urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.160.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-eu.mimecast.com/s/fWxjCwjovTA6oXyzcVxNaZ?domain=mygenieplus.petronas.com
Effective URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgq...
Submission: On October 27 via api from ZA — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 8 domains to perform 19 HTTP transactions. The main IP is 20.190.160.17, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 22.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 24th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 195.130.217.187 42427 (MIMECAST-UK)
1 1 20.212.96.204 8075 (MICROSOFT...)
1 3 185.136.188.210 203366 (BMCSAAS-AMS)
4 20.190.160.17 8075 (MICROSOFT...)
10 152.199.23.37 15133 (EDGECAST)
1 20.190.159.2 8075 (MICROSOFT...)
1 2620:1ec:40::60 8075 (MICROSOFT...)
1 2603:1026:300... 8075 (MICROSOFT...)
19 6
2    195.130.217.187 (United Kingdom)

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
protect-eu.mimecast.com
1    20.212.96.204 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mygenieplus.petronas.com
3    185.136.188.210 (Ireland)

ASN203366 (BMCSAAS-AMS, IE)
mygenieplus-dwp.onbmc.com
rsso-ams-os-prod.onbmc.com
4    20.190.160.17 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
10    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.159.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    2620:1ec:40::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
1    2603:1026:3000:c8::6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
10 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1196
194 KB
4 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 22
108 KB
3 onbmc.com
mygenieplus-dwp.onbmc.com
rsso-ams-os-prod.onbmc.com — Cisco Umbrella Rank: 761043
4 KB
2 mimecast.com
protect-eu.mimecast.com — Cisco Umbrella Rank: 29823
4 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1584
1 KB
1 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3615
9 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 94
1 petronas.com
mygenieplus.petronas.com
250 B
19 8
Domain Requested by
10 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
4 login.microsoftonline.com login.microsoftonline.com
aadcdn.msftauth.net
2 rsso-ams-os-prod.onbmc.com 1 redirects
2 protect-eu.mimecast.com 2 redirects
1 autologon.microsoftazuread-sso.com
1 aadcdn.msftauthimages.net
1 login.live.com login.microsoftonline.com
1 mygenieplus-dwp.onbmc.com
1 mygenieplus.petronas.com 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.onbmc.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-04 -
2023-05-04		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-08-24 -
2023-08-24		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2022-04-01 -
2023-04-01		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-10-19 -
2023-10-19		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure TLS Issuing CA 06		 2022-09-29 -
2023-09-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
Frame ID: 5369BB9DF2EDFA922C86CB862B4209C0
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://protect-eu.mimecast.com/s/fWxjCwjovTA6oXyzcVxNaZ?domain=mygenieplus.petronas.com HTTP 307
    https://protect-eu.mimecast.com/r/Wqf68iwdJc_B8uzNDEQSA6EiLe7cGzlvYW8Wmfd8fObc-QWYZ1YSn6bx6tN8lqq4WP4v8WVahq... HTTP 307
    https://mygenieplus.petronas.com/ux/myitapp/ HTTP 301
    https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/ Page URL
  2. https://rsso-ams-os-prod.onbmc.com/rsso/start Page URL
  3. https://rsso-ams-os-prod.onbmc.com/rsso/start HTTP 302
    https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIji... Page URL
  4. https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIji... Page URL

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

6
IPs

5
Countries

314 kB
Transfer

878 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-eu.mimecast.com/s/fWxjCwjovTA6oXyzcVxNaZ?domain=mygenieplus.petronas.com HTTP 307
    https://protect-eu.mimecast.com/r/Wqf68iwdJc_B8uzNDEQSA6EiLe7cGzlvYW8Wmfd8fObc-QWYZ1YSn6bx6tN8lqq4WP4v8WVahqJmIMT407quVyBiInE2d7hzjIvldiSFAWqju-jUHEi6D_tH5nwsh-5gXHolu-SFR8SZ8JOmI3PlsKnnadztuIkQrZQHzGurMUOlCV_qA4XU3EKWepasx5v9WY-eXIxz3-iisIUeb5HxvZIqEg_4XColCUMY5yBeJmXThIZvM1xCGTlfJRgtHvLk0gvpRmrmbaTfSROPCnJRhAwU1pg-JxD8ZxQ4IQeWujobF2O9SQRuYenRxasaSlt-t2YnAM4zVX3URw850reTYOaVD_Oug3ruTqnIM44OtqNCCLFA_3KB50uzSLE-0yLOPS7qMMGqlw_f1TVL-lM7fCIeJV29V7g-0E0nntPUVb2J-eN6nF9NBthHO0kWDnFkuZl5xyZ37IZg-06qRwT9FMJYBkpMvT2PnICgHzkzj-ggJT8QRqu_5jbA93lzuuV5d2QlpK6xfwbBlJnqDJbEwhURZqSZof8Y5TVk4eO7JaFOEWqHftujmIyHThfCFAovm6YHwAVGhd2qz75KbEeIioyh7gBNHtirXsUU85X_8CIeV-QPty9tw-IHlO2P3aovIXlefvgDrHHAtV9nBojfXDUNq1pw9hUClEs_tksrkGCpepTVRmANRj87NtJilXMRipvtvGuTl-mH5InPZw4ycOpf7oW8RQA8ycy-C-JTgqrQHQ3_wCSdrgVF1tgF0q1VGiXGfnHnbIztnBrdcPNpIkkzP2L2ddOkhPM2DC9S0I0b2c85FTeRdMbnozCMp4ph9F2AvpgZTuPL1Ox7ggKZjr1gXVjgww1-8fKY0quuqpMQLJfw0x8se-2NAmO135mM6zxyXrgZ_NFl3pl-x6LQGjM_WfJoqASS14XB93jWUpDf0tyxQSWrzMMG-2k-5Ln09EShOZsCBAF4CLg19BJqfEy6lf8LZiRJsVPE8TDKrB8pW9R7BrN-ugDcg96GnbqKogxgFu1b4bIbbeFaXj--Btc0QpuxLEKpR3u_E0CKLh8IYQd4517bkV6AHMLfJt5TamFLCw6-1DwqmtRv724tbN7oF937fsDsbF-NF-oRoHhiT94rAJd0AIgoOIImC-U4vOyaTzG1Axl0s5P2L_Xc7QBTFhMeGnF5LZEyMdnpDNsTAwozrz4oAw77mmorqOEb3KEvh4L9Mq97ORTKg3k-3VeoWyMcLhql7ow78TLmzM-v5YNKvHO27T-710r0cXbEQVywGPenV5kJsVYsvkJ19s1vp49YCG5shqlNtA6Nsnd-1CfQcigGMzR5iSnH_k2PtA51hNZG7E3CCK3icxxLXQE-7ZyHF16QGK8rdaRXT3Dp9Rt_NIYF0kDa8s8wnLmk5b4in_Z-b5XAXii9f1qadFhXz_PnBiCWlkyHAozkY2Rws6_F79Qckccz3J-5pQJdk6dvoacEPup77aqO6vSU-Bk8LM-buEVl2J3MdKiHQoM_rXViP0pdAdWdkK06YMsMU_6n6bPEhSNUF-yrRZFwfkwvYqSxJfxs5BJAqlP7c3cMtwFEV93e7jNH3MUjLNtCynwG3HPJwDwOUClV2N3ljC3RXZyqH-cvlNkU2D21LprOeHqnV6Oz1ELSOAokVzJFk4A0PM0ppIH44GJh6cFc-eSEWNggVsPK0UCxuBvGfAs3JLalPQ52YrBDWjFm7vF2r7aOaWmL_wAg9wjoHBVN437QKppiuBermujGcborxWLfY3zKmzoaDQYcf8oYxlLrAgkUR_dtLK80fZhbZ8rAuw0Utmh6-TaXwv4NvOTWbxwfj5a0SkypqkWGfdVTns5wGLwVup0FhUDz4pjJj6hyWOLQ-OoYofXzXf7RcrSocchBTT1bL8on-3O1l8ZhJpPe97Wyhrb7nhF2vtETCd4V9vWCrW35jKPtLhbLk9JSjgirA_2O-yRCCd8psCguqdGOSqGPDL45T-c0NgY_vtNpaPOai4Jle7uJfpMY1E_mon9voAmNxFTVtTlNLgGvWxY-D2iHH5D2Ixs_s18ffn8440WNHkZ7VUpRxvJFYhKNIGdgBONoHJblrYLxuBedrnmwjjnjZEn1QB1IetuT8DeYfNkuXP3JDhnolf2_pJRSJNaafXKNx64L3uQNVbKqsT53ja1ngsU-_Bj0-NBL24qgZak04qHdbZ2058m_KxElolvOGequsTjN9VR7F0k018zUBkgrUmwiqAESaj7WRRQGnSpqkhwmJD1G1gthc__HOtLwmmUOMyk3QQQc0-3l0GcY2folvVYf0kl-aXYOOT62CFItDrgtM-aRD2e3MAcdRQPn0BtMyQ-VOXOA9CDV4vm2z9wFrpnUBpaKr0BkGGAJgu-Ggy8Ctf6HogV_FAYavPGQ3-qcY7MWeWLXi-X55POEh93UVP7OpgHFC2DfsJqx_le_FQ-XO9nZ7UZ3UXY38RdzzO3OhPx-GZtX7l-BjZh2HP6cVwVnboKpIXRNQApMfUKZ6F1Z-8_oYN_ol9vmT0II1hi_md_tKwjkK1m2A0QQaH2W4NDtpGH56HQc2AekGMGE35ZKcqXMpx-vqPKZXkuNeu9if916NjvE86X6Y-TW5-TsXT2-4a05WnW1nPcFQL9zsdcvUQh12ya1AzfTQM4pofcgYPxqMV_xI_QGDykWxDTzP10nd3p7GGbP_1vipwZ9ReUxD3DPBxIEM1WsOlc9qYxJU0wqZoyMyz7WWrPp1xbk9WMSARAhCzE0rlLDHSLlRl4D0Y-yIkIKakGTvz_v2qayISMoXSunlwFa1RmwuSDyNnj5qBRR9QiGrhG9Kh9tQO3LkbXKBg6DkdXRe4IOQ6DvJLRWz1BWIwG6x8R0GIgCOvFE3XYnRYZ2gz0iHtmY45VqCID4xKlHuOgtCtmQ9PxgOnvCjgMnTH3bxXpc5zzvUzFd00pnwph9s3dyp5xp-GaxuoqjvuZa9XQylf4C4DnKdtlXhVH6zu3Ko8fYQi6UN3CTuXX-yiy6sHjS8hkBHIA5gyWulsnqwEYSCKPuuK2qmxf6gSCJREgy7y48HPpPU0cOstuGSw9Suz0gW9xqxowvgrGLOOJjzDBeOXgT3DIbcbjreXZSSyIiifZ4JPiF2C4a2Nc4d8Qdtatn16qFSm2sI-SenokRTbHYglW6lgLEXNy0p8TBh56ILyMNzKHlwTNZ7pC9B04Ib8yz0LS3-TS7e0b1VNz3JnfhjfDpnUMzm6XfzZ7-kdWgg4E_cZunesH0FIh-AP24EcQajD0ZHD3WzZQvXcs2GVlqmE5yFq6WAa6SSNstsFe34ingUmRl5x1AVq3GIfxzSzzHLbBH1j_M_nM1qizm9pTBWLNga-Xy0UGkXxhUA9gSGfNXxnawCQ5xLKjZyhJ4e1q7C_yQGarlYZfeNJlH1bujvV-TujJwSf2Yd3SMuCx2DFOIJXut5wIewY2cRi0VFPQdlPC7_dde9HGMpGCt7pHntGHrwXUD2otXq9ykM3zwEuBNTkP9nr5DTTl7G-K96-hW3OU_QUUq_Cc5qXR-lg2oRmuqNGDmUkrvl_xuGZbyq8QwGJzEhy7dUSdOZybhJwW8OL7zsmeXktcwtTbigk1y3BxehzJafzvPEHVY-BqOBtxjZsel78DD-Tn4x5diX_vTptYW-OnPWQV3GIQ1uQo3BomR7cQAjmORyp8pWd_YIt5viy1pD6i2uNjxPgpin0OX5bNKIl0L0XwKvF8XZge3N9YCef_COERd5WIvZbzPuQdKufh_qmbm84BTWRhkzGoIPcbRBNJPa9p5ADmVPfCCZFG2ErI8hfq0kPxHgDJX-b-ltRk7o4I8ZcSBn3RqMRTNWDLBkYF3CvDdnPk6ySwhEko8k6-LvxaadrmJRIcNAFwOF3bupj-QuM3j8XVK0NWGryyrHhPWSm1YnBgu0I6iVr-d6rMNqNHHguwgDSraMeqMhlQl88UBQ1pc8DIxYNooQGyE-Y2pWxodqirinwKb00U HTTP 307
    https://mygenieplus.petronas.com/ux/myitapp/ HTTP 301
    https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/ Page URL
  2. https://rsso-ams-os-prod.onbmc.com/rsso/start Page URL
  3. https://rsso-ams-os-prod.onbmc.com/rsso/start HTTP 302
    https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b Page URL
  4. https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-eu.mimecast.com/s/fWxjCwjovTA6oXyzcVxNaZ?domain=mygenieplus.petronas.com HTTP 307
  • https://protect-eu.mimecast.com/r/Wqf68iwdJc_B8uzNDEQSA6EiLe7cGzlvYW8Wmfd8fObc-QWYZ1YSn6bx6tN8lqq4WP4v8WVahqJmIMT407quVyBiInE2d7hzjIvldiSFAWqju-jUHEi6D_tH5nwsh-5gXHolu-SFR8SZ8JOmI3PlsKnnadztuIkQrZQHzGurMUOlCV_qA4XU3EKWepasx5v9WY-eXIxz3-iisIUeb5HxvZIqEg_4XColCUMY5yBeJmXThIZvM1xCGTlfJRgtHvLk0gvpRmrmbaTfSROPCnJRhAwU1pg-JxD8ZxQ4IQeWujobF2O9SQRuYenRxasaSlt-t2YnAM4zVX3URw850reTYOaVD_Oug3ruTqnIM44OtqNCCLFA_3KB50uzSLE-0yLOPS7qMMGqlw_f1TVL-lM7fCIeJV29V7g-0E0nntPUVb2J-eN6nF9NBthHO0kWDnFkuZl5xyZ37IZg-06qRwT9FMJYBkpMvT2PnICgHzkzj-ggJT8QRqu_5jbA93lzuuV5d2QlpK6xfwbBlJnqDJbEwhURZqSZof8Y5TVk4eO7JaFOEWqHftujmIyHThfCFAovm6YHwAVGhd2qz75KbEeIioyh7gBNHtirXsUU85X_8CIeV-QPty9tw-IHlO2P3aovIXlefvgDrHHAtV9nBojfXDUNq1pw9hUClEs_tksrkGCpepTVRmANRj87NtJilXMRipvtvGuTl-mH5InPZw4ycOpf7oW8RQA8ycy-C-JTgqrQHQ3_wCSdrgVF1tgF0q1VGiXGfnHnbIztnBrdcPNpIkkzP2L2ddOkhPM2DC9S0I0b2c85FTeRdMbnozCMp4ph9F2AvpgZTuPL1Ox7ggKZjr1gXVjgww1-8fKY0quuqpMQLJfw0x8se-2NAmO135mM6zxyXrgZ_NFl3pl-x6LQGjM_WfJoqASS14XB93jWUpDf0tyxQSWrzMMG-2k-5Ln09EShOZsCBAF4CLg19BJqfEy6lf8LZiRJsVPE8TDKrB8pW9R7BrN-ugDcg96GnbqKogxgFu1b4bIbbeFaXj--Btc0QpuxLEKpR3u_E0CKLh8IYQd4517bkV6AHMLfJt5TamFLCw6-1DwqmtRv724tbN7oF937fsDsbF-NF-oRoHhiT94rAJd0AIgoOIImC-U4vOyaTzG1Axl0s5P2L_Xc7QBTFhMeGnF5LZEyMdnpDNsTAwozrz4oAw77mmorqOEb3KEvh4L9Mq97ORTKg3k-3VeoWyMcLhql7ow78TLmzM-v5YNKvHO27T-710r0cXbEQVywGPenV5kJsVYsvkJ19s1vp49YCG5shqlNtA6Nsnd-1CfQcigGMzR5iSnH_k2PtA51hNZG7E3CCK3icxxLXQE-7ZyHF16QGK8rdaRXT3Dp9Rt_NIYF0kDa8s8wnLmk5b4in_Z-b5XAXii9f1qadFhXz_PnBiCWlkyHAozkY2Rws6_F79Qckccz3J-5pQJdk6dvoacEPup77aqO6vSU-Bk8LM-buEVl2J3MdKiHQoM_rXViP0pdAdWdkK06YMsMU_6n6bPEhSNUF-yrRZFwfkwvYqSxJfxs5BJAqlP7c3cMtwFEV93e7jNH3MUjLNtCynwG3HPJwDwOUClV2N3ljC3RXZyqH-cvlNkU2D21LprOeHqnV6Oz1ELSOAokVzJFk4A0PM0ppIH44GJh6cFc-eSEWNggVsPK0UCxuBvGfAs3JLalPQ52YrBDWjFm7vF2r7aOaWmL_wAg9wjoHBVN437QKppiuBermujGcborxWLfY3zKmzoaDQYcf8oYxlLrAgkUR_dtLK80fZhbZ8rAuw0Utmh6-TaXwv4NvOTWbxwfj5a0SkypqkWGfdVTns5wGLwVup0FhUDz4pjJj6hyWOLQ-OoYofXzXf7RcrSocchBTT1bL8on-3O1l8ZhJpPe97Wyhrb7nhF2vtETCd4V9vWCrW35jKPtLhbLk9JSjgirA_2O-yRCCd8psCguqdGOSqGPDL45T-c0NgY_vtNpaPOai4Jle7uJfpMY1E_mon9voAmNxFTVtTlNLgGvWxY-D2iHH5D2Ixs_s18ffn8440WNHkZ7VUpRxvJFYhKNIGdgBONoHJblrYLxuBedrnmwjjnjZEn1QB1IetuT8DeYfNkuXP3JDhnolf2_pJRSJNaafXKNx64L3uQNVbKqsT53ja1ngsU-_Bj0-NBL24qgZak04qHdbZ2058m_KxElolvOGequsTjN9VR7F0k018zUBkgrUmwiqAESaj7WRRQGnSpqkhwmJD1G1gthc__HOtLwmmUOMyk3QQQc0-3l0GcY2folvVYf0kl-aXYOOT62CFItDrgtM-aRD2e3MAcdRQPn0BtMyQ-VOXOA9CDV4vm2z9wFrpnUBpaKr0BkGGAJgu-Ggy8Ctf6HogV_FAYavPGQ3-qcY7MWeWLXi-X55POEh93UVP7OpgHFC2DfsJqx_le_FQ-XO9nZ7UZ3UXY38RdzzO3OhPx-GZtX7l-BjZh2HP6cVwVnboKpIXRNQApMfUKZ6F1Z-8_oYN_ol9vmT0II1hi_md_tKwjkK1m2A0QQaH2W4NDtpGH56HQc2AekGMGE35ZKcqXMpx-vqPKZXkuNeu9if916NjvE86X6Y-TW5-TsXT2-4a05WnW1nPcFQL9zsdcvUQh12ya1AzfTQM4pofcgYPxqMV_xI_QGDykWxDTzP10nd3p7GGbP_1vipwZ9ReUxD3DPBxIEM1WsOlc9qYxJU0wqZoyMyz7WWrPp1xbk9WMSARAhCzE0rlLDHSLlRl4D0Y-yIkIKakGTvz_v2qayISMoXSunlwFa1RmwuSDyNnj5qBRR9QiGrhG9Kh9tQO3LkbXKBg6DkdXRe4IOQ6DvJLRWz1BWIwG6x8R0GIgCOvFE3XYnRYZ2gz0iHtmY45VqCID4xKlHuOgtCtmQ9PxgOnvCjgMnTH3bxXpc5zzvUzFd00pnwph9s3dyp5xp-GaxuoqjvuZa9XQylf4C4DnKdtlXhVH6zu3Ko8fYQi6UN3CTuXX-yiy6sHjS8hkBHIA5gyWulsnqwEYSCKPuuK2qmxf6gSCJREgy7y48HPpPU0cOstuGSw9Suz0gW9xqxowvgrGLOOJjzDBeOXgT3DIbcbjreXZSSyIiifZ4JPiF2C4a2Nc4d8Qdtatn16qFSm2sI-SenokRTbHYglW6lgLEXNy0p8TBh56ILyMNzKHlwTNZ7pC9B04Ib8yz0LS3-TS7e0b1VNz3JnfhjfDpnUMzm6XfzZ7-kdWgg4E_cZunesH0FIh-AP24EcQajD0ZHD3WzZQvXcs2GVlqmE5yFq6WAa6SSNstsFe34ingUmRl5x1AVq3GIfxzSzzHLbBH1j_M_nM1qizm9pTBWLNga-Xy0UGkXxhUA9gSGfNXxnawCQ5xLKjZyhJ4e1q7C_yQGarlYZfeNJlH1bujvV-TujJwSf2Yd3SMuCx2DFOIJXut5wIewY2cRi0VFPQdlPC7_dde9HGMpGCt7pHntGHrwXUD2otXq9ykM3zwEuBNTkP9nr5DTTl7G-K96-hW3OU_QUUq_Cc5qXR-lg2oRmuqNGDmUkrvl_xuGZbyq8QwGJzEhy7dUSdOZybhJwW8OL7zsmeXktcwtTbigk1y3BxehzJafzvPEHVY-BqOBtxjZsel78DD-Tn4x5diX_vTptYW-OnPWQV3GIQ1uQo3BomR7cQAjmORyp8pWd_YIt5viy1pD6i2uNjxPgpin0OX5bNKIl0L0XwKvF8XZge3N9YCef_COERd5WIvZbzPuQdKufh_qmbm84BTWRhkzGoIPcbRBNJPa9p5ADmVPfCCZFG2ErI8hfq0kPxHgDJX-b-ltRk7o4I8ZcSBn3RqMRTNWDLBkYF3CvDdnPk6ySwhEko8k6-LvxaadrmJRIcNAFwOF3bupj-QuM3j8XVK0NWGryyrHhPWSm1YnBgu0I6iVr-d6rMNqNHHguwgDSraMeqMhlQl88UBQ1pc8DIxYNooQGyE-Y2pWxodqirinwKb00U HTTP 307
  • https://mygenieplus.petronas.com/ux/myitapp/ HTTP 301
  • https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/
Request Chain 2
  • https://rsso-ams-os-prod.onbmc.com/rsso/start HTTP 302
  • https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/
Redirect Chain
  • https://protect-eu.mimecast.com/s/fWxjCwjovTA6oXyzcVxNaZ?domain=mygenieplus.petronas.com
  • https://protect-eu.mimecast.com/r/Wqf68iwdJc_B8uzNDEQSA6EiLe7cGzlvYW8Wmfd8fObc-QWYZ1YSn6bx6tN8lqq4WP4v8WVahqJmIMT407quVyBiInE2d7hzjIvldiSFAWqju-jUHEi6D_tH5nwsh-5gXHolu-SFR8SZ8JOmI3PlsKnnadztuIkQrZQ...
  • https://mygenieplus.petronas.com/ux/myitapp/
  • https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.136.188.210 , Ireland, ASN203366 (BMCSAAS-AMS, IE),
Reverse DNS
Software
/
Resource Hash
3ff25727dcf7c2901939aa86870491fd8d0bae271969d543fc7afe135f02490d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 27 Oct 2022 08:33:27 GMT
Transfer-Encoding
chunked
vary
accept-encoding

Redirect headers

Connection
keep-alive
Content-Length
195
Content-Type
text/html
Date
Thu, 27 Oct 2022 08:33:26 GMT
Location
https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/
Server
Microsoft-Azure-Application-Gateway/v2
start
rsso-ams-os-prod.onbmc.com/rsso/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rsso-ams-os-prod.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.136.188.210 , Ireland, ASN203366 (BMCSAAS-AMS, IE),
Reverse DNS
Software
/
Resource Hash
d99c10f870510438d9cf5fd239ce3f8c2952a35e16b2e4088877328279abcc2d
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-zsY89rz8BMa77m8cOy4tpE4r7arRO7srJfS3huGKjXt/TZinM8nn2DTT2tQs3wIPOlkufMHmmMisSiN7WKlEsSALccHLads0PBwQYZut7EDaU9JnSu6Kx/88fKASC04VPy4VoCoMa1QBDtddj1Jxjpxd5dscFklXKeUjoDC8GdE='; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://mygenieplus-dwp.onbmc.com
Referer
https://mygenieplus-dwp.onbmc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-zsY89rz8BMa77m8cOy4tpE4r7arRO7srJfS3huGKjXt/TZinM8nn2DTT2tQs3wIPOlkufMHmmMisSiN7WKlEsSALccHLads0PBwQYZut7EDaU9JnSu6Kx/88fKASC04VPy4VoCoMa1QBDtddj1Jxjpxd5dscFklXKeUjoDC8GdE='; object-src 'none'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Thu, 27 Oct 2022 08:33:27 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
saml2
login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/
Redirect Chain
  • https://rsso-ams-os-prod.onbmc.com/rsso/start
  • https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6i...
151 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
275fbf28842f9c6168a2be97e2a6a39846afa8f133e44bee05f2608bdf27996b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://rsso-ams-os-prod.onbmc.com
Referer
https://rsso-ams-os-prod.onbmc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55291
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Oct 2022 08:33:27 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.13943.8 - SEASLR2 ProdSlices
x-ms-request-id
4692506b-7c74-4882-807b-0ff7de781100

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
Date
Thu, 27 Oct 2022 08:33:27 GMT
Location
https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1900&client-request-id=841177cc-d978-41df-9fad-0e774ba2831e&hpgrequestid=4692506b-7c74-4882-807b-0ff7de781100
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 27 Oct 2022 08:33:27 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
Content-Type
application/json; charset=utf-8
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
b4e34d87-2bde-4488-a356-21abce3d0c00
Cache-Control
no-store, no-cache
Content-Length
264
x-ms-ests-server
2.1.13943.8 - WEULR2 ProdSlices
X-XSS-Protection
0
Expires
-1
Primary Request saml2
login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/ 		193 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2db58f1f2f7afd2715461fe9f868cf33c008da3c81ac009e59cb73c57bf26449
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
49568
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Oct 2022 08:33:28 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.13943.8 - KRC ProdSlices
x-ms-request-id
a5035a45-def1-4b5b-9039-9b0dc0c61600
ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		386 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B7) /
Resource Hash
ccc3edc18b591b5298d437adb99060280187f3a0aecde0203d380927d4f66820

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:28 GMT
content-encoding
gzip
content-md5
w4sHEIV96wBNg0phpHiTOg==
age
2934978
x-cache
HIT
content-length
111723
x-ms-lease-status
unlocked
last-modified
Wed, 21 Sep 2022 02:22:46 GMT
server
ECAcc (lhd/35B7)
etag
0x8DA9B782BD657A7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
31ce03cc-b01e-0031-7e2d-cfe1f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DF) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
7141145
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (lhd/35DF)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1880728f-601e-003a-08ec-a835be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_z7gyytspcvx_szfb1qkasa2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_z7gyytspcvx_szfb1qkasa2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35CA) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-encoding
gzip
content-md5
i7+SGnsFCrVfVO4BMxmXsQ==
age
2561906
x-cache
HIT
content-length
13786
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 22:58:26 GMT
server
ECAcc (lhd/35CA)
etag
0x8DA9CEDF5246B4C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8aa865d6-901e-0004-1791-d23529000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3708) /
Resource Hash
1715c786d52ce35bea2274e2080b9fbda3a4177d7741d8fb3997caeea4798dca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-encoding
gzip
content-md5
4Xt/SF4lC+Zsg96sCtMl3A==
age
4154028
x-cache
HIT
content-length
5531
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 21:52:20 GMT
server
ECAcc (lhd/3708)
etag
0x8DA911B3D45D5FD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f1a52f4-701e-0073-1b16-c4103e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DC) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
14546419
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35DC)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3cb1ccf0-e01e-007c-1992-652fdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B5) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
14546419
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35B5)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
94c54aee-301e-0034-4592-65f450000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35FC) /
Resource Hash
89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-encoding
gzip
content-md5
xYMsa398BlO7oQWNFlhVpg==
age
4209308
x-cache
HIT
content-length
32180
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 21:52:20 GMT
server
ECAcc (lhd/35FC)
etag
0x8DA911B3D1A0EB6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a08a1d7b-001e-0081-1a96-c3d8cd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/447973e2-su-zh6sh2leb98zsvsomjgwpm5ip55gdgrdo3mwkl9g/logintenantbranding/0/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/447973e2-su-zh6sh2leb98zsvsomjgwpm5ip55gdgrdo3mwkl9g/logintenantbranding/0/bannerlogo?ts=637094266739837259
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d9437c62752692f50ef61fc827f8fcbadc30f7d582c29f40a7d165a004689d53

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:28 GMT
x-azure-ref-originshield
0mTFZYwAAAABbN0qLfQTzR4ufDa8SYTgCTE9OMjFFREdFMTcxOQA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
content-md5
qbTDrMvZmXTRn80gREKzow==
x-cache
TCP_HIT
content-length
8262
x-ms-lease-status
unlocked
last-modified
Fri, 15 Nov 2019 14:57:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D769DC318FEE20
vary
Origin
x-azure-ref
0WUJaYwAAAAB6PIUtFzqQRo2HoWBsHGVcTE9OMjEyMDUwNzE2MDQ5ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-type
image/*
x-ms-request-id
694cd57a-501e-0032-1014-e90397000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DC) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
14546419
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35DC)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3cb1ccf0-e01e-007c-1992-652fdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B5) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
14546419
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35B5)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
94c54aee-301e-0034-4592-65f450000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/3b2e8941-7948-4131-978a-b2dfc7295091/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/3b2e8941-7948-4131-978a-b2dfc7295091/winauth/ssoprobe?client-request-id=b9381696-4480-4d6c-88b3-621d9150c9f9&_=1666859609084
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:c8::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 08:33:28 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
1ce6d0bb-7b73-4f18-aec9-fabd601a1500
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.13943.8 - SEASLR2 ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jYUeSkXxwVig6Qts6N_uTQ2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d5b24ec0ba44917e66402ba9ba4011ea928679fa459cb9556822a9e155f2666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
a5035a45-def1-4b5b-9039-9b0dc0c61600
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
client-request-id
b9381696-4480-4d6c-88b3-621d9150c9f9
canary
AQABAAAAAAD--DLA3VO7QrddgJg7Wevrbrmc5WYUXaEvqIbCL3LfL-2s4kA9THiT_G0hTR-JM6rIHBL1ul2CTn-KMVkFEREZeGdWtTKQ--4fBARK_RNfADUCvCPJyBAXK_Hr9QBSrphxjh1gu9yxsL0vx_dp4BBNLgX_MSawtTojUDkx48nOtspOoM9b3N2HA7h3iRIpQtqptpPtDbwOvQCULuTIlHbWDvV3yrkbqsL3TUKAf-r3eSAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/3b2e8941-7948-4131-978a-b2dfc7295091/saml2?SAMLRequest=nVNBbtswEPyKwDslkZIjibANuDGKGkhbI3Zz6CWgqJVDgCJVLpU2v68kt02AODl0j7uD2ZlZcomyM73YDOHB3sKPATBEvzpjUcyDFRm8FU6iRmFlByiCEofN5xvB41T03gWnnCHRbrsi91WZpky2VxQWZUPzTDZUZimjTbXgxRVLc8ZrEt2BR%2B3siowMJLpQO8QBdhaDtGFEpZxTllJeHNNSZJngRZwV%2BXcSbUet2sowkz2E0KNIEuNO2sadVt6ha4OzRluIleuSrOZQVjmjRZWXNGcZo1VRSlrzplUFrxZpxZLJNCfRR%2BcVzJmsSCsNwugQ9xJRP8K%2FzoXa%2Fwnkg7aNtqf306vPIBSfjsc93X89HC9ybhDBTyavncWhA38A%2F6gVfLu9ebbtER2VHVKHdLxKEztbd2r2PY0SDwpG7T7pnk5gNfRmOAPJetqxnHyLOXj%2F4vzv65d%2FhZE19vcT2Sv2ZfKC%2BHlTL76MbLvt3hmtnv7nvY0H6mR4G81iNnd0Q9sZKgaLPSjdamhItDHG%2Fbz2IMN4zuAHIMlZXfL6O6x%2FAw%3D%3D&RelayState=_98001af6-e58d-43ad-a301-d9527610412b&sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 27 Oct 2022 08:33:29 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
b9381696-4480-4d6c-88b3-621d9150c9f9
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
b0e55f69-0bb5-4cbc-bc22-115fa2491300
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.13943.8 - SEASLR2 ProdSlices
Expires
-1
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3589) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Oct 2022 08:33:29 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
14546418
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (lhd/3589)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
101484d9-e01e-005b-7792-654940000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_bc2482665b7aae7b068e boolean| __convergedlogin_pcustomizationloader_8dc1586f19519d6b618f

18 Cookies

Domain/Path Name / Value
rsso-ams-os-prod.onbmc.com/rsso Name: route
Value: 1666859608.312.70120.8275
mygenieplus-dwp.onbmc.com/dwp Name: JSESSIONID
Value: 6C0F647B680927E2359ECE3415F5FF22
mygenieplus-dwp.onbmc.com/ Name: route
Value: 1666859608.04.15129.98986
mygenieplus-dwp.onbmc.com/ Name: onbmc_pool
Value: !rDyUf/mzw+1scm6Sub0BIXFGXpbOJPZaxHlmtkIIQuvVbdzM54kdWFKif3Q2YRvBXDz653dox85XSw==
rsso-ams-os-prod.onbmc.com/ Name: onbmc_pool
Value: !fw3yw+wW4Jsv1MeSub0BIXFGXpbOJA+RZ9EeV0dD5IjRz7fc73LDMIphP2KYXPTyW78vU4SdiS83b+c=
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASoAQYkuO0h5MUGXirLfxylQkfyoAD1kiFtBtdwVvMbk5hYqAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrzSLEmwcTyuLmgnEph4qTZvx9wCbvHtg7Nux4IDjbvVX1Mf6p2Wgp3GF1_zkrEGo2f2OmykLUlDuAdtMp8wYkfGAveZWpvtGO76W0wR8G1kYgAA
login.microsoftonline.com/ Name: fpc
Value: Arem57lD4m9El8ZWxDRQEJMEhTV9AQAAAFc57NoOAAAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr0cF3MqkolLSMAzecXIizOAP_KHVjbThGaOwI0iPycXTjqsiaejeMmBCm8tE2pacN2wvkwkCv0UVLMBmMt7E-FTpSBNnfJ-WhN1SMTjFyGV_i3ZMnORCbK8BPfOr-M47KXMoxsfRHJyJQ7C_zvGVgNK8iI5lYevJf9m0sjhfVftk-MyUjX8Y560E3xmrsIVmrBIhbTO7xD9pLcr-huBiUZ5TSDSzkGQt3EmbWIGPR2okgAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: d99c85389ab242bd87c8cad7552e4298
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1666859608&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AnA3is6KcT5EkpAQ70GBktg
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

2 Console Messages

Source Level URL
Text
network error URL: https://mygenieplus-dwp.onbmc.com/dwp/ux/myitapp/#/catalog/home
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://autologon.microsoftazuread-sso.com/3b2e8941-7948-4131-978a-b2dfc7295091/winauth/ssoprobe?client-request-id=b9381696-4480-4d6c-88b3-621d9150c9f9&_=1666859609084
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)