urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:d0::b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link-springer-com.thi.idm.oclc.org/
Effective URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjj...
Submission: On June 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 25 HTTP transactions. The main IP is 2603:1026:3000:d0::b, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 154.59.124.182 4373 (OCLC-AS)
3 3 194.94.240.135 680 (DFN Verei...)
3 2603:1026:300... 8075 (MICROSOFT...)
15 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 20.190.160.17 8075 (MICROSOFT...)
1 152.199.21.175 15133 (EDGECAST)
1 2603:1027:1:1... 8075 (MICROSOFT...)
2 20.50.73.11 8075 (MICROSOFT...)
25 7
3    154.59.124.182 (Amsterdam, Netherlands)

ASN4373 (OCLC-AS, US)
link-springer-com.thi.idm.oclc.org
login.thi.idm.oclc.org
3    194.94.240.135 (Ingolstadt, Germany)

ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
PTR: login.thi.de
login.thi.de
3    2603:1026:3000:d0::b (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
15    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.160.17 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    152.199.21.175 (Germany)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
1    2603:1027:1:158::a (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
2    20.50.73.11 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
15 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1015
388 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
28 KB
3 thi.de
login.thi.de
2 KB
3 oclc.org
link-springer-com.thi.idm.oclc.org
login.thi.idm.oclc.org
2 KB
2 microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 569
765 B
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1036
1 KB
1 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 4628
10 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 63
25 8
Domain Requested by
15 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
3 login.microsoftonline.com aadcdn.msauth.net
3 login.thi.de 3 redirects
2 eu-mobile.events.data.microsoft.com aadcdn.msauth.net
2 login.thi.idm.oclc.org
1 autologon.microsoftazuread-sso.com
1 aadcdn.msauthimages.net
1 login.live.com login.microsoftonline.com
1 link-springer-com.thi.idm.oclc.org 1 redirects
25 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.thi.idm.oclc.org
OCLC TLS Issuing RSA SubCA R1		 2024-05-13 -
2025-05-13		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-05-27 -
2025-05-27		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-04-30 -
2025-04-30		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-05-21		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-04 -
2025-05-30		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-05-21		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-30 -
2025-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Frame ID: C821355D84E413CFDD0E235E53E9A29D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aanmelden bij uw account

Page URL History Show full URLs

  1. http://link-springer-com.thi.idm.oclc.org/ HTTP 307
    https://link-springer-com.thi.idm.oclc.org/ HTTP 302
    https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f Page URL
  2. https://login.thi.de/idp/profile/SAML2/POST/SSO HTTP 302
    https://login.thi.de/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
    https://login.thi.de/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s1 HTTP 302
    https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIr... Page URL
  3. https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIr... Page URL

Page Statistics

25
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

430 kB
Transfer

1376 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link-springer-com.thi.idm.oclc.org/ HTTP 307
    https://link-springer-com.thi.idm.oclc.org/ HTTP 302
    https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f Page URL
  2. https://login.thi.de/idp/profile/SAML2/POST/SSO HTTP 302
    https://login.thi.de/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
    https://login.thi.de/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s1 HTTP 302
    https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1 Page URL
  3. https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://link-springer-com.thi.idm.oclc.org/ HTTP 307
  • https://link-springer-com.thi.idm.oclc.org/ HTTP 302
  • https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f
Request Chain 1
  • https://login.thi.de/idp/profile/SAML2/POST/SSO HTTP 302
  • https://login.thi.de/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
  • https://login.thi.de/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s1 HTTP 302
  • https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
login.thi.idm.oclc.org/
Redirect Chain
  • http://link-springer-com.thi.idm.oclc.org/
  • https://link-springer-com.thi.idm.oclc.org/
  • https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.124.182 Amsterdam, Netherlands, ASN4373 (OCLC-AS, US),
Reverse DNS
Software
EZproxy /
Resource Hash
8dd0339aff9ae5b1f156bb36cd6efb5d4723734d969d5b4ffbbba31219bc902f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
close
Content-Type
text/html
Date
Fri, 21 Jun 2024 10:50:30 GMT
Server
EZproxy

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
close
Date
Fri, 21 Jun 2024 10:50:30 GMT
Expires
Mon, 02 Aug 1999 00:00:00 GMT
Last-Modified
Fri, 21 Jun 2024 10:50:30 GMT
Location
https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f
Pragma
no-cache
Server
EZproxy
saml2
login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/
Redirect Chain
  • https://login.thi.de/idp/profile/SAML2/POST/SSO
  • https://login.thi.de/idp/profile/SAML2/POST/SSO?execution=e1s1
  • https://login.thi.de/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s1
  • https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8c...
20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
deb3d60b28973edea593393f735494ded0323a58ae1af336b4de9dad8cbbdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://login.thi.idm.oclc.org
Referer
https://login.thi.idm.oclc.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9325
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Jun 2024 10:50:31 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18348.7 - WEULR1 ProdSlices
x-ms-request-id
1e3a3d21-1b57-42aa-872b-ddea879b1500
x-ms-srs
1.P

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Jun 2024 10:50:32 GMT
Location
https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1
Pragma
no-cache
Server
nginx/1.22.1
Strict-Transport-Security
max-age=15768000
favicon.ico
login.thi.idm.oclc.org/ 		24 B
148 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.thi.idm.oclc.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.124.182 Amsterdam, Netherlands, ASN4373 (OCLC-AS, US),
Reverse DNS
Software
EZproxy /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.thi.idm.oclc.org/login?qurl=https://link.springer.com%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 10:50:30 GMT
Server
EZproxy
Connection
close
Content-Type
text/html
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:32 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49696
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 22:13:21 GMT
etag
0x8DC7C3EB8EDBF94
x-azure-ref
20240621T105032Z-1555d9c6ff6ngb67dpexz71bvs00000005p000000000kpyu
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
846c8422-201e-0058-37d0-c0debc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/ 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
551416b84fbf6d87ac38cc1eb310c4ccbb57838f13e51bbfe6e39554a5ad00df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14559
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Jun 2024 10:50:32 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18298.5 - NEULR1 ProdSlices
x-ms-request-id
bed5ac58-db16-4bda-a533-5be82ca28500
x-ms-srs
1.P
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
20390
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 00:58:09 GMT
etag
0x8DC754341030FA7
x-azure-ref
20240621T105033Z-1555d9c6ff6ngb67dpexz71bvs00000005p000000000kpz2
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ac8e5f3a-701e-0011-4fd1-c07ebe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		437 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff6c4857f6f1ae8d2c56a40cc68c6263b805aff89a08ec297fff38714d122544

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
121711
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 22:13:24 GMT
etag
0x8DC7C3EBAC26ED5
x-azure-ref
20240621T105033Z-1555d9c6ff6ngb67dpexz71bvs00000005p000000000kpz3
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
660e8f53-d01e-004f-42d0-c0bf90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-nl.min_jnok8uvffz_ekrpprktgdg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_jnok8uvffz_ekrpprktgdg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2834f9253f936ca196f17d820d2c8d5206eaffaa4f4ba367cc362ef9a5dc801

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
16843
x-ms-lease-status
unlocked
last-modified
Wed, 29 May 2024 00:49:49 GMT
etag
0x8DC7F793E5D7B61
x-azure-ref
20240621T105033Z-1555d9c6ff6ngb67dpexz71bvs00000005p000000000kpz4
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
883f2006-901e-0067-28db-c076b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:47 GMT
etag
0x8DB5D44A8CEE4F4
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mna4
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
53e75c79-a01e-0014-6621-bdf9b4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
54318
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:22:21 GMT
etag
0x8DC4F6D2782F92A
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnbb
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b93329d0-d01e-001b-45a4-bf70ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
5515
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:22:21 GMT
etag
0x8DC4F6D27C66D37
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnd1
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8a63a832-001e-001e-7408-bff7a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:47 GMT
etag
0x8DB5C3F48EC4154
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnd3
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7a665237-701e-0079-0e0a-bf648d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4904824B
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnd4
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
59012971-001e-0066-75a4-bf5db0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
etag
0x8D8731230C851A6
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnd2
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
970ac9ea-601e-0070-2a29-be179e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F47E260FD
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mndk
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
70aa5fd1-801e-007e-4b47-bfb583000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-iradff-jgezk0okjvr3tmd34irgbwmu-ca4atqv9asm/logintenantbranding/0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-iradff-jgezk0okjvr3tmd34irgbwmu-ca4atqv9asm/logintenantbranding/0/bannerlogo?ts=637225615798169634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
821af85cc68f33011d37367f7c288d7a53ba1d1e7449dd32633b9304a7f1c9d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
last-modified
Wed, 15 Apr 2020 15:33:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
jUCYHvgmVg+2CvFxRVbNTA==
etag
0x8D7E1524796BD6B
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
2da730e9-901e-006c-0dc8-c387e1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
9742
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:47 GMT
etag
0x8DB5C3F48EC4154
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnd3
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7a665237-701e-0079-0e0a-bf648d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:33 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4904824B
x-azure-ref
20240621T105033Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnd4
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
59012971-001e-0066-75a4-bf5db0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/28bcace8-4ce7-4949-868f-170f67122379/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/28bcace8-4ce7-4949-868f-170f67122379/winauth/ssoprobe?client-request-id=1154b989-025f-4e8c-911c-2fb0272309f9&_=1718967033824
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 10:50:33 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
d8059793-2780-4ee9-ab1d-115de4788200
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.18298.5 - NEULR1 ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
54cdc83af0e2555c23ccd593c9a6be9601aadb4a2583a3598faef6203b2a8c7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
hpgrequestid
bed5ac58-db16-4bda-a533-5be82ca28500
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
client-request-id
1154b989-025f-4e8c-911c-2fb0272309f9
canary
PAQABDgEAAAApTwJmzXqdR4BN2miheQMYwhXM4iwa4VhkfsU8xjGiUKgD6z-RVpIggjN4V3TXwoh5IV6AzE1innYkzNmzFEkPfJIKEUclW83caMgX5Befif8jEij5bHtcg2bpP5pQGnTyOG72LHh7qfdb2S6-rOd0tQ9W4zrLYAvNs0WFGhMYOHwH1qfL-ntGPXcgICgj_po_1_pih9vaKJNeShtzYQrmmDeC2a1SmojSAjCKi2aqBCAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
hpgact
1900
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 21 Jun 2024 10:50:33 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
1154b989-025f-4e8c-911c-2fb0272309f9
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
x-ms-srs
1.P
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
1e3a3d21-1b57-42aa-872b-ddead29b1500
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18348.7 - WEULR1 ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:34 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
35807
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:22:22 GMT
etag
0x8DC4F6D2855897D
x-azure-ref
20240621T105034Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnek
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8073e87c-101e-0053-26fa-bdfbab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 10:50:34 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F49ED96E0
x-azure-ref
20240621T105034Z-r1695cb74697b8j4gwx81ytckn00000006b000000000mnen
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
140686e8-e01e-0000-2b50-bfe59e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		153 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.73.11 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
468b2f9b5a190854bd7426dd1d9c1bd77aba63d32c8dbd5a67edae2731e29693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
upload-time
1718967036003
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://login.microsoftonline.com/
apikey
b0c252808e614e949086e019ae1cb300-e0c02060-e3b3-4965-bd7c-415e1a7a9fde-6951
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jun 2024 10:50:36 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
364
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://login.microsoftonline.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.73.11 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://login.microsoftonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://login.microsoftonline.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Fri, 21 Jun 2024 10:50:35 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8

21 Cookies

Domain/Path Name / Value
login.thi.de/ Name: __Host-JSESSIONID
Value: BD13536AAB14F7ADF9233BE21FD36B2C
.login.microsoftonline.com/ Name: esctx-K9KtBHYPN58
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYz6TAW8QXk4mquSyd_nn4pZ1lgIw5arzEBsgoTg968BhubcnJ4yzJgHldXWcT5UcfJdVe1fDYcjqS8-EcWNdKigq6p2jybV5WFRxmgNf3Xwqu-EwSh9x6EAl7hVgiyi9wHSS5cNdQEy5OF0Y9llPk6CAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AV4A6Ky8KOdMSUmGjxcPZxIjeWq-mKbOpJZIpQPWjNoMqk0RAQA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYmakbnsSWFHSacKIkPnxv-RojUvtidCzNEMRogJP78askXCiUz37iFTkfHYp_N-iNsDGqdPfBzoLGYYQeq1gPAcBAk_VENtCOfzgCzbRPCnsgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYlMzIPGMSKyiDCCEI4yTdtnb0o6Y_bVGuZqhtobLIY46NdJgeGlAUIA1NV23FKLV-RGbQi_L3xm0amOdINn7_WBqElkjCh9PTAdPrJg-pTJ-pTNqwNlOx_GbPPquYyIbITef2v4r7IY-fO5bR8kHwJC9gIT-KZeQiHoLrnPVo1YkgAA
.login.microsoftonline.com/ Name: esctx-Eg7JiWoooE8
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYl_iPJSDVnbw8rlzTDguiD356rL3d1T5TyF5NvD2k9Zaa8DGH_rT_e4m0olUtoyvmiAurhkuPHjMJnuAWsk6BlJG0pyafMd9O1Z-9BVu69GTNtcXb5R0zwwEX7Unl-NTZDruy6d84f2Unf-kOg4YqwSAA
login.microsoftonline.com/ Name: fpc
Value: Ao67-pprg7pMkwfe35LB77bvQPllAQAAAPhRB94OAAAA
.login.live.com/ Name: uaid
Value: 99b8dff3f03445e4b38fad6dcf3c248e
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1718967033&co=1
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: dd6a757f-34f8-418c-b923-a387bd416160
.login.microsoftonline.com/ Name: brcap
Value: 0
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AnDvzjyesUdJi_rCrytyXfk
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: ai_session
Value: LSwuUGilg/TdV+vTAq34lY|1718967034001|1718967034001
.microsoft.com/ Name: MC1
Value: GUID=5e07cdcf2a9442f19cc2cb99174a3c2c&HASH=5e07&LV=202406&V=4&LU=1718967036367
.microsoft.com/ Name: MS0
Value: 2cf5a0a4c5374215825d4910be36565e
login.microsoftonline.com/ Name: MSFPC
Value: GUID=5e07cdcf2a9442f19cc2cb99174a3c2c&HASH=5e07&LV=202406&V=4&LU=1718967036367

3 Console Messages

Source Level URL
Text
network error URL: https://login.thi.idm.oclc.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not found)
network error URL: https://autologon.microsoftazuread-sso.com/28bcace8-4ce7-4949-868f-170f67122379/winauth/ssoprobe?client-request-id=1154b989-025f-4e8c-911c-2fb0272309f9&_=1718967033824
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation verbose URL: https://login.microsoftonline.com/28bcace8-4ce7-4949-868f-170f67122379/saml2?SAMLRequest=fVJfb5swEP8qyO9gY0JIrJAqa1QtUrdGJd3DXiZjjmDJ2Mw23fbtR0iCUm3Ko893v393q4ffrQrewTppdI7iiKAAtDCV1MccvR2ewgV6WK8cbxXt2Kb3jX6Fnz04HwyD2rHzT456q5nhTjqmeQuOecGKzZdnRiPCOmu8EUahYOMcWD9QPRrt%2BhZsAfZdCnh7fc5R433nGMbKHKWOfCOjCrCsOjzM11IBHunxCZbi%2FUtxwEXxgoLtIEZq7kcDHzFaKaxxpvZGK6khEqbFdFEKLmARzgRk4Ww5W4aL%2BaIO44zU8yymNMmWeHSFgt02Rz%2BEgDpJoFyWJJulVJRVykmV1QnhaclpNbQ518NOO8%2B1zxEldBaSeUjjQ0xYSlgSR8sk%2FY6C%2FSWHT1Kf870XWnlucuzz4bAPT3ZR8O26p6EBXbbCRnZ7u477wPy6A7S%2BpjWEHN8G7hpZlkaBb1b4lmQ6hK8D6m67N0qKP8FGKfPr0QL3kCNve0DBk7Et9%2Fd1nCqyCuuxlXUna86D9ghPNIUw3ZDB9L6cHtjddtJ%2Bki2rNjJCicjY47%2FiP85NxQkc%2F%2Be6138B&RelayState=e1s1&sso_reload=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
eu-mobile.events.data.microsoft.com
link-springer-com.thi.idm.oclc.org
login.live.com
login.microsoftonline.com
login.thi.de
login.thi.idm.oclc.org
152.199.21.175
154.59.124.182
194.94.240.135
20.190.160.17
20.50.73.11
2603:1026:3000:d0::b
2603:1027:1:158::a
2620:1ec:bdf::45
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78
468b2f9b5a190854bd7426dd1d9c1bd77aba63d32c8dbd5a67edae2731e29693
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
54cdc83af0e2555c23ccd593c9a6be9601aadb4a2583a3598faef6203b2a8c7c
551416b84fbf6d87ac38cc1eb310c4ccbb57838f13e51bbfe6e39554a5ad00df
821af85cc68f33011d37367f7c288d7a53ba1d1e7449dd32633b9304a7f1c9d9
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8dd0339aff9ae5b1f156bb36cd6efb5d4723734d969d5b4ffbbba31219bc902f
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c2834f9253f936ca196f17d820d2c8d5206eaffaa4f4ba367cc362ef9a5dc801
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
deb3d60b28973edea593393f735494ded0323a58ae1af336b4de9dad8cbbdeef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff6c4857f6f1ae8d2c56a40cc68c6263b805aff89a08ec297fff38714d122544