login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:18::4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pillartwo.westeurope.tax.deloitteonline.com/
Effective URL:
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e...
Submission: On March 27 via api (March 27th 2024, 4:22:47 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2603:1036:3000:18::4, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 7th 2024. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	51.124.123.57 51.124.123.57	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2603:1036:300... 2603:1036:3000:18::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2603:1036:300... 2603:1036:3000:18::4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::40 2620:1ec:46::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b	15133 (EDGECAST) (EDGECAST)
1	40.126.24.83 40.126.24.83	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
41	9

14 51.124.123.57 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pillartwo.westeurope.tax.deloitteonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1036:3000:18::1 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1036:3000:18::4 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:21f:1b88:6342:f8de:86c:e98b (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.24.83 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	deloitteonline.com pillartwo.westeurope.tax.deloitteonline.com	4 MB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 318	161 KB
7	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 956	261 KB
4	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 10	36 KB
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3488	138 KB
1	live.com login.live.com — Cisco Umbrella Rank: 81
1	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 931	49 KB
41	7

	Domain	Requested by
14	pillartwo.westeurope.tax.deloitteonline.com	pillartwo.westeurope.tax.deloitteonline.com
9	cdn.cookielaw.org	pillartwo.westeurope.tax.deloitteonline.com cdn.cookielaw.org
7	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
4	login.microsoftonline.com	pillartwo.westeurope.tax.deloitteonline.com aadcdn.msauth.net
2	aadcdn.msftauthimages.net
1	login.live.com	login.microsoftonline.com
1	aadcdn.msauth.net	login.microsoftonline.com
41	7

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
pillartwo.emea.tax.deloitteonline.com Entrust Certification Authority - L1K	`2024-03-26` - `2025-03-26`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2024-03-07` - `2025-03-07`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-01-29` - `2025-01-29`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2024-02-09` - `2025-02-09`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 07	`2024-02-18` - `2025-02-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true
Frame ID: 31ED1353460F1A72E39F15FFA491A3AE
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://pillartwo.westeurope.tax.deloitteonline.com/ Page URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=cod... Page URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=cod... Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

41
Requests

93 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

9
IPs

2
Countries

5044 kB
Transfer

6319 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pillartwo.westeurope.tax.deloitteonline.com/ Page URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C Page URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
pillartwo.westeurope.tax.deloitteonline.com/ 13 KB
14 KB 673ms
159ms Document
text/html 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b689488876274bd7b09c3db63e2805abaee4fb429b2de2c940e4bed35b8da9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Length: 13108
Content-Type: text/html
Date: Wed, 27 Mar 2024 16:22:31 GMT
accept-ranges: bytes
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
etag: "1da80148b8f9bb4"
last-modified: Wed, 27 Mar 2024 07:01:09 GMT
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK runtime.32eb6245ba54d403.js Show response
pillartwo.westeurope.tax.deloitteonline.com/ 3 KB
4 KB 127ms
122ms Script
text/javascript 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/runtime.32eb6245ba54d403.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858f5c323a9a8248f7e21d3e3481666a349107977c68e8a2d15b923465ab5fe0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:32 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892d45d7"
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Connection: keep-alive
accept-ranges: bytes
Content-Length: 2903
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK polyfills.74ef0bdd88ab2e43.js Show response
pillartwo.westeurope.tax.deloitteonline.com/ 33 KB
34 KB 457ms
251ms Script
text/javascript 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c45e115afc70f1aba0da0e10f8668521beb7559db376451f1eec7cd1881f5d1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:32 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892dcb9a"
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Connection: keep-alive
accept-ranges: bytes
Content-Length: 34074
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK scripts.94f467528358263a.js Show response
pillartwo.westeurope.tax.deloitteonline.com/ 67 KB
68 KB 498ms
292ms Script
text/javascript 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/scripts.94f467528358263a.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c862d2b2832e1109f4a93f7b9c16ced57ce2686955d3acf5259766ed8858a1da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:32 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892c43bc"
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Connection: keep-alive
accept-ranges: bytes
Content-Length: 68924
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK main.af2655f2ba9097b2.js Show response
pillartwo.westeurope.tax.deloitteonline.com/ 3 MB
3 MB 470ms
259ms Script
text/javascript 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/main.af2655f2ba9097b2.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2eb92514594ae7697ea9664fbb27d1da016daf22cb11b0a9b6679ffbf242914c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:32 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da801489014b54"
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Connection: keep-alive
accept-ranges: bytes
Content-Length: 2885076
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK styles.137e648c61d8d667.css
pillartwo.westeurope.tax.deloitteonline.com/ 575 KB
576 KB 706ms
489ms Stylesheet
text/css 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/styles.137e648c61d8d667.css

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30c083e41d0b189129063773a2820a1a48e3f37354ec769babc2fe0a185ede91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:32 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da80148925b327"
x-frame-options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
accept-ranges: bytes
Content-Length: 589223
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK OpenSans-Regular.1e96fcda4564854c.ttf
pillartwo.westeurope.tax.deloitteonline.com/ 95 KB
95 KB 136ms
133ms Font
application/x-font-ttf 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/OpenSans-Regular.1e96fcda4564854c.ttf

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:32 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892c3424"
x-frame-options: SAMEORIGIN
Content-Type: application/x-font-ttf
Connection: keep-alive
accept-ranges: bytes
Content-Length: 96932
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK styles.137e648c61d8d667.css
pillartwo.westeurope.tax.deloitteonline.com/ 575 KB
576 KB 143ms
142ms Stylesheet
text/css 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/styles.137e648c61d8d667.css

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30c083e41d0b189129063773a2820a1a48e3f37354ec769babc2fe0a185ede91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:33 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da80148925b327"
x-frame-options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
accept-ranges: bytes
Content-Length: 589223
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK app-settings.json Show response
pillartwo.westeurope.tax.deloitteonline.com/assets/configuration/ 2 KB
3 KB 120ms
118ms Fetch
application/json 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/assets/configuration/app-settings.json?hash=1711522786183

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fed2dfa40d3f5e26345eeec7213b6b918761706007c8f2922dcdc99f038a3e64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:39 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:57:15 GMT
etag: "1da801c61da769f"
x-frame-options: SAMEORIGIN
Content-Type: application/json
Connection: keep-alive
accept-ranges: bytes
Content-Length: 2335
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 89ms
30ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/main.af2655f2ba9097b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 52568
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:31 GMT
server: cloudflare
etag: 0x8DC4D02BBED1BE7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 051912c6-f01e-0066-7c97-7f76a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b0b8737b6b4bcf-BUF

GET
H/1.1 200
OK common.96d4a4e8cb62eed7.js Show response
pillartwo.westeurope.tax.deloitteonline.com/ 1 KB
2 KB 119ms
118ms Script
text/javascript 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/common.96d4a4e8cb62eed7.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/runtime.32eb6245ba54d403.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4d7f2002e89a8d02913017d2ae876a6fed9e7b53cbc9c87848dc68ca53b18b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:39 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892d4a21"
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1185
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK 910.114ca0c50c8beb7a.js Show response
pillartwo.westeurope.tax.deloitteonline.com/ 40 KB
41 KB 143ms
142ms Script
text/javascript 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/910.114ca0c50c8beb7a.js

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/runtime.32eb6245ba54d403.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4659a16afa9640f84b4b696f95013b85afa9296c503eae9cfe93f2ff1876756b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:39 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892defdc"
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Connection: keep-alive
accept-ranges: bytes
Content-Length: 41308
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H/1.1 200
OK favicon.ico
pillartwo.westeurope.tax.deloitteonline.com/assets/ 32 KB
33 KB 127ms
126ms Other
image/x-icon 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/assets/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

334ae0b965f6a52f87500ee87443a5a8c30b952842aec14e44db3e03d12c856b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:39 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:08 GMT
etag: "1da80148af792dc"
x-frame-options: SAMEORIGIN
Content-Type: image/x-icon
Connection: keep-alive
accept-ranges: bytes
Content-Length: 32988
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H2 200 8c82cf18-bc25-4dff-bddf-88eb96d172c5-test.json Show response
cdn.cookielaw.org/consent/8c82cf18-bc25-4dff-bddf-88eb96d172c5-test/ 4 KB
2 KB 207ms
140ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8c82cf18-bc25-4dff-bddf-88eb96d172c5-test/8c82cf18-bc25-4dff-bddf-88eb96d172c5-test.json

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ddd74ee8348c178c40534abf85caf3a23173093c299692bb260d0775c81d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 2A5kgySbaJllLwKrlO+Rqg==
content-length: 1497
x-ms-lease-status: unlocked
last-modified: Fri, 22 Mar 2024 10:26:40 GMT
server: cloudflare
etag: 0x8DC4A5A9050FD2D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b457886-501e-0022-4962-80fc9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b0b8742b4c4bcd-BUF

GET
H/1.1 200
OK openid-configuration Show response
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/v2.0/.well-known/ 2 KB
3 KB 241ms
68ms XHR
application/json 2603:1036:3000:18::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/v2.0/.well-known/openid-configuration

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f6f7bf920a4e6e5ec108c2fa4bfb3d9020fe452fe878fac14935da71b230828a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 27 Mar 2024 16:22:39 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 1753
X-XSS-Protection: 0
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: 671a4ce6-1ff1-466c-9e58-58c607abf500
Access-Control-Expose-Headers: x-ms-srs
Cache-Control: max-age=86400, private
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17573.7 - SCUS ProdSlices

GET
DATA 200
OK truncated
/ 434 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66acd5c839da07a289fa67ac451219478cec635f72565cff24f604895dca1da0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK OpenSans-Bold.1c422b2b3180bde8.ttf
pillartwo.westeurope.tax.deloitteonline.com/ 102 KB
102 KB 132ms
131ms Font
application/x-font-ttf 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/OpenSans-Bold.1c422b2b3180bde8.ttf

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/styles.137e648c61d8d667.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/styles.137e648c61d8d667.css
Origin: https://pillartwo.westeurope.tax.deloitteonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:40 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:05 GMT
etag: "1da8014892cd838"
x-frame-options: SAMEORIGIN
Content-Type: application/x-font-ttf
Connection: keep-alive
accept-ranges: bytes
Content-Length: 104120
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 31ms
31ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 52530
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 09dec6d6-901e-0084-36c2-7b4b82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b0b8753bfb4bcf-BUF

GET
H/1.1 200
OK favicon.ico
pillartwo.westeurope.tax.deloitteonline.com/assets/ 32 KB
33 KB 126ms
126ms Other
image/x-icon 51.124.123.57
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pillartwo.westeurope.tax.deloitteonline.com/assets/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.124.123.57 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

334ae0b965f6a52f87500ee87443a5a8c30b952842aec14e44db3e03d12c856b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/authentication/login
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 16:22:40 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.deloitte.com *.deloitteonline.com *.deloitte.co.uk login.microsoftonline.com graph.microsoft.com *.googleapis.com cdnjs.cloudflare.com *.gstatic.com *.visualstudio.com *.pendo.io *.cookielaw.org *.applicationinsights.azure.com data: blob:
last-modified: Wed, 27 Mar 2024 07:01:08 GMT
etag: "1da80148af792dc"
x-frame-options: SAMEORIGIN
Content-Type: image/x-icon
Connection: keep-alive
accept-ranges: bytes
Content-Length: 32988
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:081cd9e2-af2d-4432-8a11-917848052271

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/8c82cf18-bc25-4dff-bddf-88eb96d172c5-test/63541653-f2de-4129-b87f-77f021a3ec8f/ 70 KB
16 KB 141ms
140ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8c82cf18-bc25-4dff-bddf-88eb96d172c5-test/63541653-f2de-4129-b87f-77f021a3ec8f/en.json

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1032207e60f18847ae548ae4011e86a694af97047ddc2e9061a3878fb77c20de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: uoiOVkcowooaxJPoU9fMUw==
content-length: 15875
x-ms-lease-status: unlocked
last-modified: Fri, 22 Mar 2024 10:26:43 GMT
server: cloudflare
etag: 0x8DC4A5A92121A8C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b4578ec-501e-0022-2862-80fc9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b0b875abcc4bcd-BUF

GET
H2 200 otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 9 KB
3 KB 139ms
139ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCenterRounded.json

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: RBOFTcRPmF4yYR6XnULb3g==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2626
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:29 GMT
server: cloudflare
etag: 0x8DC49752714CA86
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d152a06a-f01e-002b-7f86-7fb94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b0b876dc2c4bcd-BUF

GET
H2 200 otPcTab.json
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 63 KB
13 KB 140ms
139ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JqD83lHxEjWNdmDqKd9lzA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13599
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:31 GMT
server: cloudflare
etag: 0x8DC4975281E71C8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ea27b1d7-d01e-0071-1e86-7fdfa8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b0b876dc2d4bcd-BUF

GET
H2 200 otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 149ms
148ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f663f56c-601e-0074-6a86-7f0d73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b0b876dc2e4bcd-BUF

GET
H/1.1 200
OK keys
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/discovery/v2.0/ 5 KB
6 KB 93ms
92ms XHR
application/json 2603:1036:3000:18::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/discovery/v2.0/keys

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/polyfills.74ef0bdd88ab2e43.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 27 Mar 2024 16:22:39 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 4734
X-XSS-Protection: 0
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: d6348e18-6131-4bc5-9987-ef95d6a70f01
Access-Control-Expose-Headers: x-ms-srs
Cache-Control: max-age=86400, private
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17573.7 - WUS3 ProdSlices

GET
H/1.1 200
OK authorize Show response
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/ 20 KB
10 KB 176ms
48ms Document
text/html 2603:1036:3000:18::4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C

Requested by

Host: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/main.af2655f2ba9097b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60985564248d5fa28267cb540694c4ef42d734cc7cfdf3989337cbc64bf22817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8952
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Mar 2024 16:22:40 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17573.7 - EUS ProdSlices
x-ms-request-id: 7e3ac060-4166-4312-ade4-4b60dd390401
x-ms-srs: 1.P

GET OpenSans-Regular.1e96fcda4564854c.ttf
pillartwo.westeurope.tax.deloitteonline.com/ 0
0

GET OpenSans-SemiBold.e24c5c706b40830c.ttf
pillartwo.westeurope.tax.deloitteonline.com/ 0
0

GET ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 0
0

GET
H2 200 2.2_Deloitte_Logo.png
cdn.cookielaw.org/logos/943e56a6-c554-47c1-8ad7-a96fce0e14b8/ab29f5f9-0fb1-49aa-bb7f-ddcf24f017a5/d0770ca3-d673-4ae7-9dbc-70bb12ec8a8c/ 6 KB
6 KB 42ms
32ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/943e56a6-c554-47c1-8ad7-a96fce0e14b8/ab29f5f9-0fb1-49aa-bb7f-ddcf24f017a5/d0770ca3-d673-4ae7-9dbc-70bb12ec8a8c/2.2_Deloitte_Logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ycNCMWo7A2iykrQkYZBzUg==
age: 19011
content-length: 5901
x-ms-lease-status: unlocked
last-modified: Tue, 08 Dec 2020 22:56:39 GMT
server: cloudflare
etag: 0x8D89BCC85FB29DE
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ff5a5d73-f01e-0082-412f-0d783d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b0b8786d0d4bcf-BUF

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 39ms
30ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://pillartwo.westeurope.tax.deloitteonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 52570
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f6f2a0a1-601e-0074-26b0-7f0d73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b0b8786d0e4bcf-BUF

GET
H2 200 BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 138 KB
49 KB 541ms
47ms Script
application/x-javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 13db1fea6d5ef7fb7b4d2710c40f2b4e1c6a7a73b9f9e3e198e83210d7934e28

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:41 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 49608
x-ms-lease-status: unlocked
last-modified: Thu, 15 Feb 2024 19:13:24 GMT
etag: 0x8DC2E5A2EB17559
x-azure-ref: 20240327T162241Z-gfgmhr7hg50zt7ymzzbn9vc4qn0000000dmg00000000zg5v
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 69e5bc81-b01e-0065-0909-7920b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Primary Request authorize Show response
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/ 40 KB
17 KB 109ms
108ms Document
text/html 2603:1036:3000:18::4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7dde3ccbbb79a1dd5633ecf99132b40ce46cc035fda784119cddbd87af258ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14918
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Mar 2024 16:22:40 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server: 2.1.17573.7 - NCUS ProdSlices
x-ms-request-id: d19976cc-481e-4dba-9b1f-c3c52b452401
x-ms-srs: 1.P

GET
H2 200 converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 110 KB
20 KB 235ms
27ms Stylesheet
text/css 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D15C) /
Resource Hash: 4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:41 GMT
content-encoding: gzip
content-md5: kqhA3D0Xczna4D/t8ioitQ==
age: 203834
x-cache: HIT
content-length: 20314
x-ms-lease-status: unlocked
last-modified: Wed, 27 Dec 2023 18:19:21 GMT
server: ECAcc (nyd/D15C)
etag: 0x8DC070858CA028D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dd8dc07e-101e-007e-2e88-7e0a3b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 433 KB
118 KB 253ms
45ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D129) /
Resource Hash: db3796e88a754f03f8b3732c4cc9d5e1cf94e30b6c775e4b088bc3e64a77222b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:41 GMT
content-encoding: gzip
content-md5: 1uzPl8n+Ut+zC4UAn8LmMw==
age: 203838
x-cache: HIT
content-length: 120838
x-ms-lease-status: unlocked
last-modified: Tue, 27 Feb 2024 20:35:16 GMT
server: ECAcc (nyd/D129)
etag: 0x8DC37D39B96BCE4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2094e69a-401e-0073-1888-7ed520000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 54 KB
16 KB 234ms
26ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D128) /
Resource Hash: 30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:41 GMT
content-encoding: gzip
content-md5: CWi6wHL02j8bOmrVCAJelA==
age: 203434
x-cache: HIT
content-length: 15778
x-ms-lease-status: unlocked
last-modified: Sat, 17 Feb 2024 05:08:37 GMT
server: ECAcc (nyd/D128)
etag: 0x8DC2F767FC0BDAD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 07466e39-801e-0007-0689-7e8b28000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 232ms
44ms Other
text/html 40.126.24.83
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.24.83 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 219 KB
53 KB 109ms
26ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D10F) /
Resource Hash: df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:41 GMT
content-encoding: gzip
content-md5: eZ+IAUPxfkfE79uz/zWlTA==
age: 203495
x-cache: HIT
content-length: 54325
x-ms-lease-status: unlocked
last-modified: Thu, 15 Feb 2024 19:13:46 GMT
server: ECAcc (nyd/D10F)
etag: 0x8DC2E5A3BC19A93
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 100beb12-d01e-0072-4e89-7efe22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 17 KB
17 KB 28ms
25ms Other
image/x-icon 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D13A) /
Resource Hash: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:41 GMT
content-md5: EuPayFgGHQiAI7K9SOL6lg==
age: 203558
x-cache: HIT
content-length: 17174
x-ms-lease-status: unlocked
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (nyd/D13A)
etag: 0x8D8731240E548EB
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: a3f02d27-f01e-0034-1e89-7ed73f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 illustration
aadcdn.msftauthimages.net/dbd5a2dd-u0i1pxxssgkh9b0w79kbdjk85qrnsr5cpqenhjiu6ok/logintenantbranding/0/ 131 KB
132 KB 179ms
26ms Image
image/* 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-u0i1pxxssgkh9b0w79kbdjk85qrnsr5cpqenhjiu6ok/logintenantbranding/0/illustration?ts=638327047941964796
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ec515674462aae4a6017fab58369f776172cbf15a0c7941f8d8aa034fb5bed87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:42 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 50755578
content-length: 134502
x-ms-lease-status: unlocked
last-modified: Thu, 12 Oct 2023 10:53:16 GMT
etag: 0x8DBCB11704CEB95
x-azure-ref: 20240327T162242Z-d7bfs86gt51zf9yb2utqe9nvug0000000dk00000000080q5
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: ebb6136b-901e-0055-7d04-7917d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-u0i1pxxssgkh9b0w79kbdjk85qrnsr5cpqenhjiu6ok/logintenantbranding/0/ 5 KB
6 KB 176ms
25ms Image
image/* 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-u0i1pxxssgkh9b0w79kbdjk85qrnsr5cpqenhjiu6ok/logintenantbranding/0/bannerlogo?ts=637477890903530895
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e7b063de9bf8a25e2080945e7aec41138f9aaa206595a1c110b40bb3f169c3f6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:42 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 50755578
content-length: 5271
x-ms-lease-status: unlocked
last-modified: Mon, 23 Jan 2023 12:04:40 GMT
etag: 0x8DAFD3A01A63BD3
x-azure-ref: 20240327T162242Z-d7bfs86gt51zf9yb2utqe9nvug0000000dk00000000080q6
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 7ffc104f-801e-0004-1525-798a54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 42ms
41ms Script
application/x-javascript 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D154) /
Resource Hash: 7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:42 GMT
content-encoding: gzip
content-md5: V5EQEHVskNWHVMke8e4nZQ==
age: 203520
x-cache: HIT
content-length: 35813
x-ms-lease-status: unlocked
last-modified: Thu, 15 Feb 2024 19:13:48 GMT
server: ECAcc (nyd/D154)
etag: 0x8DC2E5A3CC5D827
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0898d399-e01e-00d1-1989-7e4542000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
784 B 27ms
25ms Image
image/svg+xml 2606:2800:21f:1b88:6342:f8de:86c:e98b
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D162) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.microsoftonline.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 16:22:42 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 203813
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:52 GMT
server: ECAcc (nyd/D162)
etag: 0x8DB5C3F4BB4F03C
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2c91614c-c01e-0013-5788-7e9702000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/OpenSans-Regular.1e96fcda4564854c.ttf

Domain: pillartwo.westeurope.tax.deloitteonline.com
URL: https://pillartwo.westeurope.tax.deloitteonline.com/OpenSans-SemiBold.e24c5c706b40830c.ttf

Domain: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pillartwo.westeurope.tax.deloitteonline.com/	1969-12-31 23:59:59	Name: BIGipServerappgateway_10.95.98.5_443 Value: !erxSLPUReMXLFfRHhJccB0U2GZhZGplMHgL+566poNsG2toUaEvVLEeTReaRnso7FZamp526mmy7
pillartwo.westeurope.tax.deloitteonline.com/	1970-01-21 04:11:32	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Mar+27+2024+06%3A22%3A40+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=f41e0390-f216-4637-8326-9082143e3c5d&interactionCount=1&isAnonUser=1&landingPath=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&groups=1%3A1%2C2%3A0
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-uQEdCgr0Y Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8vGmPjsojaIfabgFnQSigXP45aNCsm8lRNU11bKbbUFRFodZxFjFeqCZRbdBUjEwwZuzbdMOLz8_IDsGrcM0HBOKUfq_HD8iOKa0fZ7ZoXLfjsj4YnQBZcSdS5EaP2GmNhqrZ4I2nq3pa-k2rJhjGhyAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 19:25:56	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 20:09:08	Name: buid Value: 0.ASYA8UXaNizdH02vE1q-RrmZIW5hLF9alj9KikQYeyDvz_omAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd85mAjcZ0Os36j4OTW88Q2oS5iaYMjfahJX-Z0lcZQO-w3aG7rWllv-9YaV-yqSpgYY08yGOqk4KKRnWpZn3Yc7fS5mfgg1uLrXjHoIRtdkk8gAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8Zg8zyDaESJEFjzpj93V1kZ1N8D0L6Aa-X_QMIRrt6GSDvVodJb68_IiWrC9yB4DAauh8yJzwfLzIg7H6pcfmXcDS-rj3Hp3J6DBRrlL_yOZBvmSKcK-OfqvB8wE442liRPAr3n_qGAdrIsd2cUeZfbiEEhptYuRwYiWrdk8SolkgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-rIyp9EbdYw Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8KhKAkG7bnhTcAatJesQCDlqeuUJsW4vbXzDpiLAwL_qO-lIjP1yy7iV4S4toNmH5eMh75S1SZ3q9_njDZiD46F2_1Vz6xAEVE_jw1gGBArsRmh-qHGmqrmArPYAVhHF2R06HU_NhNCVHb5lMell6JyAA
login.microsoftonline.com/	1970-01-20 20:09:08	Name: fpc Value: AhHS8sc3eitKmZVr15IZ8GFy6s2KAQAAANE-lt0OAAAA
.login.microsoftonline.com/	1970-01-21 04:47:32	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 73f7fa12fcf445fd8a9fe735af1c1238
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1711556562&co=1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js(Line 6) Message: Refused to connect to 'https://privacyportal-de.onetrust.com/request/v1/consentreceipts' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other	warning	URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation	verbose	URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?response_type=code&client_id=5f2c616e-965a-4a3f-8a44-187b20efcffa&state=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&redirect_uri=https%3A%2F%2Fpillartwo.westeurope.tax.deloitteonline.com%2Fauthentication%2Flogin&scope=openid%20offline_access%205f2c616e-965a-4a3f-8a44-187b20efcffa%2F.default&code_challenge=Kz-uAGtBsPGxQTZ-afH63YDxntS9smTdkCrP1Gs-ZNs&code_challenge_method=S256&nonce=ZXpXNEtzTElJN0FUQWVud0dnclMycEM1cFByXzNCaTN0Sm56MjZubUxZdF9C&sso_reload=true Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .deloitte.com .deloitteonline.com .deloitte.co.uk login.microsoftonline.com graph.microsoft.com .googleapis.com cdnjs.cloudflare.com .gstatic.com .visualstudio.com .pendo.io .cookielaw.org *.applicationinsights.azure.com data: blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
cdn.cookielaw.org
login.live.com
login.microsoftonline.com
pillartwo.westeurope.tax.deloitteonline.com
cdn.cookielaw.org
pillartwo.westeurope.tax.deloitteonline.com
2603:1036:3000:18::1
2603:1036:3000:18::4
2606:2800:21f:1b88:6342:f8de:86c:e98b
2606:4700::6813:b134
2620:1ec:46::40
2620:1ec:bdf::40
40.126.24.83
51.124.123.57
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
0b689488876274bd7b09c3db63e2805abaee4fb429b2de2c940e4bed35b8da9b
1032207e60f18847ae548ae4011e86a694af97047ddc2e9061a3878fb77c20de
13db1fea6d5ef7fb7b4d2710c40f2b4e1c6a7a73b9f9e3e198e83210d7934e28
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
2eb92514594ae7697ea9664fbb27d1da016daf22cb11b0a9b6679ffbf242914c
30c083e41d0b189129063773a2820a1a48e3f37354ec769babc2fe0a185ede91
30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c
334ae0b965f6a52f87500ee87443a5a8c30b952842aec14e44db3e03d12c856b
40ddd74ee8348c178c40534abf85caf3a23173093c299692bb260d0775c81d30
4659a16afa9640f84b4b696f95013b85afa9296c503eae9cfe93f2ff1876756b
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
60985564248d5fa28267cb540694c4ef42d734cc7cfdf3989337cbc64bf22817
66acd5c839da07a289fa67ac451219478cec635f72565cff24f604895dca1da0
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0
7dde3ccbbb79a1dd5633ecf99132b40ce46cc035fda784119cddbd87af258ab7
858f5c323a9a8248f7e21d3e3481666a349107977c68e8a2d15b923465ab5fe0
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
b4d7f2002e89a8d02913017d2ae876a6fed9e7b53cbc9c87848dc68ca53b18b1
c45e115afc70f1aba0da0e10f8668521beb7559db376451f1eec7cd1881f5d1c
c862d2b2832e1109f4a93f7b9c16ced57ce2686955d3acf5259766ed8858a1da
db3796e88a754f03f8b3732c4cc9d5e1cf94e30b6c775e4b088bc3e64a77222b
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b063de9bf8a25e2080945e7aec41138f9aaa206595a1c110b40bb3f169c3f6
ec515674462aae4a6017fab58369f776172cbf15a0c7941f8d8aa034fb5bed87
f6f7bf920a4e6e5ec108c2fa4bfb3d9020fe452fe878fac14935da71b230828a
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
fed2dfa40d3f5e26345eeec7213b6b918761706007c8f2922dcdc99f038a3e64

login.microsoftonline.com Open in urlscan Pro 2603:1036:3000:18::4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

75 %IPv6

7 Domains

7 Subdomains

9 IPs

2 Countries

5044 kBTransfer

6319 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:18::4 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

9
IPs

2
Countries

5044 kB
Transfer

6319 kB
Size

14
Cookies

41 HTTP transactions
1 data transactions