urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:d8::5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://segment-execution-analyser-staging.gservice.emarsys.com/
Effective URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15...
Submission: On July 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2603:1027:1:d8::5, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 15.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.107.112.91 396982 (GOOGLE-CL...)
4 4 35.198.176.244 396982 (GOOGLE-CL...)
10 2600:9000:275... 16509 (AMAZON-02)
1 1 34.141.27.203 396982 (GOOGLE-CL...)
1 2603:1027:1:d... 8075 (MICROSOFT...)
9 2620:1ec:29:1... 8075 (MICROSOFT...)
1 40.126.32.74 8075 (MICROSOFT...)
22 5
2    34.107.112.91 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.112.107.34.bc.googleusercontent.com
segment-execution-analyser-staging.gservice.emarsys.com
4    35.198.176.244 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 244.176.198.35.bc.googleusercontent.com
redirector.gservice.emarsys.net
10    2600:9000:275b:5200:1b:b6d7:fac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.emarsys.net
1    34.141.27.203 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.27.141.34.bc.googleusercontent.com
internal-sso-staging.gservice.emarsys.com
1    2603:1027:1:d8::5 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
9    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    40.126.32.74 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Apex Domain
Subdomains		 Transfer
14 emarsys.net
redirector.gservice.emarsys.net
assets.emarsys.net — Cisco Umbrella Rank: 69033
945 KB
9 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2218
329 KB
3 emarsys.com
segment-execution-analyser-staging.gservice.emarsys.com
internal-sso-staging.gservice.emarsys.com
3 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 37
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 15
16 KB
22 5
Domain Requested by
10 assets.emarsys.net segment-execution-analyser-staging.gservice.emarsys.com
assets.emarsys.net
redirector.gservice.emarsys.net
9 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
4 redirector.gservice.emarsys.net 4 redirects
2 segment-execution-analyser-staging.gservice.emarsys.com 1 redirects
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com assets.emarsys.net
1 internal-sso-staging.gservice.emarsys.com 1 redirects
22 7

This site contains links to these domains. Also see Links.

Domain
signup.live.com
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
segment-execution-analyser-staging.gservice.emarsys.com
R10		 2024-07-31 -
2024-10-29		 3 months crt.sh
assets.emarsys.net
Amazon RSA 2048 M02		 2023-12-31 -
2025-01-28		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-05-27 -
2025-05-27		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-04-30 -
2025-04-30		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-05-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Frame ID: F02F2849B05A92D48B962436055C7ACC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://segment-execution-analyser-staging.gservice.emarsys.com/ Page URL
  2. https://segment-execution-analyser-staging.gservice.emarsys.com/api HTTP 303
    https://internal-sso-staging.gservice.emarsys.com/login?app_name=segment-execution-analyser&redirect_url=https%3A%2F%2Fsegment... HTTP 302
    https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd... Page URL

Page Statistics

22
Requests

82 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

5
IPs

4
Countries

1288 kB
Transfer

5150 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://segment-execution-analyser-staging.gservice.emarsys.com/ Page URL
  2. https://segment-execution-analyser-staging.gservice.emarsys.com/api HTTP 303
    https://internal-sso-staging.gservice.emarsys.com/login?app_name=segment-execution-analyser&redirect_url=https%3A%2F%2Fsegment-execution-analyser-staging.gservice.emarsys.com%2Fsso%2Fauthenticate&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=segment-execution-analyser_ssoservice_v1%2F20240731%2Feu%2Fsso-service%2Fems_request&X-EMS-Date=20240731T065244Z&X-EMS-Expires=86400&X-EMS-SignedHeaders=host&X-EMS-Signature=f525fa9b31f0714175a7477a9c33a824ce76a65be3a340ea9207e3221a6ed765 HTTP 302
    https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://redirector.gservice.emarsys.net/ui/latest/js/app.js HTTP 302
  • https://assets.emarsys.net/ui/31.70.2/js/app.js
Request Chain 2
  • https://redirector.gservice.emarsys.net/ui/latest/css/app.css HTTP 302
  • https://assets.emarsys.net/ui/31.70.2/css/app.css
Request Chain 3
  • https://redirector.gservice.emarsys.net/segment-execution-analyser/latest/js/app.js HTTP 302
  • https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/app.js
Request Chain 4
  • https://redirector.gservice.emarsys.net/segment-execution-analyser/latest/js/index.css HTTP 302
  • https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/index.css

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
segment-execution-analyser-staging.gservice.emarsys.com/ 		992 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://segment-execution-analyser-staging.gservice.emarsys.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.107.112.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
91.112.107.34.bc.googleusercontent.com
Software
/
Resource Hash
385af7d219ad4c3f57b407700fab9b38d0c7b9565161f989f5877007df1976dd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
992
content-type
text/html
date
Wed, 31 Jul 2024 06:52:43 GMT
etag
"190ea1f6748-3e0"
last-modified
Thu, 25 Jul 2024 13:40:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-envoy-upstream-service-time
7
x-gap-router-request-id-y3ntymkk
6d170f3bff0edc34c25a9f340940fd90
app.js
assets.emarsys.net/ui/31.70.2/js/
Redirect Chain
  • https://redirector.gservice.emarsys.net/ui/latest/js/app.js
  • https://assets.emarsys.net/ui/31.70.2/js/app.js
911 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/31.70.2/js/app.js
Requested by
Host: segment-execution-analyser-staging.gservice.emarsys.com
URL: https://segment-execution-analyser-staging.gservice.emarsys.com/
Protocol
H2
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c22fcf9575fbe4e5f0bfbbb5aa17bbd240cffb2d8cd7a83d3148a20327067d6b

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 08:14:04 GMT
x-amz-version-id
kFf7pbl_VZSfp4ZvWJWYK6oJvE7JExCi
content-encoding
gzip
last-modified
Fri, 26 Jul 2024 08:13:58 GMT
server
AmazonS3
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
etag
W/"f614849b25955efc8fd6ceb3e708f207"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=315360000, no-transform, public
age
427120
x-amz-cf-id
xJu08JqDWAhYEoxNqJE55Q5lMdn6CzJn52w9PYdSZCnAG4gc7qNJ-Q==

Redirect headers

date
Wed, 31 Jul 2024 06:52:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
text/html; charset=utf-8
location
https://assets.emarsys.net/ui/31.70.2/js/app.js
access-control-allow-origin
*
x-gap-router-request-id-y3ntymkk
aaf8db4935f6d26f6c8dfcb3c720b955
cache-control
no-cache
x-envoy-upstream-service-time
3
content-length
125
app.css
assets.emarsys.net/ui/31.70.2/css/
Redirect Chain
  • https://redirector.gservice.emarsys.net/ui/latest/css/app.css
  • https://assets.emarsys.net/ui/31.70.2/css/app.css
778 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/31.70.2/css/app.css
Requested by
Host: segment-execution-analyser-staging.gservice.emarsys.com
URL: https://segment-execution-analyser-staging.gservice.emarsys.com/
Protocol
H2
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c4d2c9a377db9b048257c7e62310b2bcb2ed6a4919c4fadbe4d81c86e72225f

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 08:14:04 GMT
x-amz-version-id
ddMgxs3Xn5.jZvRE2QhJykJLPIOlf0Bb
content-encoding
gzip
last-modified
Fri, 26 Jul 2024 08:13:57 GMT
server
AmazonS3
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
etag
W/"d722fb45005b2fa29a913d066af924c0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=315360000, no-transform, public
age
427120
x-amz-cf-id
Oozgn30JjzcNvHj54bEcLjMbej7WKgxqfc_UACMj3qzYFbxzI8toMA==

Redirect headers

date
Wed, 31 Jul 2024 06:52:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
text/html; charset=utf-8
location
https://assets.emarsys.net/ui/31.70.2/css/app.css
access-control-allow-origin
*
x-gap-router-request-id-y3ntymkk
ec8212129eda3f48fbc557eb852f5b3f
cache-control
no-cache
x-envoy-upstream-service-time
4
content-length
129
app.js
assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/
Redirect Chain
  • https://redirector.gservice.emarsys.net/segment-execution-analyser/latest/js/app.js
  • https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/app.js
2 MB
470 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/app.js
Requested by
Host: segment-execution-analyser-staging.gservice.emarsys.com
URL: https://segment-execution-analyser-staging.gservice.emarsys.com/
Protocol
H2
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58f8e28b31f68590abdceaec04ac844deda94c7f85d0a5eec1c4539c9f23bbc7

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 09:36:39 GMT
x-amz-version-id
XiDHxtu6c6fbnBwA6OWcTsY1kLTgI8dV
content-encoding
gzip
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
76565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 29 Jul 2024 11:54:18 GMT
server
AmazonS3
etag
W/"c458c8c8f79a2ef712e13a682c62c5c0"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
x-amz-cf-id
mcCVxika99dDwZ8kN9rWtSUvWnZNMmV_iDwEkpUQZQOK9v_WIDoyUA==

Redirect headers

date
Wed, 31 Jul 2024 06:52:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
text/html; charset=utf-8
location
https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/app.js
access-control-allow-origin
*
x-gap-router-request-id-y3ntymkk
ac58835abbdb26c79474406e1da9e83a
cache-control
no-cache
x-envoy-upstream-service-time
6
content-length
223
index.css
assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/
Redirect Chain
  • https://redirector.gservice.emarsys.net/segment-execution-analyser/latest/js/index.css
  • https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/index.css
459 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/index.css
Requested by
Host: segment-execution-analyser-staging.gservice.emarsys.com
URL: https://segment-execution-analyser-staging.gservice.emarsys.com/
Protocol
H2
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcccc719d6c90af01f6731dba49e4a7252f601e159254f0ace55b4c4d16521b3

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 09:36:39 GMT
x-amz-version-id
bwiAZ9PQMJIPhqdDMTB_s6d3rkIsX_z0
content-encoding
gzip
last-modified
Mon, 29 Jul 2024 11:54:18 GMT
server
AmazonS3
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
etag
W/"5c445c8e24f8b675a9f086f921dd1691"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=315360000, no-transform, public
age
76565
x-amz-cf-id
gV0dBHOBmHNtSO_8ckqO-RwkpFPe_wM11E1vx-aLSfRfnkG3Ji8-0w==

Redirect headers

date
Wed, 31 Jul 2024 06:52:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
text/html; charset=utf-8
location
https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/index.css
access-control-allow-origin
*
x-gap-router-request-id-y3ntymkk
4fdf08829448678839a7fee18ef6f0d5
cache-control
no-cache
x-envoy-upstream-service-time
5
content-length
229
sap-logo.svg
assets.emarsys.net/ui/static/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.emarsys.net/ui/static/images/sap-logo.svg
Requested by
Host: segment-execution-analyser-staging.gservice.emarsys.com
URL: https://segment-execution-analyser-staging.gservice.emarsys.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
date
Wed, 31 Jul 2024 06:10:43 GMT
last-modified
Tue, 06 Apr 2021 11:37:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
2522
etag
W/"76eccd2d50f7b18eef1692eb720812dd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
HAZfwpE4t8Rd7VrKmOsuTjZVZfIqYyxK2G6wMQw9SYepqctPnByp6Q==
Primary Request authorize
login.microsoftonline.com/organizations/oauth2/v2.0/
Redirect Chain
  • https://segment-execution-analyser-staging.gservice.emarsys.com/api
  • https://internal-sso-staging.gservice.emarsys.com/login?app_name=segment-execution-analyser&redirect_url=https%3A%2F%2Fsegment-execution-analyser-staging.gservice.emarsys.com%2Fsso%2Fauthenticate&X...
  • https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emar...
37 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Requested by
Host: assets.emarsys.net
URL: https://assets.emarsys.net/segment-execution-analyser/release-production-240729-115324/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5d5c2a96d804f36117e1901e8bc56952e3e1766ae298c35c01e582fa929024e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/#/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
13676
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 06:52:44 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18565.7 - NEULR1 ProdSlices
x-ms-request-id
518d87fe-2f3d-4d91-a765-4a9398c70c00
x-ms-srs
1.P

Redirect headers

content-length
805
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 06:52:44 GMT
location
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
strict-transport-security
max-age=15724800; includeSubDomains
vary
Cookie
x-envoy-upstream-service-time
482
x-gap-router-request-id-y3ntymkk
ce00f238e255ba6127d0bbee446aaf23
72-Regular.woff2
assets.emarsys.net/ui/static/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/static/fonts/72-Regular.woff2
Requested by
Host: assets.emarsys.net
URL: https://assets.emarsys.net/ui/31.70.2/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://assets.emarsys.net/ui/31.70.2/css/app.css
Origin
https://segment-execution-analyser-staging.gservice.emarsys.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:52:45 GMT
x-amz-version-id
null
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
last-modified
Wed, 24 Mar 2021 12:36:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"0072d92bfeaf57f02de04342d06a3463"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
53376
x-amz-cf-id
g3QC9jwXuAKMf7GF6aO_RLAhCHHmD91ipO-rTvFdrfZiJHRIU6KpXw==
72-Bold.woff2
assets.emarsys.net/ui/static/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/static/fonts/72-Bold.woff2
Requested by
Host: assets.emarsys.net
URL: https://assets.emarsys.net/ui/31.70.2/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://assets.emarsys.net/ui/31.70.2/css/app.css
Origin
https://segment-execution-analyser-staging.gservice.emarsys.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:52:45 GMT
x-amz-version-id
null
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
last-modified
Wed, 24 Mar 2021 12:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"85e09d643e5d4b5f98c3aaf365bd1c02"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
51012
x-amz-cf-id
7Qn9aRuedmZDsGhMTpl2MQvFiXjkfQNZGpqFvOT17ODuvYONBglV3w==
emoji.json
assets.emarsys.net/ui/31.70.2/assets/ 		70 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/31.70.2/assets/emoji.json
Requested by
Host: redirector.gservice.emarsys.net
URL: https://redirector.gservice.emarsys.net/ui/latest/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:52:45 GMT
x-amz-version-id
GHmNpsD5ZACQybXZFtCg4BkfMRhzfXMk
content-encoding
gzip
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Fri, 26 Jul 2024 08:13:56 GMT
server
AmazonS3
etag
W/"b7b1e84753df27ae87e8d6831f6aaaf9"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
x-amz-cf-id
T0kqBLcdjGxtnu1CqY-5EJnlEvAY9wfLbFMaXzYWe4Q8Bykg93MUNA==
icon-font-list.json
assets.emarsys.net/ui/31.70.2/assets/ 		40 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/31.70.2/assets/icon-font-list.json
Requested by
Host: redirector.gservice.emarsys.net
URL: https://redirector.gservice.emarsys.net/ui/latest/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:35:15 GMT
x-amz-version-id
v_CAQJTm.L9TBqKfROVOZQ4KvecUphF1
content-encoding
gzip
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
155850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 Jul 2024 08:13:57 GMT
server
AmazonS3
etag
W/"727c1da655245312c8304c6d94d03a02"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
x-amz-cf-id
o4x6ne7W6ak42JN4AwZ3WzR_IG88ZwXonsAW-6ooyvKxbHovT7gLuA==
image-list.json
assets.emarsys.net/ui/31.70.2/assets/ 		719 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.emarsys.net/ui/31.70.2/assets/image-list.json
Requested by
Host: redirector.gservice.emarsys.net
URL: https://redirector.gservice.emarsys.net/ui/latest/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:5200:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://segment-execution-analyser-staging.gservice.emarsys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:35:15 GMT
x-amz-version-id
aV2vm5lJmOWYAZBNNfXkTPDfUKy3vmB4
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
155850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
719
last-modified
Fri, 26 Jul 2024 08:13:57 GMT
server
AmazonS3
etag
"4959da78e211d636e3cb1415355a7849"
vary
Origin
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
J2uUyIqs6LixnrlopiIxkuWclG-xuPYZgG64Dxk24wzKh2DaZeMjQA==
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:44 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
20414
x-ms-lease-status
unlocked
last-modified
Wed, 03 Jul 2024 21:48:08 GMT
etag
0x8DC9BA9D4131BFD
x-azure-ref
20240731T065244Z-r1c5885d44fvnvjt3t31ry9n2g0000000c800000000021rb
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fe446532-701e-002c-5d7b-d92ff9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		438 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3d6ac1801feafc2cb6d94f9ad94c4742c5e6b79ed02ad589e308a50a7619f49

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:44 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
121952
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:14:05 GMT
etag
0x8DC90CEA9270EFB
x-azure-ref
20240731T065244Z-r1c5885d44fvnvjt3t31ry9n2g0000000c800000000021rd
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
01953211-c01e-0006-3e7f-d9f0e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_mwkrjugjbdtxzv3fly3p-q2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_mwkrjugjbdtxzv3fly3p-q2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3726f297fa7bfbf444de4a62e7d9ac0adc4ba0b816018e43fc85ad609663260

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:44 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
17574
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 01:47:57 GMT
etag
0x8DC9001D7F12224
x-azure-ref
20240731T065244Z-r1c5885d44fvnvjt3t31ry9n2g0000000c800000000021rc
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ecef6e37-e01e-005c-16bc-dc960e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:45 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
116351
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:44 GMT
etag
0x8DC90CE9C53BCDF
x-azure-ref
20240731T065245Z-17d8f75f7d7lvlfcu7bkffxnrw00000009vg000000004xc6
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c000077d-a01e-0040-5bee-dd368f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:45 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
etag
0x8D8731230C851A6
x-azure-ref
20240731T065245Z-17d8f75f7d7lvlfcu7bkffxnrw00000009vg000000004xc7
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
8a96947f-901e-0034-6e6d-d9f09e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:45 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F47E260FD
x-azure-ref
20240731T065245Z-17d8f75f7d7lvlfcu7bkffxnrw00000009vg000000004xcg
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e9924d99-d01e-004f-67f5-dcbf90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:45 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4911527F
x-azure-ref
20240731T065245Z-17d8f75f7d7lvlfcu7bkffxnrw00000009vg000000004xch
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ba37f7d8-701e-0011-7f58-dc7ebe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:45 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
35167
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:45 GMT
etag
0x8DC90CE9CFCD37E
x-azure-ref
20240731T065245Z-17d8f75f7d7lvlfcu7bkffxnrw00000009vg000000004xcm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4ccc2af6-501e-006b-76e1-dd82ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Jul 2024 06:52:45 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F49ED96E0
x-azure-ref
20240731T065245Z-17d8f75f7d7lvlfcu7bkffxnrw00000009vg000000004xd2
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3b6b5c7e-001e-0026-7dc6-dc8b4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6c7dc46bb93924417b57 boolean| __convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae

10 Cookies

Domain/Path Name / Value
internal-sso-staging.gservice.emarsys.com/ Name: session
Value: L4SKE64lyX90pEvfGlXIVBHT_46E_oq0S8TSs5bMkZs.bXeWpyAKlSa0_eJS_Cx0tuFxaVY
login.microsoftonline.com/ Name: buid
Value: 0.ARAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY8o9LoDJojfFwlZ9nqNNN8mrA9vd0mWO2nWCJQ2c5wO6sPQU9alb09fIKc79TEeWhto16tEIwViRNWGpzkrvH0PZIDLpKKLrtfQHHxVBs_5kgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYME2gpWrSWYcIFTUpGAmtIILULHkwywY-WhuqwcukeaUNOkOnmEZpQSP3QzsQ4VK1I_9fc2r75S8_APAKIFxSUcRnQWiJhB6J1n4vay94vwRkZ2eKNklEJa27cEgJOWIRuzdPO8YPO6c3Qnjw9M1sZEgCrhu99onutNRJ9K7UzqEgAA
.login.microsoftonline.com/ Name: esctx-qSusHYkQ7Dk
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY0sYxUGhlRLQ4YsrQLnS7DosikeylwZ2RHMwzJRKHmlpC1JZrTW671_duG9Iwhc6yhiaaNNoJXpUsSUeuRMtiLyh8ogb1Vwa5eFhck1VHkbxKb6OOG2AVu4Og8c1T1sRUsggIaBaj8seR6zkgUdQ3dCAA
login.microsoftonline.com/ Name: fpc
Value: Atxi0AsqDg9JjQUBIpi6E-XLkoMfAQAAADzWO94OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 52c0483829e44cc89143343df47bf7cf
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1722408765&co=1

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?response_type=code&client_id=83e6c207-bd30-4bc9-a1df-c84df15a7d1d&redirect_uri=https%3A%2F%2Finternal-sso-staging.gservice.emarsys.com%2Flogin%2Fauthorized&scope=User.Read+Group.Read.All&state=b8QLMTgupn354T3AsaZmHpvs9UwGgq
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
assets.emarsys.net
internal-sso-staging.gservice.emarsys.com
login.live.com
login.microsoftonline.com
redirector.gservice.emarsys.net
segment-execution-analyser-staging.gservice.emarsys.com
2600:9000:275b:5200:1b:b6d7:fac0:93a1
2603:1027:1:d8::5
2620:1ec:29:1::45
34.107.112.91
34.141.27.203
35.198.176.244
40.126.32.74
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0c4d2c9a377db9b048257c7e62310b2bcb2ed6a4919c4fadbe4d81c86e72225f
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
385af7d219ad4c3f57b407700fab9b38d0c7b9565161f989f5877007df1976dd
58f8e28b31f68590abdceaec04ac844deda94c7f85d0a5eec1c4539c9f23bbc7
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
b5d5c2a96d804f36117e1901e8bc56952e3e1766ae298c35c01e582fa929024e
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb
c22fcf9575fbe4e5f0bfbbb5aa17bbd240cffb2d8cd7a83d3148a20327067d6b
c3726f297fa7bfbf444de4a62e7d9ac0adc4ba0b816018e43fc85ad609663260
dcccc719d6c90af01f6731dba49e4a7252f601e159254f0ace55b4c4d16521b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3d6ac1801feafc2cb6d94f9ad94c4742c5e6b79ed02ad589e308a50a7619f49