urlscan.io logo urlscan.io
SecurityTrails logo

vestasb2c.b2clogin.com Open in urlscan Pro
20.190.160.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.pstmrk.it/2sm/vestasonline.vestas.com%2Fserviceschedule/ilD20iEN/ym1K/_5ZjVvyChL/U2VydmljZVNjaGVkdWxl
Effective URL: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_ty...
Submission: On May 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 20.190.160.67, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is vestasb2c.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2021. Valid for: a year.
This is the only time vestasb2c.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.209.142.237 16509 (AMAZON-02)
15 2620:1ec:46::45 8068 (MICROSOFT...)
1 5 20.190.160.67 8075 (MICROSOFT...)
5 20.60.130.228 8075 (MICROSOFT...)
25 4
Domain Requested by
15 vestasonline.vestas.com vestasonline.vestas.com
5 vestasb2cvostorage.blob.core.windows.net vestasb2c.b2clogin.com
5 vestasb2c.b2clogin.com 1 redirects vestasonline.vestas.com
vestasb2c.b2clogin.com
1 click.pstmrk.it 1 redirects
0 dc.services.visualstudio.com Failed vestasonline.vestas.com
25 5

This site contains links to these domains. Also see Links.

Domain
vestasonline.vestas.com
Subject Issuer Validity Valid
vestasonline.vestas.com
DigiCert Global CA G2		 2019-08-20 -
2021-08-19		 2 years crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2021-02-24 -
2022-02-23		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2021-03-05 -
2022-03-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Frame ID: 0ECD4009F4E0FF5271A7DE663B00E4A3
Requests: 24 HTTP requests in this frame

Frame: https://vestasonline.vestas.com/silent-refresh.html
Frame ID: 7D0E6963742D6ADBAE802B95836AC19C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.pstmrk.it/2sm/vestasonline.vestas.com%2Fserviceschedule/ilD20iEN/ym1K/_5ZjVvyChL/U2Vyd... HTTP 302
    https://vestasonline.vestas.com/serviceschedule Page URL
  2. https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

96 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

2678 kB
Transfer

2879 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.pstmrk.it/2sm/vestasonline.vestas.com%2Fserviceschedule/ilD20iEN/ym1K/_5ZjVvyChL/U2VydmljZVNjaGVkdWxl HTTP 302
    https://vestasonline.vestas.com/serviceschedule Page URL
  2. https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.pstmrk.it/2sm/vestasonline.vestas.com%2Fserviceschedule/ilD20iEN/ym1K/_5ZjVvyChL/U2VydmljZVNjaGVkdWxl HTTP 302
  • https://vestasonline.vestas.com/serviceschedule
Request Chain 16
  • https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=7gpjHlxtNlOuvU4hCBGimimzFZRGgPTyRbwDMbxWePNN3&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Fsilent-refresh.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=7gpjHlxtNlOuvU4hCBGimimzFZRGgPTyRbwDMbxWePNN3&prompt=none HTTP 302
  • https://vestasonline.vestas.com/silent-refresh.html

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
serviceschedule
vestasonline.vestas.com/
Redirect Chain
  • https://click.pstmrk.it/2sm/vestasonline.vestas.com%2Fserviceschedule/ilD20iEN/ym1K/_5ZjVvyChL/U2VydmljZVNjaGVkdWxl
  • https://vestasonline.vestas.com/serviceschedule
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb24e0f4ee8ba475a674e47144126c45f5b936d89858bb399decfb431b69129d
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
vestasonline.vestas.com
:scheme
https
:path
/serviceschedule
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-type
text/html
content-encoding
gzip
expires
Fri, 07 May 2021 20:34:08 GMT
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
etag
W/"6076a3d7-5ff"
referrer-policy
same-origin
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
expect-ct
max-age=3600, enforce
content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-azure-ref
0QaSVYAAAAACG0tfdqSBeTbiM0qAcAQAJRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
date
Fri, 07 May 2021 20:34:09 GMT

Redirect headers

server
awselb/2.0
date
Fri, 07 May 2021 20:34:09 GMT
content-type
application/octet-stream
content-length
0
location
https://vestasonline.vestas.com/serviceschedule
VestasSans-Medium.woff
vestasonline.vestas.com/assets/fonts/ 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/assets/fonts/VestasSans-Medium.woff
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8e6179245f846c5cdd76ee4e742e4b60b4eedde774ed6fffb8b204d022d449c
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/fonts/VestasSans-Medium.woff
pragma
no-cache
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
58792
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAAAMR3o8M05nRJEWNGOyaggpRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
font/woff
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-e5a8"
accept-ranges
bytes
VestasSans-Book.woff
vestasonline.vestas.com/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/assets/fonts/VestasSans-Book.woff
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6220e9c155e9075c5576b0de602e81372be26f3d26ba0ad73e97a8dd63a0a245
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/fonts/VestasSans-Book.woff
pragma
no-cache
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
57432
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAAABpl/lJGlmTJyIekG+tDCbRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
font/woff
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-e058"
accept-ranges
bytes
VestasSans-Semibold.woff
vestasonline.vestas.com/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/assets/fonts/VestasSans-Semibold.woff
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
254701ca13d2b00b8562d849e44e20f6d2b321f4f87ea73e8e75e7fc88d2a79e
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/fonts/VestasSans-Semibold.woff
pragma
no-cache
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
57400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAAChgEm6+OkXSKjPc/Xi9lkBRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
font/woff
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-e038"
accept-ranges
bytes
styles.52401b060a8e1a0c1a33.css
vestasonline.vestas.com/ 		391 KB
391 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3713c5e047275e971368ea44c72bc21e527fc8b55da2a64c7cf5870aa95586a6
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/styles.52401b060a8e1a0c1a33.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
400182
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAABOTVgNMttEQqx2FyLhywBaRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
text/css
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-61b36"
accept-ranges
bytes
runtime-es2015.a318743ed4f74814dae2.js
vestasonline.vestas.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/runtime-es2015.a318743ed4f74814dae2.js
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f458b8cc553fe2c3e959701a2f8cf22e830cf02b8b4400c2a59ba6eb8d4ae82b
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/runtime-es2015.a318743ed4f74814dae2.js
pragma
no-cache
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
4147
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAACew0e9RwUdTKdPUGhlXMG1RlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-1033"
accept-ranges
bytes
polyfills-es2015.073714bbfcf7e2f0442f.js
vestasonline.vestas.com/ 		111 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/polyfills-es2015.073714bbfcf7e2f0442f.js
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
151a993efdab89dc3a5b94e9671b8febefbcf5a3fb5bfa59292a10681d27410a
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/polyfills-es2015.073714bbfcf7e2f0442f.js
pragma
no-cache
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
113194
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAABAk3Zk8E9/TKfQUiB538HdRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-1ba2a"
accept-ranges
bytes
scripts.a04d4b35e3525056df77.js
vestasonline.vestas.com/ 		209 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/scripts.a04d4b35e3525056df77.js
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d595b9c250b0865a80a2ad159c87ee0357219b738ce216cbea49e46a6c9198bd
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts.a04d4b35e3525056df77.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
214424
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAAA6Z30U8KElT6V1oHm5qc58RlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-34598"
accept-ranges
bytes
main-es2015.8720436e2742947d1c27.js
vestasonline.vestas.com/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/serviceschedule
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4d8d1352de5d99a4b25552bbd1110cc3acff19b67c9c7e19b5ec146630a7ab62
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/main-es2015.8720436e2742947d1c27.js
pragma
no-cache
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1298987
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAACEsdUpaBblR7hyPc0h0Z+CRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-13d22b"
accept-ranges
bytes
app-config.json
vestasonline.vestas.com/assets/config/ 		1 KB
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/assets/config/app-config.json
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/polyfills-es2015.073714bbfcf7e2f0442f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3becbd664dbd08e7e87e8f20c27b9e869892787d073664dc4243cbed69c50622
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/config/app-config.json
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
content-encoding
gzip
x-content-type-options
nosniff
x-azure-ref
0QaSVYAAAAACPr2c/bY1ETaOvCTuKw/pBRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:20 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
W/"6076a3e4-428"
expires
Fri, 07 May 2021 20:34:08 GMT
feature-flags.prod.json
vestasonline.vestas.com/assets/features/ 		203 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/assets/features/feature-flags.prod.json
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/polyfills-es2015.073714bbfcf7e2f0442f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d14d69324680d1c60b8c31d4bbcb61ddecf0ff318ef653a0c6118b02babc6ce8
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
ai_user=STOyBSG0X7+Nv2JuwKen38|2021-05-07T20:34:09.939Z
request-id
|16e51e4a37544226bb5eef8c40f5a71e.ed324b7242f642b9
:path
/assets/features/feature-flags.prod.json
pragma
no-cache
traceparent
00-16e51e4a37544226bb5eef8c40f5a71e-ed324b7242f642b9-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://vestasonline.vestas.com/serviceschedule
traceparent
00-16e51e4a37544226bb5eef8c40f5a71e-ed324b7242f642b9-01
Request-Id
|16e51e4a37544226bb5eef8c40f5a71e.ed324b7242f642b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
x-azure-ref
0QaSVYAAAAAA9PYDPqDQCTKeHAVmRZ0Q9RlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-length
203
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-cb"
accept-ranges
bytes
expires
Fri, 07 May 2021 20:34:08 GMT
openid-configuration
vestasb2c.b2clogin.com/VestasB2C.onmicrosoft.com/v2.0/.well-known/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vestasb2c.b2clogin.com/VestasB2C.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1A_Vestas_VO_APP_signup_signin
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/polyfills-es2015.073714bbfcf7e2f0442f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d29f177af98d99de2335d02b2541619465df4bf1c16cb333cddbf166d83c5ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Date
Fri, 07 May 2021 20:34:09 GMT
Allow
OPTIONS,TRACE,GET,HEAD,POST
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vestasonline.vestas.com
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
private
x-ms-gateway-requestid
cb5dcb56-959c-40e3-855e-6d11512dbe69
Content-Length
1475
X-XSS-Protection
1; mode=block
67-es2015.177ef308b9e231c1f83c.js
vestasonline.vestas.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/67-es2015.177ef308b9e231c1f83c.js
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/runtime-es2015.a318743ed4f74814dae2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da60aeba6d3fc3bf2d64aeacaa979a64ad592caf139cd2e60c8865aff4e30f08
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/67-es2015.177ef308b9e231c1f83c.js
pragma
no-cache
cookie
ai_user=STOyBSG0X7+Nv2JuwKen38|2021-05-07T20:34:09.939Z; ai_session=OKrL0L5Hl6MFpFA9Mgbpw9|1620419649975|1620419649975
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/serviceschedule
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vestasonline.vestas.com/serviceschedule
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
2607
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAAD0b58DEmrRTLzCta0AkRXIRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-a2f"
accept-ranges
bytes
logo-white.svg
vestasonline.vestas.com/assets/images/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vestasonline.vestas.com/assets/images/logo-white.svg
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffecb8f4e55ace94943558bc4748a02eae2cf5d8bad6f689f9150438b942b190
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/images/logo-white.svg
pragma
no-cache
cookie
ai_user=STOyBSG0X7+Nv2JuwKen38|2021-05-07T20:34:09.939Z; ai_session=OKrL0L5Hl6MFpFA9Mgbpw9|1620419649975|1620419649975
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
64398
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAAChC23ej91BRLIZQljwPH/oRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
image/svg+xml
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-fb8e"
accept-ranges
bytes
vestas.ttf
vestasonline.vestas.com/assets/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/assets/fonts/vestas.ttf?n1ky8o
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
beb63dfe5b1a5fca30e426b4869b7062329f5fc7f9b8c00bb556df3775640d4c
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://vestasonline.vestas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
ai_user=STOyBSG0X7+Nv2JuwKen38|2021-05-07T20:34:09.939Z; ai_session=OKrL0L5Hl6MFpFA9Mgbpw9|1620419649975|1620419649975
:path
/assets/fonts/vestas.ttf?n1ky8o
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
vestasonline.vestas.com
referer
https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://vestasonline.vestas.com
Referer
https://vestasonline.vestas.com/styles.52401b060a8e1a0c1a33.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
33252
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
x-frame-options
SAMEORIGIN
date
Fri, 07 May 2021 20:34:09 GMT
expect-ct
max-age=3600, enforce
x-azure-ref
0QaSVYAAAAACag/iY1nEbQ7DX65qBLakFRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
content-type
text/plain
cache-control
max-age=86400
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
etag
"6076a3d7-81e4"
accept-ranges
bytes
keys
vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/discovery/v2.0/ 		465 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1a_vestas_vo_app_signup_signin
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/polyfills-es2015.073714bbfcf7e2f0442f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc2240bc40df038fe31623b88746feb2359492780b2026c2a334518311900652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Date
Fri, 07 May 2021 20:34:10 GMT
Allow
OPTIONS,TRACE,GET,HEAD,POST
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vestasonline.vestas.com
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
private
x-ms-gateway-requestid
d9fa0a4c-df39-4146-a04b-3b737ea14415
Content-Length
465
X-XSS-Protection
1; mode=block
silent-refresh.html
vestasonline.vestas.com/ Frame 7D0E
Redirect Chain
  • https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&sta...
  • https://vestasonline.vestas.com/silent-refresh.html
153 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vestasonline.vestas.com/silent-refresh.html
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bda44373b6c33278794228de382579f054300f3fdd4fe65b9f2a0c033ecd303a
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
vestasonline.vestas.com
:scheme
https
:path
/silent-refresh.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ai_user=STOyBSG0X7+Nv2JuwKen38|2021-05-07T20:34:09.939Z; ai_session=OKrL0L5Hl6MFpFA9Mgbpw9|1620419649975|1620419649975
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=86400
content-length
153
content-type
text/html
last-modified
Wed, 14 Apr 2021 08:12:07 GMT
accept-ranges
bytes
etag
"6076a3d7-99"
referrer-policy
same-origin
permissions-policy
geolocation=(self "https://vestasonline.vestas.com"), microphone=(), camera=(), payment=(),usb=()
expect-ct
max-age=3600, enforce
content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-azure-ref
0QqSVYAAAAACUNDjAy1VpSL7LnbJttCDLRlJBRURHRTEwMTEAMWM1NWU3N2UtOGJlZC00ZmZkLTk1MjEtNDI4YTRlZDUyMmY4
date
Fri, 07 May 2021 20:34:10 GMT

Redirect headers

Cache-Control
private
Allow
OPTIONS,TRACE,GET,HEAD,POST
Content-Type
text/html; charset=utf-8
Location
https://vestasonline.vestas.com/silent-refresh.html#error=interaction_required&error_description=AADB2C90077%3a+User+does+not+have+an+existing+session+and+request+prompt+parameter+has+a+value+of+%27None%27.%0d%0aCorrelation+ID%3a+162a9f6d-f9c9-484d-9e32-e77a278648d3%0d%0aTimestamp%3a+2021-05-07+20%3a34%3a10Z%0d%0a&state=7gpjHlxtNlOuvU4hCBGimimzFZRGgPTyRbwDMbxWePNN3
x-ms-gateway-requestid
3b867ec5-358a-4698-b0cd-57249ad1c471
Set-Cookie
x-ms-cpim-trans=; domain=vestasb2c.b2clogin.com; expires=Sat, 07-May-2011 20:34:10 GMT; path=/; SameSite=None; secure; HttpOnly
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Date
Fri, 07 May 2021 20:34:10 GMT
Content-Length
492
track
dc.services.visualstudio.com/v2/ 		0
0
Primary Request Cookie set authorize
vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/ 		321 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Requested by
Host: vestasonline.vestas.com
URL: https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3576cc4d4adea12071f03ff8ac2d7a22bcd5beaa55f8b512a6710408a233516d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
vestasb2c.b2clogin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS,TRACE,GET,HEAD,POST
Content-Length
110560
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
x-ms-gateway-requestid
203ece6f-21fb-42fd-b351-145356b12ee0
X-UA-Compatible
IE=edge
X-Request-ID
03ce10ce-3b0d-49bc-ade3-e9d749b5a15b
X-Build
1.0.2067.0
Set-Cookie
x-ms-cpim-csrf=cTZoZ201NFU2MVdyZXBzN3lEVzZRZnBzQXY5LzEyeU1RTkYrWnFyUFN0YnpnS3Z1RFRndXhkWTZKK1FLZk9MT3JLQS8zNlQzand1M3BQZ0xzU2gzV0E9PTsyMDIxLTA1LTA3VDIwOjM0OjExLjA5MTA1NDZaO05XNEZyZjNINjcyVFdkaXBLRnhoWWc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=vestasb2c.b2clogin.com; path=/; SameSite=None; secure; HttpOnly x-ms-cpim-cache|zhdoaw07vemt4-nxsbwhww_0=m1.BVEoO5Rtkh/gMYeR.pPJpRElbPKZ3tDMTmowULw==.0.0x5ih7pKhkafpn0uJ3D3h5sygmQqx/Ay8Hog3Ky1cTVwQrvZ9UHse0CtUhAL6ZoFqRWuIj3f1SbV7ZNs5QFAD8IinaOeHb+nxOTWxyj97aN7QkdJsQ3ogZ84KuZPzbPWIf9NKPnbffpI+lq1NuTV+quyhjeRdkaUKD1ZYIatUQ/Jwh6aReWnpjVcert209eykd9ia76Nm+aA9jYGZucLpKWnE6gz8smECV4S3zudOrf6DLwZNtHBbxTSM3MAj/Okup/mkRwu5msJHjEenslxDEq1lD2IT3yrc2slzOjo5QjBLWBLiPn5Xd6xZ+7AqzBNF++3S62K2N7zZ4F1cP+IeFdyvfD0+cpiLUTSeT/HBCoWF0uVANdRroP+S2h9lIST/bcpn1/EHR0lXnlwS/d0zNDlHON3sS11ez3bNdyAoNlcdpukS61FARKh45bQtXqQlTs4JuN+o692tsSul6vTwXN6f73CsbBYLgm4yumZlJvJStPwiB4tJGoI5T+PcVxd6RjaYj3NzC/AVvduPta0mwEFb7cnqP+gEmtlONNutCufDfKIp8g3JPN7hUle1FGo90fWVFy5a99pXGj3WHdJrxuKruUxN/m3cM+Yesz3HtI9V0isb6QGcqPRsiBGL6IZCYGmSinu6GjqJE02QbdhmdM9f9efSeGIU13P21n46abZip3zw+HG3TrZcTqMtJqUTA==; domain=vestasb2c.b2clogin.com; path=/; SameSite=None; secure; HttpOnly x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjAzY2UxMGNlLTNiMGQtNDliYy1hZGUzLWU5ZDc0OWI1YTE1YiIsIlQiOiJ2ZXN0YXNiMmMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV92ZXN0YXNfdm9fYXBwX3NpZ251cF9zaWduaW4iLCJDIjoiYjZhZjVlNzktYzJlNy00MmUxLThmMTYtNmJhMjIyYzIwNGQxIiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6IjAzY2UxMGNlLTNiMGQtNDliYy1hZGUzLWU5ZDc0OWI1YTE1YiJ9; domain=vestasb2c.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Date
Fri, 07 May 2021 20:34:10 GMT
jquery-bundle-1.10.2.min.js
vestasb2c.b2clogin.com/static/bundles/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vestasb2c.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3
Requested by
Host: vestasb2c.b2clogin.com
URL: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vestasb2c.b2clogin.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Cookie
x-ms-cpim-csrf=cTZoZ201NFU2MVdyZXBzN3lEVzZRZnBzQXY5LzEyeU1RTkYrWnFyUFN0YnpnS3Z1RFRndXhkWTZKK1FLZk9MT3JLQS8zNlQzand1M3BQZ0xzU2gzV0E9PTsyMDIxLTA1LTA3VDIwOjM0OjExLjA5MTA1NDZaO05XNEZyZjNINjcyVFdkaXBLRnhoWWc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|zhdoaw07vemt4-nxsbwhww_0=m1.BVEoO5Rtkh/gMYeR.pPJpRElbPKZ3tDMTmowULw==.0.0x5ih7pKhkafpn0uJ3D3h5sygmQqx/Ay8Hog3Ky1cTVwQrvZ9UHse0CtUhAL6ZoFqRWuIj3f1SbV7ZNs5QFAD8IinaOeHb+nxOTWxyj97aN7QkdJsQ3ogZ84KuZPzbPWIf9NKPnbffpI+lq1NuTV+quyhjeRdkaUKD1ZYIatUQ/Jwh6aReWnpjVcert209eykd9ia76Nm+aA9jYGZucLpKWnE6gz8smECV4S3zudOrf6DLwZNtHBbxTSM3MAj/Okup/mkRwu5msJHjEenslxDEq1lD2IT3yrc2slzOjo5QjBLWBLiPn5Xd6xZ+7AqzBNF++3S62K2N7zZ4F1cP+IeFdyvfD0+cpiLUTSeT/HBCoWF0uVANdRroP+S2h9lIST/bcpn1/EHR0lXnlwS/d0zNDlHON3sS11ez3bNdyAoNlcdpukS61FARKh45bQtXqQlTs4JuN+o692tsSul6vTwXN6f73CsbBYLgm4yumZlJvJStPwiB4tJGoI5T+PcVxd6RjaYj3NzC/AVvduPta0mwEFb7cnqP+gEmtlONNutCufDfKIp8g3JPN7hUle1FGo90fWVFy5a99pXGj3WHdJrxuKruUxN/m3cM+Yesz3HtI9V0isb6QGcqPRsiBGL6IZCYGmSinu6GjqJE02QbdhmdM9f9efSeGIU13P21n46abZip3zw+HG3TrZcTqMtJqUTA==; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjAzY2UxMGNlLTNiMGQtNDliYy1hZGUzLWU5ZDc0OWI1YTE1YiIsIlQiOiJ2ZXN0YXNiMmMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV92ZXN0YXNfdm9fYXBwX3NpZ251cF9zaWduaW4iLCJDIjoiYjZhZjVlNzktYzJlNy00MmUxLThmMTYtNmJhMjIyYzIwNGQxIiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6IjAzY2UxMGNlLTNiMGQtNDliYy1hZGUzLWU5ZDc0OWI1YTE1YiJ9
Connection
keep-alive
Referer
https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Apr 2021 05:06:12 GMT
ETag
"0ba845fb53cd71:0"
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Date
Fri, 07 May 2021 20:34:10 GMT
Accept-Ranges
bytes
Content-Length
101973
X-XSS-Protection
1; mode=block
signin.cshtml
vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/ 		28 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/signin.cshtml
Requested by
Host: vestasb2c.b2clogin.com
URL: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.130.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a54b31ee63a2f33ae177f04fbf89de1cce8105c082c956350ca3aed78c9fd028

Request headers

Referer
https://vestasb2c.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 May 2021 20:34:11 GMT
Last-Modified
Mon, 16 Nov 2020 11:49:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
EIzio3FxIyVU15629DzO2A==
ETag
0x8D88A25A0EA4719
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://vestasb2c.b2clogin.com
x-ms-request-id
f32ff50e-f01e-008e-4a80-438437000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
28568
bannerlogo.png
vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/images/bannerlogo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.130.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
287069eeb1507ef9c7f33fbeee6345fa4b237cf56bc423c9b5c02be7f5550478

Request headers

Referer
https://vestasb2c.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 May 2021 20:34:10 GMT
Last-Modified
Mon, 16 Nov 2020 10:46:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8HdsaCbtKHPWs4EDK7pbSA==
ETag
0x8D88A1CEAE82F0B
Vary
Origin
Content-Type
image/png
x-ms-request-id
f010eb17-901e-0098-1180-4372e0000000
x-ms-version
2009-09-19
Content-Length
5741
VestasSans-Semibold.woff
vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/fonts/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/fonts/VestasSans-Semibold.woff
Requested by
Host: vestasb2c.b2clogin.com
URL: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.130.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
254701ca13d2b00b8562d849e44e20f6d2b321f4f87ea73e8e75e7fc88d2a79e

Request headers

Origin
https://vestasb2c.b2clogin.com
Referer
https://vestasb2c.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 May 2021 20:34:11 GMT
Last-Modified
Mon, 16 Nov 2020 10:46:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
3X11dJQHSP6VnDZXH1/LTw==
ETag
0x8D88A1CE1278BA6
Vary
Origin
Content-Type
font/woff
Access-Control-Allow-Origin
https://vestasb2c.b2clogin.com
x-ms-request-id
f32ff524-f01e-008e-5c80-438437000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
57400
VestasSans-Book.woff
vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/fonts/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/fonts/VestasSans-Book.woff
Requested by
Host: vestasb2c.b2clogin.com
URL: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.130.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6220e9c155e9075c5576b0de602e81372be26f3d26ba0ad73e97a8dd63a0a245

Request headers

Origin
https://vestasb2c.b2clogin.com
Referer
https://vestasb2c.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 May 2021 20:34:11 GMT
Last-Modified
Mon, 16 Nov 2020 10:46:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
MYeSu93zf3g7NR8GjhTHmw==
ETag
0x8D88A1CE125B696
Vary
Origin
Content-Type
font/woff
Access-Control-Allow-Origin
https://vestasb2c.b2clogin.com
x-ms-request-id
f32ff535-f01e-008e-6a80-438437000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
57432
VestasSans-Medium.woff
vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/fonts/ 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vestasb2cvostorage.blob.core.windows.net/vestasb2cvocontainer/fonts/VestasSans-Medium.woff
Requested by
Host: vestasb2c.b2clogin.com
URL: https://vestasb2c.b2clogin.com/vestasb2c.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_vestas_vo_app_signup_signin&response_type=id_token%20token&client_id=b6af5e79-c2e7-42e1-8f16-6ba222c204d1&state=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk&redirect_uri=https%3A%2F%2Fvestasonline.vestas.com%2Findex.html&scope=openid%20https%3A%2F%2FVestasB2C.onmicrosoft.com%2Fvestasonlinefrontendprod%2Fuser_impersonation&nonce=jv32eRkwUu7iWC4_I4MEt98EmH5GEatuK0uUziCsOyyIk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.130.228 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b8e6179245f846c5cdd76ee4e742e4b60b4eedde774ed6fffb8b204d022d449c

Request headers

Origin
https://vestasb2c.b2clogin.com
Referer
https://vestasb2c.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 May 2021 20:34:10 GMT
Last-Modified
Mon, 16 Nov 2020 10:46:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
0GpjxjSjwtaL837PR8e2oQ==
ETag
0x8D88A1CE125B696
Vary
Origin
Content-Type
font/woff
Access-Control-Allow-Origin
https://vestasb2c.b2clogin.com
x-ms-request-id
1079dc66-d01e-0020-6a80-432926000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
58792

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dc.services.visualstudio.com
URL
https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer function| sanitizeHtml object| $cors boolean| pageReady object| $i2e object| $element object| Handlebars boolean| contentReady boolean| bodyReady

3 Cookies

Domain/Path Name / Value
.vestasb2c.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjAzY2UxMGNlLTNiMGQtNDliYy1hZGUzLWU5ZDc0OWI1YTE1YiIsIlQiOiJ2ZXN0YXNiMmMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV92ZXN0YXNfdm9fYXBwX3NpZ251cF9zaWduaW4iLCJDIjoiYjZhZjVlNzktYzJlNy00MmUxLThmMTYtNmJhMjIyYzIwNGQxIiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6IjAzY2UxMGNlLTNiMGQtNDliYy1hZGUzLWU5ZDc0OWI1YTE1YiJ9
.vestasb2c.b2clogin.com/ Name: x-ms-cpim-cache|zhdoaw07vemt4-nxsbwhww_0
Value: m1.BVEoO5Rtkh/gMYeR.pPJpRElbPKZ3tDMTmowULw==.0.0x5ih7pKhkafpn0uJ3D3h5sygmQqx/Ay8Hog3Ky1cTVwQrvZ9UHse0CtUhAL6ZoFqRWuIj3f1SbV7ZNs5QFAD8IinaOeHb+nxOTWxyj97aN7QkdJsQ3ogZ84KuZPzbPWIf9NKPnbffpI+lq1NuTV+quyhjeRdkaUKD1ZYIatUQ/Jwh6aReWnpjVcert209eykd9ia76Nm+aA9jYGZucLpKWnE6gz8smECV4S3zudOrf6DLwZNtHBbxTSM3MAj/Okup/mkRwu5msJHjEenslxDEq1lD2IT3yrc2slzOjo5QjBLWBLiPn5Xd6xZ+7AqzBNF++3S62K2N7zZ4F1cP+IeFdyvfD0+cpiLUTSeT/HBCoWF0uVANdRroP+S2h9lIST/bcpn1/EHR0lXnlwS/d0zNDlHON3sS11ez3bNdyAoNlcdpukS61FARKh45bQtXqQlTs4JuN+o692tsSul6vTwXN6f73CsbBYLgm4yumZlJvJStPwiB4tJGoI5T+PcVxd6RjaYj3NzC/AVvduPta0mwEFb7cnqP+gEmtlONNutCufDfKIp8g3JPN7hUle1FGo90fWVFy5a99pXGj3WHdJrxuKruUxN/m3cM+Yesz3HtI9V0isb6QGcqPRsiBGL6IZCYGmSinu6GjqJE02QbdhmdM9f9efSeGIU13P21n46abZip3zw+HG3TrZcTqMtJqUTA==
.vestasb2c.b2clogin.com/ Name: x-ms-cpim-csrf
Value: cTZoZ201NFU2MVdyZXBzN3lEVzZRZnBzQXY5LzEyeU1RTkYrWnFyUFN0YnpnS3Z1RFRndXhkWTZKK1FLZk9MT3JLQS8zNlQzand1M3BQZ0xzU2gzV0E9PTsyMDIxLTA1LTA3VDIwOjM0OjExLjA5MTA1NDZaO05XNEZyZjNINjcyVFdkaXBLRnhoWWc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==

4 Console Messages

Source Level URL
Text
console-api debug URL: https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js(Line 1)
Message:
parsed url [object Object]
console-api debug URL: https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js(Line 1)
Message:
parsed url [object Object]
console-api debug URL: https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js(Line 1)
Message:
error trying to login
console-api debug URL: https://vestasonline.vestas.com/main-es2015.8720436e2742947d1c27.js(Line 1)
Message:
tryLogin during silent refresh failed [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com 'self' https://*.cookieinformation.com https://*.googletagmanager.com https://*.google-analytics.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.pstmrk.it
dc.services.visualstudio.com
vestasb2c.b2clogin.com
vestasb2cvostorage.blob.core.windows.net
vestasonline.vestas.com
dc.services.visualstudio.com
20.190.160.67
20.60.130.228
2620:1ec:46::45
52.209.142.237
151a993efdab89dc3a5b94e9671b8febefbcf5a3fb5bfa59292a10681d27410a
254701ca13d2b00b8562d849e44e20f6d2b321f4f87ea73e8e75e7fc88d2a79e
287069eeb1507ef9c7f33fbeee6345fa4b237cf56bc423c9b5c02be7f5550478
3576cc4d4adea12071f03ff8ac2d7a22bcd5beaa55f8b512a6710408a233516d
3713c5e047275e971368ea44c72bc21e527fc8b55da2a64c7cf5870aa95586a6
3becbd664dbd08e7e87e8f20c27b9e869892787d073664dc4243cbed69c50622
3d29f177af98d99de2335d02b2541619465df4bf1c16cb333cddbf166d83c5ef
4d8d1352de5d99a4b25552bbd1110cc3acff19b67c9c7e19b5ec146630a7ab62
6220e9c155e9075c5576b0de602e81372be26f3d26ba0ad73e97a8dd63a0a245
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
a54b31ee63a2f33ae177f04fbf89de1cce8105c082c956350ca3aed78c9fd028
b8e6179245f846c5cdd76ee4e742e4b60b4eedde774ed6fffb8b204d022d449c
bda44373b6c33278794228de382579f054300f3fdd4fe65b9f2a0c033ecd303a
beb63dfe5b1a5fca30e426b4869b7062329f5fc7f9b8c00bb556df3775640d4c
d14d69324680d1c60b8c31d4bbcb61ddecf0ff318ef653a0c6118b02babc6ce8
d595b9c250b0865a80a2ad159c87ee0357219b738ce216cbea49e46a6c9198bd
da60aeba6d3fc3bf2d64aeacaa979a64ad592caf139cd2e60c8865aff4e30f08
dc2240bc40df038fe31623b88746feb2359492780b2026c2a334518311900652
f458b8cc553fe2c3e959701a2f8cf22e830cf02b8b4400c2a59ba6eb8d4ae82b
fb24e0f4ee8ba475a674e47144126c45f5b936d89858bb399decfb431b69129d
ffecb8f4e55ace94943558bc4748a02eae2cf5d8bad6f689f9150438b942b190