login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:150::5  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Page URL
2. https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml Page URL
3. https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response login-uk.mimecast.com/u/login/	564 KB 75 KB	207ms 73ms	Document text/html	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash e899344aac5f9f2f3813ba15a09f75ce6575f0e5ce59a6c8b847410960ed9e81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=utf-8 Date Tue, 28 May 2024 20:03:22 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked Vary Accept-Encoding, User-Agent X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	entypo.css login-uk.mimecast.com/u/assets/entypo/font/	17 KB 4 KB	65ms 38ms	Stylesheet text/css	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/assets/entypo/font/entypo.css Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash 7a24726189ec811cbf06e22aaabffbb801ac7053ab29639db0be79d4f1806c1d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Sat, 26 Oct 1985 08:15:00 GMT Content-Encoding gzip ETag W/"tDlFA2VeerItDlFd105cos--gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3613 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	font-awesome.css login-uk.mimecast.com/u/assets/font-awesome/css/	28 KB 6 KB	102ms 36ms	Stylesheet text/css	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/assets/font-awesome/css/font-awesome.css Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Tue, 27 Jan 2015 13:59:08 GMT Content-Encoding gzip ETag W/"NHf43YNyHl4NHf5lqjCKfU--gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 5752 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	mimecast-icons.css login-uk.mimecast.com/u/assets/mimecast-icons/css/	10 KB 3 KB	143ms 40ms	Stylesheet text/css	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/assets/mimecast-icons/css/mimecast-icons.css Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash a1d33188074b02e6b9be49187407105b4205fedffae6444afce0850ce8196afb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Sat, 26 Oct 1985 08:15:00 GMT Content-Encoding gzip ETag W/"tAn+u7K+Cv4tAn+z4rZZzo--gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2466 X-XSS-Protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	16 KB 2 KB	220ms 65ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 28 May 2024 20:03:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 May 2024 18:18:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 May 2024 20:03:23 GMT
GET H2	200	galindo.js Show response static.srcspot.com/libs/	102 KB 45 KB	165ms 36ms	Script application/javascript	35.190.8.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.srcspot.com/libs/galindo.js Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.8.230 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 230.8.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 0b2f31ee1d9d29367a1436b535b93f3de36f0a66771ece5cb0481d8663cf1f4c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 19:50:13 GMT content-encoding gzip age 790 x-guploader-uploadid ABPtcPoDdcEG8F-7RtKE3nsaLDl6RhFhA-gDqDQaKjpetjpXN6v_WkP1hSLppnxVkKsHc_lRF3k x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45159 last-modified Mon, 22 Apr 2024 11:17:39 GMT server UploadServer etag "b4264ecac00918ce9c3a97a700455666" x-goog-generation 1713784659645084 x-goog-hash crc32c=nLzygQ==, md5=tCZOysAJGM6cOpenAEVWZg== content-type application/javascript cache-control no-transform, public, max-age=900 x-goog-stored-content-length 45159 accept-ranges bytes expires Tue, 28 May 2024 20:05:13 GMT
GET H/1.1	200 OK	cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Show response login-uk.mimecast.com/u/login/	1 MB 324 KB	144ms 71ms	Script application/javascript	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/login/cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash db46ddd2c1e70fb8b30a9536334e862f09c40f01181a9e6595c5af7843b62c50 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Tue, 02 Apr 2024 11:25:38 GMT Content-Encoding gzip ETag W/"LCjPNF2yXHALCjOusMttG4--gzip" Transfer-Encoding chunked X-Frame-Options SAMEORIGIN Content-Type application/javascript Vary Accept-Encoding, User-Agent Cache-Control max-age=20160 Connection keep-alive Accept-Ranges bytes X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	cache.f692ac8003e8f0614f6bb1499f05c016.login.js Show response login-uk.mimecast.com/u/login/	203 KB 33 KB	126ms 49ms	Script application/javascript	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/login/cache.f692ac8003e8f0614f6bb1499f05c016.login.js Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash e6b779a8581aaad1da9c19b1a4402bdd5525167c6703d1be6edb698c9907f079 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Tue, 02 Apr 2024 11:25:38 GMT Content-Encoding gzip ETag W/"TpiJ7EbnNrkTpiIYthqoVU--gzip" Transfer-Encoding chunked X-Frame-Options SAMEORIGIN Content-Type application/javascript Vary Accept-Encoding, User-Agent Cache-Control max-age=20160 Connection keep-alive Accept-Ranges bytes X-XSS-Protection 1; mode=block
GET H2	200	pendo.js Show response cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/	496 KB 161 KB	259ms 41ms	Script application/javascript	34.36.213.229 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 229.213.36.34.bc.googleusercontent.com Software UploadServer / Resource Hash 5c6d05436aaa27e71febcc2ca6d48a0780cc6c124d22f8c43bd558742ee62e96 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 20:00:04 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains age 199 x-guploader-uploadid ABPtcPqdWdx8CDG2fJa9iumcIZGa5b0riSrthJrD1ITmE8tHeb7d8mEACPtsQ8XBJtz5LwNMtLQiEBVHDQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 163938 last-modified Thu, 23 May 2024 18:16:37 GMT server UploadServer etag "5ed54b2c9a000daea2ad6b0edc61c16e" vary Accept-Encoding x-goog-generation 1716488197670759 x-goog-hash crc32c=fQ06YA==, md5=XtVLLJoADa6irWsO3GHBbg== access-control-allow-origin * access-control-expose-headers * cache-control public,max-age=450 x-goog-stored-content-length 163938 accept-ranges bytes content-type application/javascript; charset=utf-8
GET H/1.1	200 OK	en.json Show response login-uk.mimecast.com/u/login/assets/languages/	18 KB 6 KB	41ms 41ms	XHR application/json	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/login/assets/languages/en.json?ver=1.9.0-20240402_1223 Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash 534d3e23568bac4ef4df71a1535f12d940a95a085149edf427056dc993ec4272 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Tue, 02 Apr 2024 11:25:38 GMT Content-Encoding gzip ETag W/"ncIa0+9Xux0ncIbXXHZSdc--gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 5531 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	app-version.jsp Show response login-uk.mimecast.com/u/login/	19 B 434 B	43ms 42ms	XHR text/html	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/login/app-version.jsp Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash 3232a9b6a0b3dde17d9f0b9c6f75cbaf6f36c4150ee02f9e28f98b4fdb29f1e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type text/html;charset=utf-8 Cache-Control private, max-age=0, no-cache, no-store Connection keep-alive Content-Length 19 X-XSS-Protection 1; mode=block
POST H/1.1	200 OK	discover-authentication Show response login-uk.mimecast.com/u/proxy/api/login/	447 B 844 B	242ms 241ms	XHR application/json	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/proxy/api/login/discover-authentication Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash 0d0c4d1ef88a348b90af7142785945a390efcda640cd9bf013d5ce6577405153 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" x-mc-api-version 2017.2.22 x-mc-req-id 8b392dd5-3041-ac15-fcf6-f9e5e8c61c95 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Accept application/json, text/plain, */* Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh x-mc-strict nopendo x-mc-app-id 839219c5-30c7-4cdb-9e8a-e343d9316d91 sec-ch-ua-platform "Win32" Response headers Pragma no-cache, no-cache Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Content-Encoding gzip X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type application/json Cache-Control private, max-age=0, no-cache, no-store, no-store Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 335 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	mimecast-logo.png login-uk.mimecast.com/u/assets/images/	2 KB 2 KB	37ms 36ms	Image image/png	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Show image Full URL https://login-uk.mimecast.com/u/assets/images/mimecast-logo.png Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash f6dd06562d16c1ae9dbd19b0c954fcdbe70a06fdc8eb341d415cf6eb26591dca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Tue, 02 Apr 2024 11:23:36 GMT ETag W/"Nt3jV76h+xQNt3i2SAtIpg" X-Frame-Options SAMEORIGIN Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1868 X-XSS-Protection 1; mode=block
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	1227ms 45ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://login-uk.mimecast.com Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 22:45:56 GMT x-content-type-options nosniff age 335848 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 24 May 2025 22:45:56 GMT
POST H/1.1	401 Unauthorized	login login-uk.mimecast.com/u/proxy/api/login/	1 KB 2 KB	262ms 262ms	XHR application/json	195.130.217.178 MIMECAST-UK
General Check archive.org Show headers Download Go to Full URL https://login-uk.mimecast.com/u/proxy/api/login/login Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.130.217.178 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" x-mc-api-version 2017.2.22 x-mc-req-id eb0d2b01-6eec-3248-9f0c-bdd33766ea74 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization SAML User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Accept application/json, text/plain, */* Referer https://login-uk.mimecast.com/u/login/?gta=apps&link=at/video?&ru=LOWgxklBQ8KvF2_jnFyhiIae5iFs1xpKG1sx4ZEnrG8k1M73__nhvpci8i_84AQl2gpSvpUSQNuRd30LYVcDnxqq9VHiaQbBzBabXKypqa09K9raMfqKMjmzHxi6rakh x-mc-strict nopendo x-mc-app-id 839219c5-30c7-4cdb-9e8a-e343d9316d91 sec-ch-ua-platform "Win32" Response headers Pragma no-cache, no-cache Date Tue, 28 May 2024 20:03:23 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff WWW-Authenticate Basic-Ad,Basic-Cloud,Basic-External,SAML,Negotiate-WIA,Good-MDM,JWT X-Frame-Options SAMEORIGIN Content-Type application/json Cache-Control private, max-age=0, no-cache, no-store, no-store Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 1441 X-XSS-Protection 1; mode=block
GET H2	200	saml2 Show response login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/	20 KB 10 KB	1012ms 818ms	Document text/html	2603:1026:3000:150::5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml Requested by Host: login-uk.mimecast.com URL: https://login-uk.mimecast.com/u/login/cache.f22dfb5e3b1b2125fe9de5efde9a0ed7.login-lib.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:150::5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6adb1c5866450c45afc55de49c97da535c66578691c6f74886d3da58920e90ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://login-uk.mimecast.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache content-encoding gzip content-length 9189 content-type text/html; charset=utf-8 date Tue, 28 May 2024 20:03:24 GMT expires -1 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]} strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-ms-ests-server 2.1.18105.6 - KRSLR1 ProdSlices x-ms-request-id ad75149b-8c51-4f68-9cf2-67b691a2e100 x-ms-srs 1.P x-xss-protection 0
GET H2	200	BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js Show response aadcdn.msftauth.net/shared/1.0/content/js/	138 KB 49 KB	211ms 31ms	Script application/x-javascript	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/78BC) / Resource Hash 3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:25 GMT content-encoding gzip content-md5 cPQeKCUJbAEJwW4VWTtIpw== age 2434744 x-cache HIT content-length 49700 x-ms-lease-status unlocked last-modified Mon, 29 Apr 2024 17:13:52 GMT server ECAcc (lhc/78BC) etag 0x8DC686FBE54D2B6 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id c9c9abf7-401e-001b-7a15-9bcf13000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	Primary Request saml2 Show response login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/	38 KB 15 KB	1382ms 1382ms	Document text/html	2603:1026:3000:150::5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2603:1026:3000:150::5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash fed500e9589e8de53a997e1459519b9d0a137fade55c81aafdc6a65bb2483295 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache content-encoding gzip content-length 14548 content-type text/html; charset=utf-8 date Tue, 28 May 2024 20:03:26 GMT expires -1 link <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]} strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control on x-frame-options DENY x-ms-ests-server 2.1.18105.6 - JPE ProdSlices x-ms-request-id 98055e25-ad4f-4933-9008-3aae55b3ff00 x-ms-srs 1.P x-xss-protection 0
GET H2	200	converged.v2.login.min_9oft0ybq1qhuafkqh5wryq2.css aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	110 KB 20 KB	36ms 35ms	Stylesheet text/css	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_9oft0ybq1qhuafkqh5wryq2.css Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/78AF) / Resource Hash 7363adbb18193c85ac24339ab57b08df1c8ef875186edbc85d1ce9184a05a20b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-encoding gzip content-md5 Xj0juQEbCCqNwqbu7mVZ0A== age 2105793 x-cache HIT content-length 20323 x-ms-lease-status unlocked last-modified Fri, 03 May 2024 20:13:32 GMT server ECAcc (lhc/78AF) etag 0x8DC6BAD8177C066 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 671e5e0b-201e-0075-1913-9e2f2c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js Show response aadcdn.msftauth.net/shared/1.0/content/js/	434 KB 119 KB	38ms 37ms	Script application/x-javascript	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/78B6) / Resource Hash 6fe19f0c972beb2f67cceaa67786f882fb6fca4cebc27c411e7236932eda340b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-encoding gzip content-md5 nQQRIDmqHbTqX0nFIRJdag== age 2105494 x-cache HIT content-length 121438 x-ms-lease-status unlocked last-modified Thu, 02 May 2024 00:43:17 GMT server ECAcc (lhc/78B6) etag 0x8DC6A40DB751AEA vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 17ab1a6d-901e-009a-2813-9eb344000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-en-gb.min_ismkfgqkt3jb_u7fudrfcw2.js Show response aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	54 KB 16 KB	38ms 37ms	Script application/x-javascript	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_ismkfgqkt3jb_u7fudrfcw2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/7913) / Resource Hash fd0526ba6272bde1d0342710be0ecad69906cb29dd85c7e9deefda62a91ec01d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-encoding gzip content-md5 1N0TxVNhJQHs+EMumzGtSw== age 2427252 x-cache HIT content-length 15973 x-ms-lease-status unlocked last-modified Wed, 24 Apr 2024 05:52:08 GMT server ECAcc (lhc/7913) etag 0x8DC6422ADBC9D37 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id ffc02528-d01e-008e-1626-9baf6e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	Me.htm login.live.com/	0 0	390ms 160ms	Other text/html	40.126.32.133 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.live.com/Me.htm?v=3 Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.32.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers
GET H2	200	convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js Show response aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/	219 KB 54 KB	197ms 33ms	Script application/x-javascript	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/7925) / Resource Hash 474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-encoding gzip content-md5 P5ihddUjL2Zb7/wjNS1xdg== age 4806916 x-cache HIT content-length 54318 x-ms-lease-status unlocked last-modified Thu, 28 Mar 2024 21:23:30 GMT server ECAcc (lhc/7925) etag 0x8DC4F6D50F3D2E7 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 6dce4b33-401e-008f-6b82-85846c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	favicon aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/	541 B 1 KB	314ms 87ms	Other image/*	2620:1ec:46::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/favicon?ts=638072087062935410 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0b7f017e18a671ff557c7bc993b491afe60ea66a947ae1eb227f2f3822380368 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 50755578 content-length 541 x-ms-lease-status unlocked last-modified Wed, 21 Dec 2022 08:38:27 GMT etag 0x8DAE32EBAEE7F55 x-azure-ref 20240528T200326Z-15948fd4d4c2wkv8tpqauxgt1n00000003y000000001z59v content-type image/* access-control-allow-origin * x-ms-request-id 85929e12-501e-002e-74b9-b0bc85000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js Show response aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/	15 KB 6 KB	30ms 30ms	Script application/x-javascript	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/7892) / Resource Hash 35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-encoding gzip content-md5 NuzanQiiHb2/rc4qm18OGQ== age 4786348 x-cache HIT content-length 5515 x-ms-lease-status unlocked last-modified Thu, 28 Mar 2024 21:23:32 GMT server ECAcc (lhc/7892) etag 0x8DC4F6D51B11E63 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b756a434-101e-007e-1ab2-850a3b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif aadcdn.msftauth.net/shared/1.0/content/images/	3 KB 3 KB	30ms 29ms	Image image/gif	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/7945) / Resource Hash a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-md5 Fm3lNHEmUlOrOkVt7+baIw== age 5667833 x-cache HIT content-length 2672 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT server ECAcc (lhc/7945) etag 0x8DB5C3F4982FD30 content-type image/gif access-control-allow-origin * x-ms-request-id c8ea465c-601e-0025-11ad-7d4c1f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif aadcdn.msftauth.net/shared/1.0/content/images/	4 KB 4 KB	31ms 31ms	Image image/gif	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhc/7941) / Resource Hash 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:26 GMT content-md5 tUCo5RgDcZLjLE/li/Lbqw== age 5668011 x-cache HIT content-length 3620 x-ms-lease-status unlocked last-modified Wed, 24 May 2023 10:11:48 GMT server ECAcc (lhc/7941) etag 0x8DB5C3F492F3EE5 content-type image/gif access-control-allow-origin * x-ms-request-id 1d63faa2-d01e-009e-5cad-7d1f4c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	headerlogo aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/	2 KB 3 KB	40ms 39ms	Image image/*	2620:1ec:46::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/headerlogo?ts=638072102150352966 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 84fcec8f27490c42778b9faca56514a2bd83dca93a0c632dbfa99499e6828f6b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:27 GMT x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 50755578 content-length 2473 x-ms-lease-status unlocked last-modified Wed, 21 Dec 2022 09:03:35 GMT etag 0x8DAE3323DEB7356 x-azure-ref 20240528T200327Z-15948fd4d4c2wkv8tpqauxgt1n00000003y000000001z5ac content-type image/* access-control-allow-origin * x-ms-request-id cd56929d-b01e-0009-5c65-abab41000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	illustration aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/	21 KB 22 KB	50ms 49ms	Image image/*	2620:1ec:46::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/illustration?ts=638072067473343734 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 90c67b3d2e319e2adf6c856fd8b93f14a57e30669354c9ebed0f5176b79421ec Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:27 GMT x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 50755578 content-length 22006 x-ms-lease-status unlocked last-modified Wed, 21 Dec 2022 08:05:47 GMT etag 0x8DAE32A2B044073 x-azure-ref 20240528T200327Z-15948fd4d4c2wkv8tpqauxgt1n00000003y000000001z5af content-type image/* access-control-allow-origin * x-ms-request-id 875af986-601e-0047-642c-b185c9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	bannerlogo aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/	2 KB 3 KB	50ms 50ms	Image image/*	2620:1ec:46::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauthimages.net/447973e2-iqqctljtvqucf7wa5og02xzabudtiqkmwx7u6iygf14/logintenantbranding/0/bannerlogo?ts=638072102132979595 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c04924e654a3f9c0ec0cb10d8fcb53ab81080e3ae9db2228bad0db4b24339614 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://login.microsoftonline.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 28 May 2024 20:03:27 GMT x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 50755578 content-length 2401 x-ms-lease-status unlocked last-modified Wed, 21 Dec 2022 09:03:33 GMT etag 0x8DAE3323D0309BF x-azure-ref 20240528T200327Z-15948fd4d4c2wkv8tpqauxgt1n00000003y000000001z5ag content-type image/* access-control-allow-origin * x-ms-request-id 885d3828-701e-0074-4c3f-abda62000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes
GET		ssoprobe autologon.microsoftazuread-sso.com/97984c2b-a229-4609-8185-ae84947bc3fc/winauth/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

autologon.microsoftazuread-sso.com

URL

https://autologon.microsoftazuread-sso.com/97984c2b-a229-4609-8185-ae84947bc3fc/winauth/ssoprobe?client-request-id=f2eead7c-e000-4fb3-822f-6cf8bafe30b9&_=1716926607027

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-Nafj04UTFo4 Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8pS5LXNORRH0fVZUPJH_S9RYvoVzj_LkrKqyeq9b19aq3fhSn7xbqo3QtL8DPvN1YUngAj2LIhvPPZgEwyoITr5vrKdyRjb5LUMpn9G-mP98TAiYUE591ExDNXxAbmwGjeGEUUBV4lAAJunYS52kXyyAA
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA|NoExtension
			login.microsoftonline.com/	1970-01-20 20:55:26	Name: SSOCOOKIEPULLED Value: 1
			login.microsoftonline.com/	1970-01-20 21:38:38	Name: buid Value: 0.AVMAK0yYlymiCUaBha6ElHvD_MNoTg3Lh6NBh9jM0i1il3dTAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd872xK8IAZi6629_N8KnPaiBMegrKy6vLUlf7JheTbvsdXK9koDU1LERkzzacq1lqMnf3kfeh-Ecx9Aj2iiy1SNLMO-19h9EIvtUlsfw3z1BMgAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8pggjdttfA75Cd5TFd-dnC0fGQ76A_UsX8DdzC2eEknqnK5XOE1nubFg2jA-W_YIv1m_-oFl_n_UxJ2bBHkn4L3zwO4N-xRP-aT-eClIs8wJnIwhwGl0CVTRoXbTs2Kyppv_7eBayf_2Q6QeN0RVLsTglyTmR3mOV56bZYhq2BgMgAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-taEudtsWrCI Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8d6f1MRYNI7a3pXOS-Sj8_QRCiTnXuLSGg3xc-gfTOdHe2jnd334lGSqwTitX9UB2fnHy7DNhZpE3DnostJ1tiDWdcDWxpdDbHvh7ht_gXKwI1Od-J0B2Raxbt2Poqv13pYN7WBTy0_AM4suDlYStoyAA
			login.microsoftonline.com/	1970-01-20 21:38:38	Name: fpc Value: AiM1yQXEnQRPq8TaAZiqP9yUBzYUAQAAAI0v6N0OAAAA
			.login.microsoftonline.com/	1970-01-21 06:17:02	Name: brcap Value: 0
			.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 2c9dc4e7c48c4f5f83ed4abcec2c3c41
			.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1716926606&co=1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login-uk.mimecast.com/u/proxy/api/login/login Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
other	warning	URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://login.microsoftonline.com/97984c2b-a229-4609-8185-ae84947bc3fc/saml2?SAMLRequest=fZLLbsIwEEV%2FxfI%2BiRNewSKgFIQalbYIQhfdVCYZwFJspx6nj79vgCLRRZG8Go%2FnHN3xaPKlKvIBFqXRCQ19RgnowpRS7xO6yedeTCfjEQpV1Txt3EGv4L0BdKR9p5GfLhLaWM2NQIlcCwXIXcHX6eOCRz7jtTXOFKaiJJsl9G23Lfo9VkZDNggH3f4AtiLuDzsiZu3plIKSl4tNdLTJEBvINDqhXVtiUddjPS%2BK84hx1uFR55WS5S%2FiTuqz%2BC2f7bkJ%2BX2eL73l8zqnJEUE61ro1GhsFNg12A9ZwGa1SOjBuRp5EEDjiVr6SiooBDq%2FMCqozF7q4JgCPafET772Kp7bNuJCpuNbHEQTTDcPwzgNu71RcEW6LOepHZ3NlqaSxTeZG6uE%2B58c%2BuGpIktvd2rloISs0rK0gNjmUVXmc2pBOEiosw1QEozP2L%2FfYPwD&RelayState=https%3A%2F%2Feu-api.mimecast.com%2Flogin%2Fsaml&sso_reload=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
cdn.pendo.io
fonts.googleapis.com
fonts.gstatic.com
login-uk.mimecast.com
login.live.com
login.microsoftonline.com
static.srcspot.com
autologon.microsoftazuread-sso.com
195.130.217.178
2603:1026:3000:150::5
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::60
2a00:1450:4001:80f::200a
2a00:1450:4001:82f::2003
34.36.213.229
35.190.8.230
40.126.32.133
0b2f31ee1d9d29367a1436b535b93f3de36f0a66771ece5cb0481d8663cf1f4c
0b7f017e18a671ff557c7bc993b491afe60ea66a947ae1eb227f2f3822380368
0d0c4d1ef88a348b90af7142785945a390efcda640cd9bf013d5ce6577405153
3232a9b6a0b3dde17d9f0b9c6f75cbaf6f36c4150ee02f9e28f98b4fdb29f1e5
3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
534d3e23568bac4ef4df71a1535f12d940a95a085149edf427056dc993ec4272
5c6d05436aaa27e71febcc2ca6d48a0780cc6c124d22f8c43bd558742ee62e96
6adb1c5866450c45afc55de49c97da535c66578691c6f74886d3da58920e90ce
6fe19f0c972beb2f67cceaa67786f882fb6fca4cebc27c411e7236932eda340b
7363adbb18193c85ac24339ab57b08df1c8ef875186edbc85d1ce9184a05a20b
7a24726189ec811cbf06e22aaabffbb801ac7053ab29639db0be79d4f1806c1d
84fcec8f27490c42778b9faca56514a2bd83dca93a0c632dbfa99499e6828f6b
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
90c67b3d2e319e2adf6c856fd8b93f14a57e30669354c9ebed0f5176b79421ec
a1d33188074b02e6b9be49187407105b4205fedffae6444afce0850ce8196afb
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c04924e654a3f9c0ec0cb10d8fcb53ab81080e3ae9db2228bad0db4b24339614
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
db46ddd2c1e70fb8b30a9536334e862f09c40f01181a9e6595c5af7843b62c50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b779a8581aaad1da9c19b1a4402bdd5525167c6703d1be6edb698c9907f079
e899344aac5f9f2f3813ba15a09f75ce6575f0e5ce59a6c8b847410960ed9e81
f6dd06562d16c1ae9dbd19b0c954fcdbe70a06fdc8eb341d415cf6eb26591dca
fd0526ba6272bde1d0342710be0ecad69906cb29dd85c7e9deefda62a91ec01d
fed500e9589e8de53a997e1459519b9d0a137fade55c81aafdc6a65bb2483295