urlscan.io logo urlscan.io
SecurityTrails logo

client2pro-cb360.us.deloitte.com Open in urlscan Pro
34.122.186.64  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://client2pro-cb360.us.deloitte.com/
Submission: On January 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 26 HTTP transactions. The main IP is 34.122.186.64, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is client2pro-cb360.us.deloitte.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 23rd 2024. Valid for: a year.
This is the only time client2pro-cb360.us.deloitte.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
4 34.122.186.64 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2603:1036:300... 8075 (MICROSOFT...)
14 2606:2800:21f... 15133 (EDGECAST)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
26 6
4    34.122.186.64 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.186.122.34.bc.googleusercontent.com
client2pro-cb360.us.deloitte.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2603:1036:3000:60::16 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
14    2606:2800:21f:1b88:6342:f8de:86c:e98b (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
14 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943
296 KB
5 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
27 KB
4 deloitte.com
client2pro-cb360.us.deloitte.com
12 MB
1 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3382
132 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
26 5
Domain Requested by
14 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
5 login.microsoftonline.com client2pro-cb360.us.deloitte.com
aadcdn.msftauth.net
4 client2pro-cb360.us.deloitte.com client2pro-cb360.us.deloitte.com
1 aadcdn.msftauthimages.net
1 fonts.googleapis.com client2pro-cb360.us.deloitte.com
26 5

This site contains no links.

Subject Issuer Validity Valid
client2pro-cb360.us.deloitte.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-23 -
2025-01-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-29 -
2024-11-29		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2023-11-25 -
2024-11-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://client2pro-cb360.us.deloitte.com/
Frame ID: DCF3F36E15455FB3FDDE12C1D8D46FFD
Requests: 9 HTTP requests in this frame

Frame: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Frame ID: 8D60160F5B6C8E19F6315B9EBD9AFF2F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CB 360

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

12695 kB
Transfer

13725 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client2pro-cb360.us.deloitte.com/ 		675 B
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://client2pro-cb360.us.deloitte.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.122.186.64 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.186.122.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
12ec5d2614344e3285b4f94be76f39efafd5f1446fbb6c327f740db197bd8316

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
675
Content-Type
text/html
Date
Fri, 26 Jan 2024 16:37:50 GMT
ETag
"65aa6060-2a3"
Last-Modified
Fri, 19 Jan 2024 11:43:28 GMT
Server
nginx/1.25.3
config.js
client2pro-cb360.us.deloitte.com/ 		358 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client2pro-cb360.us.deloitte.com/config.js
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.122.186.64 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.186.122.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
f6f44f8a3ac7eb4284a6412dd37416207a848b0d67e6ac5c54625dd75a9c41b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://client2pro-cb360.us.deloitte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 16:37:50 GMT
Last-Modified
Thu, 25 Jan 2024 07:51:52 GMT
Server
nginx/1.25.3
ETag
"65b21318-166"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
358
main.e50173ef.js
client2pro-cb360.us.deloitte.com/static/js/ 		12 MB
12 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://client2pro-cb360.us.deloitte.com/static/js/main.e50173ef.js
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.122.186.64 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.186.122.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
09aca290ac70f4ad9f69fb97ae4fe510ed3e10f44e904930db8574c50e8e4484

Request headers

accept-language
en-US,en;q=0.9
Referer
https://client2pro-cb360.us.deloitte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 16:37:50 GMT
Last-Modified
Fri, 19 Jan 2024 11:43:28 GMT
Server
nginx/1.25.3
ETag
"65aa6060-be3e7e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12467838
main.08fd6ca7.css
client2pro-cb360.us.deloitte.com/static/css/ 		334 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client2pro-cb360.us.deloitte.com/static/css/main.08fd6ca7.css
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.122.186.64 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.186.122.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
f59b7ea1e89e5d113a15bd3369ecebf13100bb12631cd64e3f6e8d6102a7ff2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://client2pro-cb360.us.deloitte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 16:37:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Jan 2024 11:43:28 GMT
Server
nginx/1.25.3
ETag
W/"65aa6060-5382c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/static/css/main.08fd6ca7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://client2pro-cb360.us.deloitte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 16:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 15:40:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 16:37:51 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
823aec24-5adf-4005-9012-cf92af642d19
https://client2pro-cb360.us.deloitte.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://client2pro-cb360.us.deloitte.com/823aec24-5adf-4005-9012-cf92af642d19
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6059abea2e6229aa7e4d8e4085885f10a5aac701b8aae159f4086c2eb45bd619

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1696
Content-Type
application/javascript
instance
login.microsoftonline.com/common/discovery/ 		980 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/static/js/main.e50173ef.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::16 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9de571284f07dfaa3e9374247962c7610a7a39f037e169d3a1468d6717f8ba41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://client2pro-cb360.us.deloitte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 26 Jan 2024 16:37:54 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
beb51f36-34da-4468-8f6b-110b7e6a6100
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
Content-Length
980
x-ms-ests-server
2.1.17122.2 - SCUS ProdSlices
X-XSS-Protection
0
openid-configuration
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/v2.0/.well-known/openid-configuration
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/static/js/main.e50173ef.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::16 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6f7bf920a4e6e5ec108c2fa4bfb3d9020fe452fe878fac14935da71b230828a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://client2pro-cb360.us.deloitte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 26 Jan 2024 16:37:54 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
b3edce40-2f54-4781-bfb6-330a11002a00
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
Content-Length
1753
x-ms-ests-server
2.1.17122.2 - WUS3 ProdSlices
X-XSS-Protection
0
authorize
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/ Frame 8D60 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Requested by
Host: client2pro-cb360.us.deloitte.com
URL: https://client2pro-cb360.us.deloitte.com/static/js/main.e50173ef.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::16 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1af3a4bcdbd6a2d18f35ffe41bbc2296aab04d4105325d3295a93f1ee8c515b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://client2pro-cb360.us.deloitte.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9147
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Jan 2024 16:37:54 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.17122.2 - SCUS ProdSlices
x-ms-request-id
345be379-4c8e-4573-8dd8-7fa7a5507400
BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ Frame 8D60 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5AD7) /
Resource Hash
15e697417242d779ddec5439f81b56bdc61974ffda9a40919be81428f341296e

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
wFzpduTSkmnT+dqkuOoEjg==
age
2469581
x-cache
HIT
content-length
49102
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 23:52:14 GMT
server
ECAcc (mib/5AD7)
etag
0x8DC034905B0FBE6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f873481-701e-00b8-0e00-3a7473000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
authorize
login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/ Frame 8D60 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::16 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93e75491f33653e0f4a69c7ea2916558caf24a41e468c4de503fbf784d7bc8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8655
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Jan 2024 16:37:55 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
x-ms-clitelem
1,50058,0,,
x-ms-ests-server
2.1.17122.2 - SCUS ProdSlices
x-ms-request-id
345be379-4c8e-4573-8dd8-7fa703517400
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ Frame 8D60 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B33) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
2471519
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (mib/5B33)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
32fd1674-001e-0067-46fb-39c90a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedError_Core_9ZpauXM8MIdXr_wgx7GmRA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ Frame 8D60 		343 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedError_Core_9ZpauXM8MIdXr_wgx7GmRA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B9F) /
Resource Hash
97687cdd119c09f8145322fa1a10576d7fc68cce6fed63ea488e140140ed1f0a

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
nonZENNC8Z9AnekBj92Pow==
age
2065959
x-cache
HIT
content-length
96343
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 23:52:14 GMT
server
ECAcc (mib/5B9F)
etag
0x8DC034905BD233A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1df3b86e-601e-00a1-72ab-3db742000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.error.strings-en.min_qvnxup95cietce9ka-vtgg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ Frame 8D60 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.error.strings-en.min_qvnxup95cietce9ka-vtgg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5A8A) /
Resource Hash
8f7ab95bbb6c0f6a7b39eefaa8c45257423d4ee5605f27e0f635845e34a4bcf1

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
P0ZjwUVvlixwgO+wUYSrcw==
age
4922351
x-cache
HIT
content-length
10709
x-ms-lease-status
unlocked
last-modified
Tue, 28 Nov 2023 23:04:49 GMT
server
ECAcc (mib/5A8A)
etag
0x8DBF0666C2E5288
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cb25ddf8-a01e-0081-08b1-232671000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ Frame 8D60 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B6A) /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
age
19269076
x-cache
HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:18:37 GMT
server
ECAcc (mib/5B6A)
etag
0x8D8DA1E5A71125A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
303e731c-301e-0015-2935-a1740c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ Frame 8D60 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B2D) /
Resource Hash
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
A8dgUeRfi6/VknMbox6Cuw==
age
19269075
x-cache
HIT
content-length
4880
x-ms-lease-status
unlocked
last-modified
Thu, 22 Oct 2020 20:43:24 GMT
server
ECAcc (mib/5B2D)
etag
0x8D876CB1F3EA0D9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2d2333b7-301e-0050-5635-a19d0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ Frame 8D60 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5BD1) /
Resource Hash
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
up2irhKVlrgd4fr/sCzQ9w==
age
15911500
x-cache
HIT
content-length
3921
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 20:29:22 GMT
server
ECAcc (mib/5BD1)
etag
0x8DA5944E2DB65A3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7786e28f-c01e-000c-29bf-bf1206000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergederror_customizationloader_bad7db90986439a31b4f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ Frame 8D60 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergederror_customizationloader_bad7db90986439a31b4f.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedError_Core_9ZpauXM8MIdXr_wgx7GmRA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B8F) /
Resource Hash
c037cfcebe762eb1b8fe615749fe5041e66fb7f0e1192f2ad5215922784c5db0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
FNlRfpG82g46PInD6mL3iA==
age
4826814
x-cache
HIT
content-length
34591
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 18:05:27 GMT
server
ECAcc (mib/5B8F)
etag
0x8DBF105C454C55A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b90ae1fe-d01e-00da-338f-246055000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msftauth.net/shared/1.0/content/images/ Frame 8D60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B9A) /
Resource Hash
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
iYTzOJM089b1SPwrN/KdOg==
age
19268977
x-cache
HIT
content-length
1009
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:44 GMT
server
ECAcc (mib/5B9A)
etag
0x8DB5C3F46C291A9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
40414ac7-601e-003c-7c35-a1d37f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msftauth.net/shared/1.0/content/images/ Frame 8D60 		270 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5ADF) /
Resource Hash
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:56 GMT
content-encoding
gzip
content-md5
rp+/fadJKxLUo+jgFmYTeQ==
age
19268977
x-cache
HIT
content-length
190
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:44 GMT
server
ECAcc (mib/5ADF)
etag
0x8DB5C3F4721247A
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fc91c08-001e-002c-6d35-a16c57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
watson
login.microsoftonline.com/common/handlers/ Frame 8D60 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/handlers/watson
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:60::16 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73ea83e96c27d412bf79fc01edabe018e9b64b1c72d03c4638d3577b6147f56d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
client-request-id
07901f93-c168-4406-a0f7-08891058291d
canary
PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-62eKdGrMlvNKdJqcnfkeKI8Ol8kSKSYnCRW0GeJioHsoZ7rAtKmmOwqWKkbpDSnykPnMyIhP-0Ag_WgQgsb3NCnVbwENFSBu4pH588UysAmWXvU3qw0IIp1NwD5RlGrc_IFLm52HUOrX90aspRkD917VADAzbtRzkOuTWhblko11VQRb8HJgiwJCsHWbmclDvW6E6ehjog1dIG4V3lolgCAA
Content-Type
application/json; charset=UTF-8
hpgid
1117
Accept
application/json
Referer
https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
X-Requested-With
XMLHttpRequest
hpgact
1800

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 26 Jan 2024 16:37:56 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
07901f93-c168-4406-a0f7-08891058291d
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
Content-Type
application/json; charset=utf-8
x-ms-request-id
d81dcdf2-1bfe-4101-91ad-109618096300
Cache-Control
no-store, no-cache
x-ms-ests-server
2.1.17122.2 - EUS ProdSlices
Expires
-1
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msftauth.net/shared/1.0/content/images/ Frame 8D60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedError_Core_9ZpauXM8MIdXr_wgx7GmRA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B9A) /
Resource Hash
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:57 GMT
content-encoding
gzip
content-md5
iYTzOJM089b1SPwrN/KdOg==
age
19268978
x-cache
HIT
content-length
1009
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:44 GMT
server
ECAcc (mib/5B9A)
etag
0x8DB5C3F46C291A9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
40414ac7-601e-003c-7c35-a1d37f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msftauth.net/shared/1.0/content/images/ Frame 8D60 		270 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedError_Core_9ZpauXM8MIdXr_wgx7GmRA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5ADF) /
Resource Hash
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:57 GMT
content-encoding
gzip
content-md5
rp+/fadJKxLUo+jgFmYTeQ==
age
19268978
x-cache
HIT
content-length
190
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:44 GMT
server
ECAcc (mib/5ADF)
etag
0x8DB5C3F4721247A
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fc91c08-001e-002c-6d35-a16c57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ Frame 8D60 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5BDA) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:57 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
19269125
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (mib/5BDA)
etag
0x8DB5C3F495F4B8C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7548e406-301e-0077-5135-a1fb92000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/dbd5a2dd-u0i1pxxssgkh9b0w79kbdjk85qrnsr5cpqenhjiu6ok/logintenantbranding/0/ Frame 8D60 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-u0i1pxxssgkh9b0w79kbdjk85qrnsr5cpqenhjiu6ok/logintenantbranding/0/illustration?ts=638327047941964796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ec515674462aae4a6017fab58369f776172cbf15a0c7941f8d8aa034fb5bed87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:57 GMT
x-azure-ref-originshield
0AIuzZQAAAACmdbi42VXIQqKCvw3su2uqTU5aMjIxMDYwNjEyMDUxADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5
V1lRlYg6a7/Y2/IZp9H3OQ==
x-cache
TCP_HIT
content-length
134502
x-ms-lease-status
unlocked
last-modified
Thu, 12 Oct 2023 10:53:16 GMT
etag
0x8DBCB11704CEB95
x-azure-ref
05d+zZQAAAABUWATh38EpRr1QLsokUoV1Qk4xQUEyMDUxMDE4MDM5ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
0aa66a46-601e-0023-7134-509d90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
convergederror_stringcustomizationhelper_2551c8a0dd20f5ab4978.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ Frame 8D60 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergederror_stringcustomizationhelper_2551c8a0dd20f5ab4978.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedError_Core_9ZpauXM8MIdXr_wgx7GmRA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mib/5B31) /
Resource Hash
28446ca7e4323237a9dcb9fc560d1ef42e9ac408e0ae5cf9dbcdf72f8df789d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 26 Jan 2024 16:37:57 GMT
content-encoding
gzip
content-md5
Pd6M8/n2ce8K+MD4WJBn7g==
age
4826814
x-cache
HIT
content-length
35906
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 18:05:27 GMT
server
ECAcc (mib/5B31)
etag
0x8DBF105C4681094
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4b41944f-d01e-00b2-788f-247a66000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| REACT_APP_AD_CLIENT_ID string| REACT_APP_AD_TENANT_ID string| REACT_APP_BE_SERVICE_URL string| REACT_APP_LOGIN_TYPE string| REACT_APP_SUPPORTED_DOMAINS string| REACT_APP_CHAT_BOT_MODEL object| webpackChunkcb360foundations function| _ object| regeneratorRuntime function| saveAs object| PolyBool function| sprintf function| vsprintf object| __TYPEDARRAY_POOL object| __TEXT_CACHE object| PlotlyGeoAssets

12 Cookies

Domain/Path Name / Value
client2pro-cb360.us.deloitte.com/ Name: msal.1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1.request.state.1c2a517a-93dd-4a4a-9c8e-f11849ccb1a3
Value: eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
client2pro-cb360.us.deloitte.com/ Name: msal.1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1.nonce.id_token.1c2a517a-93dd-4a4a-9c8e-f11849ccb1a3
Value: f531703b-0469-44e6-8ee5-34bd1a27acaf
client2pro-cb360.us.deloitte.com/ Name: msal.1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1.authority.1c2a517a-93dd-4a4a-9c8e-f11849ccb1a3
Value: https%3A%2F%2Flogin.microsoftonline.com%2F36da45f1-dd2c-4d1f-af13-5abe46b99921
.login.microsoftonline.com/ Name: esctx-tbSm6DtO7E
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-ESHp3fmKC33ODKDm7H_UsIa_kb0SJI4PUFo3Bpyx41VfzlWwH6JTKbZVJ5ZJGCM49D5hbQgtONknfFLJ6SL0GF4qJYhN0YWFtJFGfdUiHQVbYFBK7OLMU8YBC2bwpadclgsXXqR44wy_ngjm8PPYsyAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-FPbf29sdXNWylFD7ISvqCVhTzgqB0YmVnAVfJTD0-j9AcLhrfuMoXggABCKKQWWSLSxhTMbA8-7JAyvNJ2OW3Pa2rPEc_tsItmq516EQ8tqPDSfEndcfJv9-vKlqdG79fKOaZT_11bMcnQMVrTaf3JXpQ08Bkw6nXhqGYNPw3eMgAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASYA8UXaNizdH02vE1q-RrmZIfagqBz_hiBNnO8_Znj7h8EmAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-X6Yr43x9epE5oOMNq-MW5gmV_8cwfd-9mYLVda1_6ZAqQQe0Dq4yzT7wuDBNMJqjZM7x9ObW2HGXawF-gmyCA12daj14t_icioXqvwNaYMIgAA
.login.microsoftonline.com/ Name: esctx-a3zSN3IumhA
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-R8gqtwqOZln-TCnjP_RNXb9fThOWT4eo8eYCwjXqv5-scgScDzHDgb3YZFYtjE-K8D_fXJw0ctGDU_IXtSPrGCXM-LPNf1Z5zCNPaJDPOXs6g_dZbOxQ51Eiz2nKTUXumDeHOZCdHlznnrduycHFeSAA
login.microsoftonline.com/ Name: fpc
Value: AknQHVCLm2pOlFmGhUZN09dSi4mIAQAAAOTWRd0OAAAA

2 Console Messages

Source Level URL
Text
security warning URL: https://client2pro-cb360.us.deloitte.com/static/js/main.e50173ef.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true(Line 87)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://client2pro-cb360.us.deloitte.com/' from frame with URL 'https://login.microsoftonline.com/36da45f1-dd2c-4d1f-af13-5abe46b99921/oauth2/v2.0/authorize?client_id=1ca8a0f6-86ff-4d20-9cef-3f6678fb87c1&scope=User.read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fclient2pro-cb360.us.deloitte.com&client-request-id=07901f93-c168-4406-a0f7-08891058291d&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=-BozzvsSpad6qGAoW2V5L-nM4m1FhqKUoGH0jTtNUh8&code_challenge_method=S256&prompt=none&nonce=f531703b-0469-44e6-8ee5-34bd1a27acaf&state=eyJpZCI6IjFjMmE1MTdhLTkzZGQtNGE0YS05YzhlLWYxMTg0OWNjYjFhMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true'. The frame attempting navigation of the top-level window is sandboxed, but the flag of 'allow-top-navigation' or 'allow-top-navigation-by-user-activation' is not set.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
client2pro-cb360.us.deloitte.com
fonts.googleapis.com
login.microsoftonline.com
2603:1036:3000:60::16
2606:2800:21f:1b88:6342:f8de:86c:e98b
2607:f8b0:4004:c06::5f
2620:1ec:48:1::40
34.122.186.64
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
09aca290ac70f4ad9f69fb97ae4fe510ed3e10f44e904930db8574c50e8e4484
12ec5d2614344e3285b4f94be76f39efafd5f1446fbb6c327f740db197bd8316
15e697417242d779ddec5439f81b56bdc61974ffda9a40919be81428f341296e
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3
28446ca7e4323237a9dcb9fc560d1ef42e9ac408e0ae5cf9dbcdf72f8df789d3
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
6059abea2e6229aa7e4d8e4085885f10a5aac701b8aae159f4086c2eb45bd619
73ea83e96c27d412bf79fc01edabe018e9b64b1c72d03c4638d3577b6147f56d
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4
8f7ab95bbb6c0f6a7b39eefaa8c45257423d4ee5605f27e0f635845e34a4bcf1
93e75491f33653e0f4a69c7ea2916558caf24a41e468c4de503fbf784d7bc8c1
97687cdd119c09f8145322fa1a10576d7fc68cce6fed63ea488e140140ed1f0a
9de571284f07dfaa3e9374247962c7610a7a39f037e169d3a1468d6717f8ba41
a1af3a4bcdbd6a2d18f35ffe41bbc2296aab04d4105325d3295a93f1ee8c515b
c037cfcebe762eb1b8fe615749fe5041e66fb7f0e1192f2ad5215922784c5db0
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
ec515674462aae4a6017fab58369f776172cbf15a0c7941f8d8aa034fb5bed87
f59b7ea1e89e5d113a15bd3369ecebf13100bb12631cd64e3f6e8d6102a7ff2f
f6f44f8a3ac7eb4284a6412dd37416207a848b0d67e6ac5c54625dd75a9c41b5
f6f7bf920a4e6e5ec108c2fa4bfb3d9020fe452fe878fac14935da71b230828a