urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
2001:489a:3500:48::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://18abn.contoso.directory/
Effective URL: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.cont...
Submission: On March 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 40 HTTP transactions. The main IP is 2001:489a:3500:48::1, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 10819.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 23rd 2024. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 62.10.59.67 8070 (MICROSOFT...)
1 2001:489a:350... 8070 (MICROSOFT...)
3 2001:489a:350... 8070 (MICROSOFT...)
1 2620:1ec:46::45 8075 (MICROSOFT...)
9 2606:2800:233... 15133 (EDGECAST)
40 6
24    62.10.59.67 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
18abn.contoso.directory
1    2001:489a:3500:48:: (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
3    2001:489a:3500:48::1 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
1    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
9    2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
24 contoso.directory
18abn.contoso.directory
325 KB
9 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 956
265 KB
4 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 10819
29 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 931
49 KB
40 4
Domain Requested by
24 18abn.contoso.directory 18abn.contoso.directory
9 aadcdn.msftauth.net login.microsoftonline.us
aadcdn.msftauth.net
4 login.microsoftonline.us 18abn.contoso.directory
aadcdn.msauth.net
1 aadcdn.msauth.net login.microsoftonline.us
40 4

This site contains links to these domains. Also see Links.

Domain
aadcdn.msftauth.net
Subject Issuer Validity Valid
18abn.contoso.directory
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2024-02-23 -
2025-02-23		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true
Frame ID: 265E7E396836715DACE498E9CB408484
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://18abn.contoso.directory/ Page URL
  2. https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=http... Page URL
  3. https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=http... Page URL

Page Statistics

40
Requests

95 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

6
IPs

1
Countries

668 kB
Transfer

2241 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://18abn.contoso.directory/ Page URL
  2. https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256 Page URL
  3. https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
18abn.contoso.directory/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a14471cc6568bb2ffa066b658f0bd95258ed1283b603460cf52798940f048352

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 31 Mar 2024 23:35:34 GMT
ETag
W/"65f461a2-1294"
Last-Modified
Fri, 15 Mar 2024 14:56:34 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
webpack-367277a25e05e1c8.js
18abn.contoso.directory/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
25e3fb228ec8bfb883a34097dd1bbdf5e523db7c23f660214ec5d304a61543a2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-188f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
fd9d1056-94d51a7229cdc644.js
18abn.contoso.directory/_next/static/chunks/ 		160 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/fd9d1056-94d51a7229cdc644.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
be39ae1b59f6d7362be6e4ca09631561134fb072d022d4a52f53c47b088d0917

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-28044"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
2472-d2675ce40f6cc81a.js
18abn.contoso.directory/_next/static/chunks/ 		108 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/2472-d2675ce40f6cc81a.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b3f9011d5bc89f74c807b60852b062e19451c8e5ab22e6e8590234bddc35f62a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-1b1e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
main-app-93a82954f85f60f8.js
18abn.contoso.directory/_next/static/chunks/ 		518 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/main-app-93a82954f85f60f8.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
cf48ace6a4bed394a75032dd9dd696ae44397a4c3a6f7ed55e619bae6d7df27a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-206"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
c9a5bc6a7c948fb0-s.p.woff2
18abn.contoso.directory/_next/static/media/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/fd9d1056-94d51a7229cdc644.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
"65f461a0-b5d8"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46552
4ac80d88599231c0.css
18abn.contoso.directory/_next/static/css/ 		158 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/css/4ac80d88599231c0.css
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/fd9d1056-94d51a7229cdc644.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
aac333e83a9efc12e02838e4752316d5cb8b5a2e3ac276115698dc228277ca39

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-276da"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
88e44018c13b0515.css
18abn.contoso.directory/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/css/88e44018c13b0515.css
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/fd9d1056-94d51a7229cdc644.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
fbf175830b94c9816ce8a76b722c72f600709113a614005e596c656141b9bbc1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
Origin
https://18abn.contoso.directory
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-c23"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
9081a741-6b4ac6fffb63fe9f.js
18abn.contoso.directory/_next/static/chunks/ 		611 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/9081a741-6b4ac6fffb63fe9f.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
408b94dc436c0a0fa9bdc95f61c11d94a974b8c188ecf92d50748c9601b1f4d6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-263"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
93854f56-7de4e40453afe2a9.js
18abn.contoso.directory/_next/static/chunks/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/93854f56-7de4e40453afe2a9.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ab91d2dc51a389b42fea016341badf0567f907d2409b3c8956c3b5902c711920

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-160b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
1677-a6abbc331a81fc74.js
18abn.contoso.directory/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/1677-a6abbc331a81fc74.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
10e697fee70b3361415fc6f9f05609ce39e540cd0ffb652ac97a587d7968ba7c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-5f58"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
704-b5f3a234f54e322b.js
18abn.contoso.directory/_next/static/chunks/ 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/704-b5f3a234f54e322b.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3976d128f01b709af57c8edb979ffe47e6460d60458b011324e2a8016a0afa23

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-2ca8f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
5945-9e246bd3b917fdd6.js
18abn.contoso.directory/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/5945-9e246bd3b917fdd6.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
f08e81fbe28458e84000320b916204f2d913fd6410d181b940f29fd428583cc5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-4704"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
2731-e746de7d02695f25.js
18abn.contoso.directory/_next/static/chunks/ 		85 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/2731-e746de7d02695f25.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
133e7a971d8012e9f0043f3ca2cecca0fe1933acfe70e7b4682daf2b2fdf609e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-15247"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
8712-4a7d449a5289449b.js
18abn.contoso.directory/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/8712-4a7d449a5289449b.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
91b1cc0cb02d189ff2143908723c60f44f36d5ab35aec75cbebf32c2481660c4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-140b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
6691-c79d5fd1722acd36.js
18abn.contoso.directory/_next/static/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/6691-c79d5fd1722acd36.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
4790641fc3eab350dc1de20e99c947bddcf880ef64d641835addf751fc991cb2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-3877"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
7280-032bedaa37817ea8.js
18abn.contoso.directory/_next/static/chunks/ 		172 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/7280-032bedaa37817ea8.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3a437be4173aa9b2db646fcb170854b1d8f1d87cb7957674cd42854e1422ff27

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-2b083"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
8444-ff4532f12ce7edd9.js
18abn.contoso.directory/_next/static/chunks/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/8444-ff4532f12ce7edd9.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0b053d6a94dccfc40b5f4e41321bb3d5034ac00edf4706c4e5b4a34874b5faab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-677c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
layout-87f581d0dd39bc8f.js
18abn.contoso.directory/_next/static/chunks/app/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/app/layout-87f581d0dd39bc8f.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
68691d5c5f9cfbd1a028dc3de79cb485ddd6051c4a2d5afb3975fd9792433c3b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 31 Mar 2024 23:33:45 GMT
Server
nginx
ETag
W/"6609f2d9-7323"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
not-found-a28aa0db5fd95d48.js
18abn.contoso.directory/_next/static/chunks/app/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/app/not-found-a28aa0db5fd95d48.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
dc01e95ce47e5cf7dd82d147e554caad387a4d3768b64b263c896066c40583a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-1297"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
page-1ad2a8d69c24d7ce.js
18abn.contoso.directory/_next/static/chunks/app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/app/page-1ad2a8d69c24d7ce.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
27a68066571e673bf1b05258f05872c045e14e6b14872b03b42a26466947353b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 31 Mar 2024 23:33:45 GMT
Server
nginx
ETag
W/"6609f2d9-1acc"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
04f0b92d-03dd-424d-ad64-e9b40a960de3
https://18abn.contoso.directory/ 		0
0
6435.a00e370b6b967c48.js
18abn.contoso.directory/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/_next/static/chunks/6435.a00e370b6b967c48.js
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/webpack-367277a25e05e1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
64c86bfa829c6d50d470f8c5fb3afe78f4e62624840dc8c60a8c936ba18f77ba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:32 GMT
Server
nginx
ETag
W/"65f461a0-e9e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
favicon.ico
18abn.contoso.directory/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a2899b27c8b507429970224551b3cb149fdbfb4fcc42b0210340cb6fa15fef06

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:33 GMT
Server
nginx
ETag
W/"65f461a1-3aee"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/x-icon
Connection
keep-alive
favicon.ico
18abn.contoso.directory/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://18abn.contoso.directory/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.10.59.67 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a2899b27c8b507429970224551b3cb149fdbfb4fcc42b0210340cb6fa15fef06

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 31 Mar 2024 23:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2024 14:56:33 GMT
Server
nginx
ETag
W/"65f461a1-3aee"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/x-icon
Connection
keep-alive
openid-configuration
login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/v2.0/.well-known/openid-configuration
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/2731-e746de7d02695f25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3500:48:: Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99c8647398aaf7862d9ac1250b79b917b833e96a09fbec8382a11798034e0624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://18abn.contoso.directory/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Sun, 31 Mar 2024 23:35:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
2634f8a6-81dd-4c6e-952e-627691c91100
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
Content-Length
1760
x-ms-ests-server
2.1.17615.13 - USGAZLR2 ProdSlices
X-XSS-Protection
0
authorize
login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/ 		0
0
authorize
login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256
Requested by
Host: 18abn.contoso.directory
URL: https://18abn.contoso.directory/_next/static/chunks/2731-e746de7d02695f25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3500:48::1 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c06b27a250f688f6c0fd64b81dcce59fae61227b7c316cd5dd69f7c63f19a339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18abn.contoso.directory/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8907
Content-Type
text/html; charset=utf-8
Date
Sun, 31 Mar 2024 23:35:36 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.17615.11 - USGTX ProdSlices
x-ms-request-id
ed9457b8-0cf2-444f-bd20-0e8608b65700
BssoInterrupt_Core_HC7t4HZ_o96i0-T341lIwg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_HC7t4HZ_o96i0-T341lIwg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eaa3efbd63434ed810bb9bfcdd445f7ef66fff5b3e9a1da814f3d28ca696462d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:37 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49611
x-ms-lease-status
unlocked
last-modified
Sat, 02 Mar 2024 00:12:08 GMT
etag
0x8DC3A4D6646D827
x-azure-ref
20240331T233537Z-6q195ph8vt41vdusyn1ptyu2s00000000hz000000000nvhv
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
45f2a309-b01e-0049-1f9f-7c459c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/ 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_HC7t4HZ_o96i0-T341lIwg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3500:48::1 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d7d189cfb98681c0715c6cf107deeafeccce3e634c8ad93a48d04f612b5a2d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14233
Content-Type
text/html; charset=utf-8
Date
Sun, 31 Mar 2024 23:35:37 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
x-ms-ests-server
2.1.17615.13 - USGAZLR2 ProdSlices
x-ms-request-id
b7ae9574-46e0-4bdd-b708-6240be3b0b00
favicon.ico
login.microsoftonline.us/ 		0
504 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3500:48::1 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Sun, 31 Mar 2024 23:35:36 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
dc131cd0-3ea4-47a4-9a79-8e664b830f00
Cache-Control
private
Content-Length
0
x-ms-ests-server
2.1.17615.13 - USGAZLR2 ProdSlices
X-XSS-Protection
0
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:37 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
676467
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (frc/4CBB)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e56748d7-801e-0017-2a9d-7d3b0a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		433 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF1) /
Resource Hash
1a593c25442e0b30d379ee4a9c5c8772c70e097c4f92bfefe07baf8c168e79ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:37 GMT
content-encoding
gzip
content-md5
cUlB6QxKI222kY9gJnLAfQ==
age
676908
x-cache
HIT
content-length
120844
x-ms-lease-status
unlocked
last-modified
Sat, 02 Mar 2024 00:12:05 GMT
server
ECAcc (frc/4CF1)
etag
0x8DC3A4D647E2225
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bc90cffc-c01e-007b-079c-7d8d31000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_bph60qwi_fpq0ph5g5nigw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_bph60qwi_fpq0ph5g5nigw2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA3) /
Resource Hash
d2fd5d3ebb8ff57547a9dcb780b7730d441ee8db5b9150098d6eccc5e1b021fe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:37 GMT
content-encoding
gzip
content-md5
eU+722a99TdeIn69VUNJUg==
age
676530
x-cache
HIT
content-length
17397
x-ms-lease-status
unlocked
last-modified
Sat, 17 Feb 2024 05:08:37 GMT
server
ECAcc (frc/4CA3)
etag
0x8DC2F767FB0F0FA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6005fefb-901e-000e-439c-7df83b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE5) /
Resource Hash
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:38 GMT
content-encoding
gzip
content-md5
eZ+IAUPxfkfE79uz/zWlTA==
age
590390
x-cache
HIT
content-length
54325
x-ms-lease-status
unlocked
last-modified
Thu, 15 Feb 2024 19:13:46 GMT
server
ECAcc (frc/4CE5)
etag
0x8DC2E5A3BC19A93
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
daaa3c11-701e-002c-4765-7e3f0c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:38 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
676497
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
server
ECAcc (frc/4CBA)
etag
0x8D8731240E548EB
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
debb0496-801e-00bf-299d-7da57d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:38 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
676540
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (frc/4CBF)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
920c4446-a01e-00e9-709c-7d3c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:38 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
676577
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4C94)
etag
0x8DB5C3F495F4B8C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f2ff5853-201e-0065-619c-7d9f0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D08) /
Resource Hash
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:38 GMT
content-encoding
gzip
content-md5
V5EQEHVskNWHVMke8e4nZQ==
age
676390
x-cache
HIT
content-length
35813
x-ms-lease-status
unlocked
last-modified
Thu, 15 Feb 2024 19:13:48 GMT
server
ECAcc (frc/4D08)
etag
0x8DC2E5A3CC5D827
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
02ed8a90-601e-008d-029d-7dd268000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.microsoftonline.us/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 31 Mar 2024 23:35:38 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
676539
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frc/4CA2)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cc0763e7-101e-0082-0a9c-7d5b77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
18abn.contoso.directory
URL
blob:https://18abn.contoso.directory/04f0b92d-03dd-424d-ad64-e9b40a960de3
Domain
login.microsoftonline.us
URL
https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=nMygdkgmSp&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=Q64pIml61MzEuODru5Z_w13MswOG415QUcl1-Qabmis&code_challenge_method=S256

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f boolean| __convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57

10 Cookies

Domain/Path Name / Value
.login.microsoftonline.us/ Name: esctx-wHKoNigpmkg
Value: AQABCQEAAgAJNbHDhorQQLZUPCWPjAJJ_xig1rrG3ulOIlzXNz7OjFDnhfu35Sqs4sOOCmAMWsAWO54eCu8XLoa9wGwWUYY5xT7lInH-Yk8vEBMpHl3Vmxf3zg6tEFzRW1F5QwFrh45cimcdpU4PuYbi8qLdZOJPWKafD85hdLjhnkvPpE1wmCAA
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.us/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.CwMATI-7vHP7WEaYNOlLyfEJvDlD4wbqW71PnHqJCgEKwV0BAAA.AQABGgEAAgAJNbHDhorQQLZUPCWPjAJJ8JqQlxOAhQFD-CzY8i-6BhnyZNzynPlCfLBeMxp3-xiYjWyTohRyGP4EKoOVOEQ9F0dellamxBvLwjtAmyBG_gh5KFz5l2CeudvVImo2UBggAA
.login.microsoftonline.us/ Name: esctx
Value: PAQABBwEAAgAJNbHDhorQQLZUPCWPjAJJtzafMvafghVAXtbsMtC6jSACNTYMYmD5xiRa0lnL3jYCMdvLgVZHfQeh5467UVj5_RgqnMnKZQdJClRC2_JYlOfovcROCGMkFz8Gx1jswrMgLpTG3_vcjrqos2L2jtsStxipAuzmoFQIBLsj7t3JWVXwFBjFqjnfCanKs0HzqWMgAA
.login.microsoftonline.us/ Name: esctx-1jPUVJRVTpA
Value: AQABCQEAAgAJNbHDhorQQLZUPCWPjAJJpY4OS-dIS3dBUirrRweBbGxgHYy0pao5u-ph9IxYrr700FS2bTC13VIhkPItIVpv1M5oSR_aw8jg0y8mX1vNWoYQvUy2wsC1NzOAWjUaXyoemTy-LlVqrL-fdNkvTspNBv8gf5OZUFbHHArpLgfngyAA
login.microsoftonline.us/ Name: fpc
Value: AmEW-850EjpGqVIfNuFYVUNg69YUAQAAAEnqm90OAAAA
.login.microsoftonline.us/ Name: brcap
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://login.microsoftonline.us/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://login.microsoftonline.us/bcbb8f4c-fb73-4658-9834-e94bc9f109bc/oauth2/v2.0/authorize?redirect_uri=https%3A%2F%2F18abn.contoso.directory%2Fauth&client_id=06e34339-5bea-4fbd-9c7a-890a010ac15d&response_type=code&state=fz0uLiABWo&scope=openid%20profile%20email%20offline_access%20api%3A%2F%2F06e34339-5bea-4fbd-9c7a-890a010ac15d%2Fapi&audience=06e34339-5bea-4fbd-9c7a-890a010ac15d&code_challenge=pFowk76XcS-tncM3LDb2GbxqZc66RpGG86PyUYVkGGg&code_challenge_method=S256&sso_reload=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18abn.contoso.directory
aadcdn.msauth.net
aadcdn.msftauth.net
login.microsoftonline.us
18abn.contoso.directory
login.microsoftonline.us
2001:489a:3500:48::
2001:489a:3500:48::1
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::45
62.10.59.67
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0b053d6a94dccfc40b5f4e41321bb3d5034ac00edf4706c4e5b4a34874b5faab
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
10e697fee70b3361415fc6f9f05609ce39e540cd0ffb652ac97a587d7968ba7c
133e7a971d8012e9f0043f3ca2cecca0fe1933acfe70e7b4682daf2b2fdf609e
1a593c25442e0b30d379ee4a9c5c8772c70e097c4f92bfefe07baf8c168e79ee
25e3fb228ec8bfb883a34097dd1bbdf5e523db7c23f660214ec5d304a61543a2
27a68066571e673bf1b05258f05872c045e14e6b14872b03b42a26466947353b
3976d128f01b709af57c8edb979ffe47e6460d60458b011324e2a8016a0afa23
3a437be4173aa9b2db646fcb170854b1d8f1d87cb7957674cd42854e1422ff27
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3d7d189cfb98681c0715c6cf107deeafeccce3e634c8ad93a48d04f612b5a2d8
408b94dc436c0a0fa9bdc95f61c11d94a974b8c188ecf92d50748c9601b1f4d6
4790641fc3eab350dc1de20e99c947bddcf880ef64d641835addf751fc991cb2
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
64c86bfa829c6d50d470f8c5fb3afe78f4e62624840dc8c60a8c936ba18f77ba
68691d5c5f9cfbd1a028dc3de79cb485ddd6051c4a2d5afb3975fd9792433c3b
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
91b1cc0cb02d189ff2143908723c60f44f36d5ab35aec75cbebf32c2481660c4
99c8647398aaf7862d9ac1250b79b917b833e96a09fbec8382a11798034e0624
a14471cc6568bb2ffa066b658f0bd95258ed1283b603460cf52798940f048352
a2899b27c8b507429970224551b3cb149fdbfb4fcc42b0210340cb6fa15fef06
aac333e83a9efc12e02838e4752316d5cb8b5a2e3ac276115698dc228277ca39
ab91d2dc51a389b42fea016341badf0567f907d2409b3c8956c3b5902c711920
b3f9011d5bc89f74c807b60852b062e19451c8e5ab22e6e8590234bddc35f62a
be39ae1b59f6d7362be6e4ca09631561134fb072d022d4a52f53c47b088d0917
c06b27a250f688f6c0fd64b81dcce59fae61227b7c316cd5dd69f7c63f19a339
cf48ace6a4bed394a75032dd9dd696ae44397a4c3a6f7ed55e619bae6d7df27a
d2fd5d3ebb8ff57547a9dcb780b7730d441ee8db5b9150098d6eccc5e1b021fe
dc01e95ce47e5cf7dd82d147e554caad387a4d3768b64b263c896066c40583a7
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c
eaa3efbd63434ed810bb9bfcdd445f7ef66fff5b3e9a1da814f3d28ca696462d
f08e81fbe28458e84000320b916204f2d913fd6410d181b940f29fd428583cc5
fbf175830b94c9816ce8a76b722c72f600709113a614005e596c656141b9bbc1