: 0NbSCZQAAAAACldr8vd2mS4xBawPhkikHU1lEMDNFREdFMTgxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: cBuCMRolouOOxo7fU2fYKA==
x-cache: TCP_HIT
content-length: 4443
x-ms-lease-status: unlocked
last-modified: Thu, 22 Oct 2020 20:43:21 GMT
etag: 0x8D876CB1D444A03
x-azure-ref: 0K6mVZQAAAADf4xXov41DTYR5E1JZ/HbiQUtMMzBFREdFMDMwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7e860010-101e-005e-17ad-31f65d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H/1.1 401
Unauthorized sso Show response
autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/ Frame 1D6B 12 B
988 B 537ms
537ms XHR
text/plain 2603:1016:1400:68::2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/sso?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&_=1704306987325

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1016:1400:68::2 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/iframe?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&isAdalRequest=False
X-Requested-With: XMLHttpRequest
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 03 Jan 2024 18:36:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 32
X-XSS-Protection: 0
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com, https://login.microsoftonline.com
x-ms-request-id: c847463d-baf1-45d8-ab69-b3e55d324002
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true, true
x-ms-ests-server: 2.1.16942.4 - WUS3 ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 254ms
253ms XHR
application/json 2603:1016:1400:68::5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1016:1400:68::5 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

869bf207aff289fb83abdaf59cc5cb62dfb4aaf13688a1df47f4928ce2bc01e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: 234672aa-e0db-4f71-8b03-d1061db14202
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
client-request-id: bf55d9f8-a041-4a95-a56f-d115bbb95949
canary: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-TQhw46XaaZFIMwHN9NV-v8itfwBn-fl3-p6thd1aF70o1aDvyAOvXV6--D--38j1MqwBGobd6OqADKhKDSztDlJzmY5qmDCDYbCaQwexoofenGMS5MRK4nbLq5TkKrc5kcXh65m_gVThTbbrOLdCpmJdj27NviuTJeKqCX3D9_ubefufPIvbev7BQbp3qcUGrHmGaIqRroenGShomz7hkCAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/
hpgact: 1800

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 03 Jan 2024 18:36:27 GMT
X-Content-Type-Options: nosniff
client-request-id: bf55d9f8-a041-4a95-a56f-d115bbb95949
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 265
X-XSS-Protection: 0
Pragma: no-cache
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: af7e2c27-b0f8-4cfb-b941-d1b750e11f00
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
x-ms-ests-server: 2.1.16942.4 - NCUS ProdSlices
Expires: -1

GET
H2 200 convergedlogin_pstringcustomizationhelper_9772c805c34de2cabc91.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 62ms
61ms Script
application/x-javascript 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_9772c805c34de2cabc91.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7B1) /
Resource Hash: 45ebebdec2e08443505458e83ac6027c7cc905f858f5f308a4da92d1328c584c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:28 GMT
content-encoding: gzip
content-md5: FYts0sMVoY2lMK0VnepauQ==
age: 2928133
x-cache: HIT
content-length: 35913
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 18:05:41 GMT
server: ECAcc (nwa/E7B1)
etag: 0x8DBF105CC88EA42
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: acbe5142-301e-00f8-79d2-23a762000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
774 B 60ms
59ms Image
image/svg+xml 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E7C3) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 18:36:28 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 18812622
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:52 GMT
server: ECAcc (nwa/E7C3)
etag: 0x8DB5C3F4BB4F03C
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: af6c625c-b01e-0031-575a-93e1f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: one.cbre.com
URL: https://one.cbre.com/cbre.png

Domain: n2.mouseflow.com
URL: https://n2.mouseflow.com/init?v=17.97&p=9e04b6cf-62c4-423d-b1b3-bbddcd422173&s=78585cc9f1418350db4bec3214380d34&page=01042071835a631e1f4e729ed242f9a570f79a41&ret=0&u=da8f3ab24df4ad3ac7052188dc0aa182&href=https%3A%2F%2Fone.cbre.com%2F&url=%2F&ref=&title=CBRE%20ONE&res=1600x1200&tz=-720&to=0&dnt=0&ori=&dw=1600&dh=1200&time=4693&pxr=1&gdpr=0

Domain: one.cbre.com
URL: https://one.cbre.com/api/survey/survey

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-94P7ZJ2E4Q&gtm=45je3bt0v869579022&_p=1704306978309&gcd=11l1l1l1l1&dma=0&cid=2000201861.1704306980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1704306979&sct=1&seg=0&dl=https%3A%2F%2Fone.cbre.com%2F&dt=CBRE%20ONE&en=user_engagement&_et=5649&tfd=10709

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cbre.com/	1970-01-21 02:09:32	Name: visid_incap_2915916 Value: ndeexL3bTRm/0f9BmLxckB2plWUAAAAAQUIPAAAAAADwE9WiovKSqia7l2wss2AH
.cbre.com/	1969-12-31 23:59:59	Name: nlbi_2915916 Value: tbjqCY1+7Hlhet2bvVx7YAAAAAAgy21xK1sqVzJ7m1gL9ud5
.cbre.com/	1969-12-31 23:59:59	Name: incap_ses_999_2915916 Value: oU4iA/V8KDnV5IQIZirdDR2plWUAAAAAMiM5b5wE//BuAnTLYm2/rA==
.cbre.com/	1970-01-21 03:01:06	Name: _ga Value: GA1.2.2000201861.1704306980
.cbre.com/	1970-01-20 17:26:33	Name: _gid Value: GA1.2.2110816461.1704306980
.cbre.com/	1970-01-20 17:25:07	Name: _gat_UA-97896300-12 Value: 1
.cbre.com/	1970-01-21 02:10:42	Name: ajs_anonymous_id Value: 6210cc6b-c7e3-48df-b685-80403dab1982
.cbre.com/	1970-01-20 19:34:42	Name: mf_user Value: da8f3ab24df4ad3ac7052188dc0aa182\|
.cbre.com/	1969-12-31 23:59:59	Name: mf_9e04b6cf-62c4-423d-b1b3-bbddcd422173 Value: 78585cc9f1418350db4bec3214380d34\|01042071835a631e1f4e729ed242f9a570f79a41.47.1704306984973\|1704306980671\|\|0\|\|\|\|0\|17.97\|8.25796
login.microsoftonline.com/	1970-01-20 18:08:18	Name: buid Value: 0.ARwA0OlZAaAJ306WuqPe6jY8KFHaAU88ET9BpEswYjEYWzscAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-61Txk6GUftcAcCPUjA-EY_xBJGf33M0mabVIKkb8qRQY9qAddzHdZF5j2Z0Q6KeZctpghs7e4HOeb0MWUPNqCtEmF-gjpZiYX66jTD4FVhogAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-p984QYUrgtKbZAFP6_TsudShxwhXDo4awIArafbJBUrUFIa61IsH9fcZmisHBgeY0nIztDb6tvSL7t5YcYH9_weOnPwAPmrErMRJawnv0oRyZbNbQJ6UX38PpOJ4VTGRRHBhyq6bp0ajq_HfoR-i3XwNapfY5wIPjMYzYS94J1kgAA
.login.microsoftonline.com/	1970-01-20 17:26:36	Name: esctx-hXamnT32Q Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-YAZ4YLM4snDIIvPeQmKBP7RDPlMlKqMr0J4AHz2kS_3K4Qo19M2jxP9OMSafRi2c-fyA9ArXfe0rJZ2FJ8h9HB5_47i0qoIyHMkhVXyjisZD0lvkGfYdStPl8rv_IWmBQDb6ZgVSggtdzEQlrD3E0SAA
login.microsoftonline.com/	1970-01-20 18:08:18	Name: fpc Value: ApAAooEBYsVCm0IvDxcJHKBIm1pSAQAAACigJ90OAAAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.cbre.com/	1970-01-21 03:01:06	Name: _ga_94P7ZJ2E4Q Value: GS1.1.1704306979.1.0.1704306985.0.0.0
.login.microsoftonline.com/	1970-01-21 02:46:42	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 2784f753bdd24abfaede7250ca0c408d
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1704306986&co=1
autologon.microsoftazuread-sso.com/	1970-01-20 18:08:18	Name: fpc Value: AoGNfNZOYPtLjdq0h4BGWUw
.autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-PTMl5B4CgZ3_nMYD93Y19hl5eHFe5axRHZinnq27pBbrO6fBEcG8eLMRfQmkeI7G9sZ397lkgUJ1uHmvVqnDHFcniuYmiVH9n54yjEOuI__KObMgii67FMwRezzbSuPtnKCVDZmz7ce6CvHqNIAVKTePeAHR6IxPsG1jfLS13FEgAA
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/0159e9d0-09a0-4edf-96ba-a3deea363c28/winauth/sso?client-request-id=bf55d9f8-a041-4a95-a56f-d115bbb95949&_=1704306987325 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
api.segment.io
autologon.microsoftazuread-sso.com
cdn.mouseflow.com
cdn.segment.com
login.live.com
login.microsoftonline.com
n2.mouseflow.com
one.cbre.com
www.google-analytics.com
www.googletagmanager.com
n2.mouseflow.com
one.cbre.com
www.google-analytics.com
13.35.144.155
2404:6800:4006:809::200e
2404:6800:4006:80a::2008
2603:1016:1400:68::2
2603:1016:1400:68::5
2606:2800:247:8f3c:39fe:2753:7a35:e3da
2606:4700::6812:1b32
2620:1ec:46::31
35.163.144.222
40.126.14.161
45.223.62.188
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
172f13a709b3e7e44a99313da320518f78aceffcb0284caf4f6756a0135f51b2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1efb19fc32cd366f1169412e329d220a5d289ccff71f88284f8e810c60b4076b
2aafd851e649f1c74986b5fffa2ccb55b46b5f4ac9a55387d8d124fcf083dadf
2e423efa551bd16047a72d750d6a6cbe06748efe16951e7b49d05e3c70974284
37119e9799d67c0beeaf93167c0006be310cb8afa32bd6666f427a799ffad845
3ec0e55ca8c4a4e4cd3e68714849dbf484fecddeabd3f9c1e3350bf3d3b4c098
3fd4de4b26a7acec23971755c0e54a144f523b8322c669293fced93b587de41f
436fc662dc2aee31559d25ef218f9d758786e8197437196efe28a903fe3e6bb4
45ebebdec2e08443505458e83ac6027c7cc905f858f5f308a4da92d1328c584c
498771d2c9b103619f9e8ed6c4277cb368ee01bad1cb2845d4eae3676a6b7076
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89
62c7b35c728130c5a262f659268709c22995a19e96b39d66dd1a41489d1eb4f3
63cdb975da2719ecf285aac520fb36754533cd6e6099eb9d6b7a6991139fbcfd
7650627a2fce63dbdc21fae617f0e76a89dbce3c663fd209f7de1cdb2178a0f4
76a210a1f5d8bd5756291eebc71e3c6439152b38b9e5574249390aefe07e0522
82ad66f54a123768abcfd07f1966a2a56971f266f0195ce54f3ea4d6858aa070
869bf207aff289fb83abdaf59cc5cb62dfb4aaf13688a1df47f4928ce2bc01e2
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9113c3f65e8f2a60eb63bad2c4afe1a3bd45cbe8b115d0ac6dd6d3a2208b1f1f
9e138445782a40707af269585ea38b49cd5d7292fe26a30684b282933d651eb1
9f525e91ac26301933df0b076ee3b6f4202fe28700de921a399cd60cbf3f3017
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bd115754f07404fbcbef7c74dcc71f99dc777b58d7d7a0798e29e85acdb9f957
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
da3aa4c3ab7973dba455d709dad6f0cd73729afc99d049ef9fbb930fa0c907e7
dc2c2c86cdca88dd3e1f1618db6384aab1240184c59f2ed7a581264a6498db2a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

login.microsoftonline.com Open in urlscan Pro 2603:1016:1400:68::5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

90 %HTTPS

64 %IPv6

12 Domains

13 Subdomains

12 IPs

2 Countries

1573 kBTransfer

5352 kBSize

23 Cookies

2 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
2603:1016:1400:68::5 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

90 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

12
IPs

2
Countries

1573 kB
Transfer

5352 kB
Size

23
Cookies

41 HTTP transactions
0 data transactions