login.microsoftonline.com Open in urlscan Pro
40.126.32.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u28265450.ct.sendgrid.net/ls/click?upn=PK-2Ba1TDJqv49p2f81UYrysEh9OP-2FBO4xYkVPwNfpYUvNYXP5WdZpnrNV8x6aWkDMyuP-2BYR5LDje5P...
Effective URL:
https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2?sso_reload=true
Submission: On October 20 via api (October 20th 2022, 5:00:03 pm UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 40.126.32.72, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 22.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 24th 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
21	20.253.167.122 20.253.167.122	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	40.126.32.72 40.126.32.72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.23.37 152.199.23.37	() ()
26	4

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u28265450.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 20.253.167.122 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

test-bizagi-paccar.bizagi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.126.32.72 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.37 (None, )

ASN- ()

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bizagi.com test-bizagi-paccar.bizagi.com	1 MB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 22	110 KB
1	msftauth.net aadcdn.msftauth.net
1	sendgrid.net 1 redirects u28265450.ct.sendgrid.net	387 B
0	live.com Failed login.live.com Failed
26	5

	Domain	Requested by
21	test-bizagi-paccar.bizagi.com	test-bizagi-paccar.bizagi.com
2	login.microsoftonline.com
1	aadcdn.msftauth.net	login.microsoftonline.com
1	u28265450.ct.sendgrid.net	1 redirects
0	login.live.com Failed	login.microsoftonline.com
26	5

This site contains no links.

Subject Issuer	Validity	Valid
*.bizagi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-08-24` - `2023-08-24`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2022-04-01` - `2023-04-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2?sso_reload=true
Frame ID: 0262A486C014A8D4CF3F039E015E844C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u28265450.ct.sendgrid.net/ls/click?upn=PK-2Ba1TDJqv49p2f81UYrysEh9OP-2FBO4xYkVPwNfpYUvNYXP5WdZpnrNV8x6... HTTP 302
https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=b... Page URL
https://test-bizagi-paccar.bizagi.com//?widget=activityform&idCase=148219 Page URL
https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2 Page URL
https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2?sso_reload=true Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

1181 kB
Transfer

3297 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u28265450.ct.sendgrid.net/ls/click?upn=PK-2Ba1TDJqv49p2f81UYrysEh9OP-2FBO4xYkVPwNfpYUvNYXP5WdZpnrNV8x6aWkDMyuP-2BYR5LDje5P10mZvbUobYyChZ-2FGKq6-2BcOZhrxOPK0u4Mz-2FURzEktXcFx5ippMJTg7Ao-2B-2BTZR2Mj2KAj1HxUAsOYW-2BHxcapQK20FmYP8AxznV5mgDaMtPd42BT1BSNZsftsKqwheNF3zspdCv12qhIhgkP-2Fy6kkjFWCyvpNYkjJmU-2BERMe7kZKoc5QlUzIo2Ok48v5nInAarEK6uoIQ5w-3D-3DCKGP_f5CCQS0N95iO0XGkG5jjbyE5g5LVr30Asqy3e3aZKO98NaLDJ3dkT5vYjDDEECkvMReNGdr0QCpZhEUwqDYxm5B9AkZ8l4BsjjayRoDfOFFiM28UBuYHegrmwNQouACwPppgVA4Gm0w-2Bil9QKp-2FjwBwPnoGbor2bi6n-2B6dhMB0g0RpVXpGu96kk2BAxIRtkvpQMAHiV0WzmttVv9DyQC-2BA-3D-3D HTTP 302
https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=bizagi://&urlWeb=https://test-bizagi-paccar.bizagi.com//&caseId=148219 Page URL
https://test-bizagi-paccar.bizagi.com//?widget=activityform&idCase=148219 Page URL
https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2 Page URL
https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u28265450.ct.sendgrid.net/ls/click?upn=PK-2Ba1TDJqv49p2f81UYrysEh9OP-2FBO4xYkVPwNfpYUvNYXP5WdZpnrNV8x6aWkDMyuP-2BYR5LDje5P10mZvbUobYyChZ-2FGKq6-2BcOZhrxOPK0u4Mz-2FURzEktXcFx5ippMJTg7Ao-2B-2BTZR2Mj2KAj1HxUAsOYW-2BHxcapQK20FmYP8AxznV5mgDaMtPd42BT1BSNZsftsKqwheNF3zspdCv12qhIhgkP-2Fy6kkjFWCyvpNYkjJmU-2BERMe7kZKoc5QlUzIo2Ok48v5nInAarEK6uoIQ5w-3D-3DCKGP_f5CCQS0N95iO0XGkG5jjbyE5g5LVr30Asqy3e3aZKO98NaLDJ3dkT5vYjDDEECkvMReNGdr0QCpZhEUwqDYxm5B9AkZ8l4BsjjayRoDfOFFiM28UBuYHegrmwNQouACwPppgVA4Gm0w-2Bil9QKp-2FjwBwPnoGbor2bi6n-2B6dhMB0g0RpVXpGu96kk2BAxIRtkvpQMAHiV0WzmttVv9DyQC-2BA-3D-3D HTTP 302
https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=bizagi://&urlWeb=https://test-bizagi-paccar.bizagi.com//&caseId=148219

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

LinkRedirect.html Show response
test-bizagi-paccar.bizagi.com//
Redirect Chain

https://u28265450.ct.sendgrid.net/ls/click?upn=PK-2Ba1TDJqv49p2f81UYrysEh9OP-2FBO4xYkVPwNfpYUvNYXP5WdZpnrNV8x6aWkDMyuP-2BYR5LDje5P10mZvbUobYyChZ-2FGKq6-2BcOZhrxOPK0u4Mz-2FURzEktXcFx5ippMJTg7Ao-2B-2...
https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=bizagi://&urlWeb=https://test-bizagi-paccar.bizagi.com//&caseId=148219

17 KB
5 KB

606ms
181ms

Document
text/html

20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=bizagi://&urlWeb=https://test-bizagi-paccar.bizagi.com//&caseId=148219

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c1b0e7b4b6f1fa00f6636153f452d13e16f3bdbd4ce320680ec1f14da02ec29c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4145
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Oct 2022 16:59:57 GMT
ETag: "09179978cc0d71:0"
Expires: -1
Last-Modified: Wed, 13 Oct 2021 23:46:50 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000;includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge,chrome=IE8
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 218
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Oct 2022 16:59:57 GMT
Location: https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=bizagi://&urlWeb=https://test-bizagi-paccar.bizagi.com//&caseId=148219
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK singlePageBase.css
test-bizagi-paccar.bizagi.com//css/ 1 KB
1 KB 180ms
180ms Stylesheet
text/css 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//css/singlePageBase.css

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//LinkRedirect.html?BehaviorCaseLinkInMobile=AlwaysAskAndRemember&urlMobile=bizagi://&urlWeb=https://test-bizagi-paccar.bizagi.com//&caseId=148219

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4145838ac83a4136fcdaf9f216dbc6e08aa0c5e5db8ac76afb3b6c5955f66a54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 683
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:46:50 GMT
ETag: "09179978cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK opensans-font.css
test-bizagi-paccar.bizagi.com//jquery/themes/bizagiDefault/devices/desktop/ 3 KB
1 KB 362ms
181ms Stylesheet
text/css 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/themes/bizagiDefault/devices/desktop/opensans-font.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b7eb38870ce5cd93e0c999d01fc1a0e86691bb7d2ea05b3a2602746300835a35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 440
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:49:04 GMT
ETag: "05858e78cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK purify.min.js Show response
test-bizagi-paccar.bizagi.com//js/DOMPurify/ 16 KB
7 KB 531ms
182ms Script
application/x-javascript 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//js/DOMPurify/purify.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e91d00ec34a6848380e1387eeacee80a2c1e86b116cd8bd3eefaa3bbb848d778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 6665
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:46:50 GMT
ETag: "09179978cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK bizagi-logo.png
test-bizagi-paccar.bizagi.com//img/ 9 KB
9 KB 180ms
180ms Image
image/png 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://test-bizagi-paccar.bizagi.com//img/bizagi-logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:58 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Last-Modified: Thu, 10 Jun 2021 22:10:44 GMT
Referrer-Policy: no-referrer
ETag: "0a975455ed71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9006
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8

GET
H/1.1 200
OK browser.png
test-bizagi-paccar.bizagi.com//img/ 4 KB
5 KB 180ms
180ms Image
image/png 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://test-bizagi-paccar.bizagi.com//img/browser.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:58 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Last-Modified: Thu, 10 Jun 2021 22:10:44 GMT
Referrer-Policy: no-referrer
ETag: "0a975455ed71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4535
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8

GET icon-50.png
test-bizagi-paccar.bizagi.com//img/ 0
0

GET
H/1.1 200
OK / Show response
test-bizagi-paccar.bizagi.com// 3 KB
2 KB 180ms
180ms Document
text/html 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//?widget=activityform&idCase=148219

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b9a19372f07230045d470bf48c115b441c56ce31aa849a4d8e7aaffd5470c5ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1277
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Oct 2022 16:59:58 GMT
ETag: "05a43492c0d71:0"
Expires: -1
Last-Modified: Thu, 14 Oct 2021 00:25:40 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000;includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge,chrome=IE8
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bizagi.configuration.js Show response
test-bizagi-paccar.bizagi.com//jquery/ 3 KB
2 KB 192ms
192ms Script
application/x-javascript 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/bizagi.configuration.js?1666285198617

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//?widget=activityform&idCase=148219

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb8d6e97ab7b5e1941539aa35df0cd8ee59920cb7a655117bb7e1c2423ed9397

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 951
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:50 GMT
ETag: "01d0df8cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK bizagi.production.js Show response
test-bizagi-paccar.bizagi.com//jquery/production/ 235 KB
41 KB 355ms
354ms Script
application/x-javascript 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//?widget=activityform&idCase=148219

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4fcf8a8674033df84f8d1f1f5dfaedda55469f63b4d9c09aadab981bb73e488

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 41581
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
ETag: "04a31e08cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK BizagiConfig Show response
test-bizagi-paccar.bizagi.com//Api/Authentication/ 7 KB
8 KB 185ms
185ms XHR
application/json 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//Api/Authentication/BizagiConfig?ts=1666285199374

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b3335fcfa0897cdf182fff0a0d6c57a6f70bbe7e71b4652af55f9affdb1115f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 20 Oct 2022 16:59:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 7478
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8

GET
H/1.1 200
OK version.json.txt Show response
test-bizagi-paccar.bizagi.com//jquery/ 54 B
876 B 179ms
179ms XHR
text/plain 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/version.json.txt?ts=1666285199562

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e28d9c7a9d03fe1dd61c87f0d701f9b0d5bcbe1045fb3d5ec6681628e1844bbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 163
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:24 GMT
ETag: "0d480cf8cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK common.desktop.production.less.css
test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/ 294 KB
64 KB 368ms
368ms Stylesheet
text/css 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/common.desktop.production.less.css?build=11.2.5.1037

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

182946b403cfdc9747262e45d4bb5a85144a3498c82a40f540e6cb6e8b33b762

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 65026
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
ETag: "04a31e08cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK common.desktop.production.js Show response
test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/ 1 MB
586 KB 446ms
272ms Script
application/x-javascript 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/common.desktop.production.js?build=11.2.5.1037

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

436515ee6fedc5e22538621a9fa96425c20f81bc1f75988da5ccb0a581886c35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 16:59:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 598954
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
ETag: "04a31e08cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK Features Show response
test-bizagi-paccar.bizagi.com//Rest/Util/ 200 B
910 B 190ms
190ms XHR
application/json 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//Rest/Util/Features?_=1666285201802

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/common.desktop.production.js?build=11.2.5.1037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c56b0eb0e91cd4e99fb7576e65ae4c230ceb60196a3d5b2f2012f18c923e21f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:00:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 219
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Pragma: no-cache
Referrer-Policy: no-referrer
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Expires: -1

GET
H/1.1 200
OK Client Show response
test-bizagi-paccar.bizagi.com//Rest/Multilanguage/ 194 KB
194 KB 368ms
368ms XHR
application/json 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//Rest/Multilanguage/Client?cultureName=en-US&version=11.2.5.0607

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/common.desktop.production.js?build=11.2.5.1037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14f3e18b81bcba2d81b91d5ed02d33e5ce42fe4166e8ba9e92f518dfe145eea3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 20 Oct 2022 17:00:01 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 198328
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8

GET
H/1.1 200
OK login.desktop.production.less.css
test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/ 33 KB
8 KB 182ms
181ms Stylesheet
text/css 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/login.desktop.production.less.css?build=11.2.5.1037

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3b7a33d65b77df35f248335b9cc03a9c2f09519fe73eed97fcf8dba531839ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:00:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 7680
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
ETag: "04a31e08cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK login.desktop.production.js Show response
test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/ 316 KB
118 KB 394ms
218ms Script
application/x-javascript 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/login.desktop.production.js?build=11.2.5.1037

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/bizagi.production.js?1666285198617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2cfcf76e5d58349400382153244cad66e4a8f268c99faae9515b37957ad02501

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:00:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 120485
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
ETag: "04a31e08cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Accept-Ranges: bytes

GET
H/1.1 200
OK texture-abstract-multiple.svg
test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/images/ 13 KB
14 KB 182ms
181ms Image
image/svg+xml 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/images/texture-abstract-multiple.svg

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/css/login.desktop.production.less.css?build=11.2.5.1037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8f9b4e5e717343dc6346918de16aafcff568a836f0eb33e145acd4266cbb4620

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:00:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
Referrer-Policy: no-referrer
ETag: "04a31e08cc0d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13413
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8

GET
H/1.1 200
OK ReadUserCookies Show response
test-bizagi-paccar.bizagi.com//Api/Authentication/ 18 B
661 B 180ms
180ms XHR
application/json 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//Api/Authentication/ReadUserCookies?_=1666285202428

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/login.desktop.production.js?build=11.2.5.1037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b368dda2e052a62718b87a2a01d53b590621a127dd86c10f483ea4c47dc8515

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 20 Oct 2022 17:00:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 18
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8

POST
H/1.1 200
OK User
test-bizagi-paccar.bizagi.com//Api/Authentication/ 788 B
1 KB 182ms
182ms XHR
application/json 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//Api/Authentication/User

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/login.desktop.production.js?build=11.2.5.1037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 20 Oct 2022 17:00:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 533
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Pragma: no-cache
Referrer-Policy: no-referrer
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Expires: -1

GET
H/1.1 200
OK bizagi.custom.resources.json.txt
test-bizagi-paccar.bizagi.com//jquery/overrides/resources/ 27 B
859 B 179ms
179ms XHR
text/plain 20.253.167.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-bizagi-paccar.bizagi.com//jquery/overrides/resources/bizagi.custom.resources.json.txt?build=11.2.5.1037&_=1666285202429

Requested by

Host: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//jquery/production/11.2.5.1037/desktop/js/login.desktop.production.js?build=11.2.5.1037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.253.167.122 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-BZXSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:00:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Security-Policy: default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Connection: keep-alive
Content-Length: 146
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=IE8
Referrer-Policy: no-referrer
Last-Modified: Wed, 13 Oct 2021 23:48:52 GMT
ETag: "04a31e08cc0d71:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes

POST
H/1.1 200
OK saml2 Show response
login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/ 155 KB
58 KB 507ms
242ms Document
text/html 40.126.32.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

00afc7b9b5e2a93da50bb5afeca70f0069b342e8c8da663ede4ccd01819cbc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 58263
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Oct 2022 17:00:02 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.13845.10 - NCUS ProdSlices
x-ms-request-id: 74a2a994-8abf-46e8-8db0-456036f81d00

POST
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/ 198 KB
52 KB 201ms
201ms Document
text/html 40.126.32.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2?sso_reload=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5e19a934fbdb5044c7f0e7b9ebfdfc93102d151228dbb0765e6e0a70501f159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 50930
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Oct 2022 17:00:03 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.13845.10 - NCUS ProdSlices
x-ms-request-id: edf08258-5e9c-4db3-afe1-784188fc1e00

GET
H2 200 ConvergedLogin_PCore_ewSThi28OOhjM9zd08fzbA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 325 KB
0 111ms
24ms Script
application/x-javascript 152.199.23.37

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ewSThi28OOhjM9zd08fzbA2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e201abf9-c5a3-43f8-8e29-135d4fe67e6b/saml2?sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 -, , ASN (),
Reverse DNS
Software: ECAcc (frc/4CAF) /
Resource Hash

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Oct 2022 17:00:03 GMT
content-encoding: gzip
content-md5: Ntcnn2ulad3b6Bo4ed7IZw==
age: 3022691
x-cache: HIT
content-length: 111698
x-ms-lease-status: unlocked
last-modified: Sat, 10 Sep 2022 21:12:21 GMT
server: ECAcc (frc/4CAF)
etag: 0x8DA937126C63FF6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fb1d5dbe-901e-0047-7727-c93aeb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET Me.htm
login.live.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: test-bizagi-paccar.bizagi.com
URL: https://test-bizagi-paccar.bizagi.com//img/icon-50.png

Domain: login.live.com
URL: https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
test-bizagi-paccar.bizagi.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 88986673bf4b3d0221e1b2b48caa53b7
test-bizagi-paccar.bizagi.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 88986673bf4b3d0221e1b2b48caa53b7
.test-bizagi-paccar.bizagi.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 06dece71727ab2c9a75506862155277ef8948b1004ad39e70a73eb837c7bf7ad
.test-bizagi-paccar.bizagi.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 06dece71727ab2c9a75506862155277ef8948b1004ad39e70a73eb837c7bf7ad
test-bizagi-paccar.bizagi.com/	1970-01-20 15:37:01	Name: ai_user Value: AEhpN\|2022-10-20T17:00:01.820Z
login.microsoftonline.com/	1970-01-20 07:34:37	Name: fpc Value: Ako9rpLO3phEqYu7XYa_zlw
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src * 'unsafe-inline' data: blob:;
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
login.live.com
login.microsoftonline.com
test-bizagi-paccar.bizagi.com
u28265450.ct.sendgrid.net
login.live.com
test-bizagi-paccar.bizagi.com
152.199.23.37
167.89.115.121
20.253.167.122
40.126.32.72
00afc7b9b5e2a93da50bb5afeca70f0069b342e8c8da663ede4ccd01819cbc07
14f3e18b81bcba2d81b91d5ed02d33e5ce42fe4166e8ba9e92f518dfe145eea3
182946b403cfdc9747262e45d4bb5a85144a3498c82a40f540e6cb6e8b33b762
2b368dda2e052a62718b87a2a01d53b590621a127dd86c10f483ea4c47dc8515
2cfcf76e5d58349400382153244cad66e4a8f268c99faae9515b37957ad02501
3c56b0eb0e91cd4e99fb7576e65ae4c230ceb60196a3d5b2f2012f18c923e21f
4145838ac83a4136fcdaf9f216dbc6e08aa0c5e5db8ac76afb3b6c5955f66a54
436515ee6fedc5e22538621a9fa96425c20f81bc1f75988da5ccb0a581886c35
8f9b4e5e717343dc6346918de16aafcff568a836f0eb33e145acd4266cbb4620
b3335fcfa0897cdf182fff0a0d6c57a6f70bbe7e71b4652af55f9affdb1115f3
b7eb38870ce5cd93e0c999d01fc1a0e86691bb7d2ea05b3a2602746300835a35
b9a19372f07230045d470bf48c115b441c56ce31aa849a4d8e7aaffd5470c5ea
bb8d6e97ab7b5e1941539aa35df0cd8ee59920cb7a655117bb7e1c2423ed9397
c1b0e7b4b6f1fa00f6636153f452d13e16f3bdbd4ce320680ec1f14da02ec29c
c5e19a934fbdb5044c7f0e7b9ebfdfc93102d151228dbb0765e6e0a70501f159
d4fcf8a8674033df84f8d1f1f5dfaedda55469f63b4d9c09aadab981bb73e488
e28d9c7a9d03fe1dd61c87f0d701f9b0d5bcbe1045fb3d5ec6681628e1844bbf
e91d00ec34a6848380e1387eeacee80a2c1e86b116cd8bd3eefaa3bbb848d778
f3b7a33d65b77df35f248335b9cc03a9c2f09519fe73eed97fcf8dba531839ee

login.microsoftonline.com Open in urlscan Pro 40.126.32.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

92 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

1181 kBTransfer

3297 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

login.microsoftonline.com Open in urlscan Pro
40.126.32.72 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

1181 kB
Transfer

3297 kB
Size

8
Cookies

26 HTTP transactions
0 data transactions