Submitted URL: http://vst-pr28.cat.com/
Effective URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c4...
Submission: On December 20 via manual from US — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 55 HTTP transactions. The main IP is 2603:1026:3000:c8::9, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cwslogin.b2clogin.com. The Cisco Umbrella rank of the primary domain is 301098.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 9th 2024. Valid for: 6 months.
This is the only time cwslogin.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2603:1026:300... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.87.224.142 16625 (AKAMAI-AS)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
55 9
Apex Domain
Subdomains
Transfer
16 azurefd.net
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net
523 KB
15 cat.com
vst-pr28.cat.com
2 MB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
159 KB
3 gstatic.com
fonts.gstatic.com
56 KB
2 b2clogin.com
cwslogin.b2clogin.com — Cisco Umbrella Rank: 301098
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
186 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
295 B
1 caterpillar.com
www.caterpillar.com — Cisco Umbrella Rank: 326464
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 597
904 B
55 10
Domain Requested by
16 b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net cwslogin.b2clogin.com
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net
15 vst-pr28.cat.com vst-pr28.cat.com
10 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
3 fonts.gstatic.com fonts.googleapis.com
2 cwslogin.b2clogin.com vst-pr28.cat.com
cwslogin.b2clogin.com
2 www.googletagmanager.com vst-pr28.cat.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.caterpillar.com
1 fonts.googleapis.com cwslogin.b2clogin.com
1 js.monitor.azure.com vst-pr28.cat.com
55 10

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
vst-pr28.cat.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-08-06 -
2025-02-06
6 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04
2024-11-19 -
2025-05-18
6 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA
2024-10-09 -
2025-04-09
6 months crt.sh
*.azurefd.net
Microsoft Azure RSA TLS Issuing CA 04
2024-12-13 -
2025-06-11
6 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
Akamai.cat.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-07 -
2025-10-06
a year crt.sh
cookielaw.org
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
geolocation.onetrust.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Frame ID: 975E35DEBB5B6CBFA94741ADD9415133
Requests: 55 HTTP requests in this frame

Screenshot

Page Title

Sign in

Page URL History Show full URLs

  1. http://vst-pr28.cat.com/ HTTP 307
    https://vst-pr28.cat.com/ Page URL
  2. https://vst-pr28.cat.com/api/oauth2/login?returnUrl=%2F HTTP 302
    https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

55
Requests

95 %
HTTPS

88 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

2790 kB
Transfer

7058 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vst-pr28.cat.com/ HTTP 307
    https://vst-pr28.cat.com/ Page URL
  2. https://vst-pr28.cat.com/api/oauth2/login?returnUrl=%2F HTTP 302
    https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vst-pr28.cat.com/ HTTP 307
  • https://vst-pr28.cat.com/

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
vst-pr28.cat.com/
Redirect Chain
  • http://vst-pr28.cat.com/
  • https://vst-pr28.cat.com/
100 KB
21 KB
Document
General
Full URL
https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31ed6051434d3ef2b6f006ea7ea0c7c08fc2e262edf0065fa31c5632c5b1dc0d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-type
text/html
date
Fri, 20 Dec 2024 18:10:34 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-azure-ref
20241220T181033Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002bqe
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Location
https://vst-pr28.cat.com/
Non-Authoritative-Reason
HttpsUpgrades
gtm.js
www.googletagmanager.com/
223 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MWQKD2S&gtm_auth=hALZW9l5KSj3D6wYYX9t0Q&gtm_preview=env-29&gtm_cookies_win=x
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
481e38db7f6e86ec0228f595a69f30f61b1fe0b642428d6f07dd3b97a825495b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
application/javascript; charset=UTF-8
vary
*
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79892
x-xss-protection
0
server
Google Tag Manager
styles.e000455750e8fa24.css
vst-pr28.cat.com/
272 KB
56 KB
Stylesheet
General
Full URL
https://vst-pr28.cat.com/styles.e000455750e8fa24.css
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d187fd7f76422abe17bc844010afa0f1d3a710313a4c9769608d72cb0a6e2025
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"1db51992337f914"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002bt7
logo.png
vst-pr28.cat.com/assets/images/
17 KB
19 KB
Image
General
Full URL
https://vst-pr28.cat.com/assets/images/logo.png
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5f74b2390f8c19cfd0bf52f9472c77a55b94e0a00cdf831735ae7339ae001ac
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"1db51992333fa85"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
17285
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002bt8
Soleil-Regular.89ad3bbfde528604.woff2
vst-pr28.cat.com/
23 KB
25 KB
Font
General
Full URL
https://vst-pr28.cat.com/Soleil-Regular.89ad3bbfde528604.woff2
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6ad3b4baaa976654ed7d7ccbd693c80b4ffb98a0cec49653aa4e277a3cde7819
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vst-pr28.cat.com
Referer
https://vst-pr28.cat.com/

Response headers

etag
"1db5199229b792c"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
font/woff2
last-modified
Wed, 18 Dec 2024 22:06:49 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
23468
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002bta
exclamation-mark-red.png
vst-pr28.cat.com/assets/images/
3 KB
5 KB
Image
General
Full URL
https://vst-pr28.cat.com/assets/images/exclamation-mark-red.png
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12c50eb5fff45fa797a5c14e531ab4a2b1feb930603ce8e4bdbba763a9576dbc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"1db5199229b28b8"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 22:06:49 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
2616
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002btd
runtime.3a311d94a817768d.js
vst-pr28.cat.com/
4 KB
5 KB
Script
General
Full URL
https://vst-pr28.cat.com/runtime.3a311d94a817768d.js
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a521428b80a8dc67260422a41b81dae8a4c68d978e8be5c2ecfe33833f6a7084
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vst-pr28.cat.com
Referer

Response headers

content-encoding
gzip
etag
"1db51992333a9b7"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
text/javascript
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002btb
polyfills.f3367ea54a3695e5.js
vst-pr28.cat.com/
34 KB
17 KB
Script
General
Full URL
https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ea1f4929aa914992a42e4ea17fcd5903a10eb58261602a763490fa37b474b82
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vst-pr28.cat.com
Referer

Response headers

content-encoding
gzip
etag
"1db51992333306d"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
text/javascript
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002btc
scripts.510aab04deaca16b.js
vst-pr28.cat.com/
210 KB
75 KB
Script
General
Full URL
https://vst-pr28.cat.com/scripts.510aab04deaca16b.js
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23015d32f51f9c1babf80d55b0bb34e3aefb1dbe8b505b4daf7a56864043ace9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"1db51992330fff7"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
text/javascript
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002bte
main.51b8665f8c5d1b5d.js
vst-pr28.cat.com/
4 MB
1 MB
Script
General
Full URL
https://vst-pr28.cat.com/main.51b8665f8c5d1b5d.js
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
883ede3fe623191b1b6b95590b1f93f3a71041389beafbfd455cf8f2105b9fee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vst-pr28.cat.com
Referer

Response headers

content-encoding
gzip
etag
"1db5199237043ab"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:34 GMT
content-type
text/javascript
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-azure-ref
20241220T181034Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002btf
test
vst-pr28.cat.com/api/
0
2 KB
XHR
General
Full URL
https://vst-pr28.cat.com/api/test?random=1734718236200
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
X-Requested-With
XMLHttpRequest
Accept-Language
en-US, en
Accept
application/json, text/plain, */*
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
location
https://com-cat-vst-pr-2x-pr28.azurewebsites.net/api/oauth2/login?ReturnUrl=%2Fapi%2Ftest%3Frandom%3D1734718236200
referrer-policy
no-referrer
x-content-type-options
nosniff, nosniff
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 20 Dec 2024 18:10:36 GMT
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c1m
x-frame-options
DENY
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/
1 KB
904 B
Fetch
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-azure-ref
20241220T181036Z-16fbf75468cs8x2rhC1FRA18ew00000009ug000000004ytg
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
9590012a-d01e-0027-73c3-4c3a85000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
1.0.0
date
Fri, 20 Dec 2024 18:10:36 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Tue, 02 Apr 2024 18:24:43 GMT
/
vst-pr28.cat.com/api/files/sas/images/
0
2 KB
XHR
General
Full URL
https://vst-pr28.cat.com/api/files/sas/images/
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
X-Requested-With
XMLHttpRequest
Accept-Language
en-US, en
Accept
application/json, text/plain, */*
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
location
https://com-cat-vst-pr-2x-pr28.azurewebsites.net/api/oauth2/login?ReturnUrl=%2Fapi%2Ffiles%2Fsas%2Fimages%2F
referrer-policy
no-referrer
x-content-type-options
nosniff, nosniff
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 20 Dec 2024 18:10:36 GMT
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c1n
x-frame-options
DENY
userConfig
vst-pr28.cat.com/api/users/current/
0
2 KB
XHR
General
Full URL
https://vst-pr28.cat.com/api/users/current/userConfig
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
X-Requested-With
XMLHttpRequest
Accept-Language
en-US, en
Accept
application/json, text/plain, */*
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
location
https://com-cat-vst-pr-2x-pr28.azurewebsites.net/api/oauth2/login?ReturnUrl=%2Fapi%2Fusers%2Fcurrent%2FuserConfig
referrer-policy
no-referrer
x-content-type-options
nosniff, nosniff
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 20 Dec 2024 18:10:36 GMT
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c1p
x-frame-options
DENY
button-click.wav
vst-pr28.cat.com/assets/audios/
22 KB
24 KB
Media
General
Full URL
https://vst-pr28.cat.com/assets/audios/button-click.wav
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b4aaa99e6076c75e7785bebd5431a5399043db47090233cae80cf76acf0114ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"1db5199229b7a7a"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:36 GMT
content-type
audio/wav
last-modified
Wed, 18 Dec 2024 22:06:49 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Content-Range
bytes 0-22777/22778
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
Content-Length
22778
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c1w
test
vst-pr28.cat.com/api/
0
2 KB
XHR
General
Full URL
https://vst-pr28.cat.com/api/test
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
X-Requested-With
XMLHttpRequest
Accept-Language
en-US, en
Accept
application/json, text/plain, */*
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
location
https://com-cat-vst-pr-2x-pr28.azurewebsites.net/api/oauth2/login?ReturnUrl=%2Fapi%2Ftest
referrer-policy
no-referrer
x-content-type-options
nosniff, nosniff
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 20 Dec 2024 18:10:36 GMT
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c27
x-frame-options
DENY
test
vst-pr28.cat.com/api/
0
2 KB
XHR
General
Full URL
https://vst-pr28.cat.com/api/test
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
X-Requested-With
XMLHttpRequest
Accept-Language
en-US, en
Accept
application/json, text/plain, */*
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
location
https://com-cat-vst-pr-2x-pr28.azurewebsites.net/api/oauth2/login?ReturnUrl=%2Fapi%2Ftest
referrer-policy
no-referrer
x-content-type-options
nosniff, nosniff
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 20 Dec 2024 18:10:36 GMT
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c2r
x-frame-options
DENY
favicon-dev-pr.ico
vst-pr28.cat.com/
15 KB
0
Other
General
Full URL
https://vst-pr28.cat.com/favicon-dev-pr.ico
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"1db5199233383ee"
x-content-type-options
nosniff, nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 20 Dec 2024 18:10:36 GMT
content-type
image/x-icon
last-modified
Wed, 18 Dec 2024 22:06:50 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
15086
x-xss-protection
1; mode=block
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c2w
track
dc.services.visualstudio.com/v2/
96 B
0
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Fri, 20 Dec 2024 18:10:36 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
Primary Request authorize
cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/
Redirect Chain
  • https://vst-pr28.cat.com/api/oauth2/login?returnUrl=%2F
  • https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2...
171 KB
72 KB
Document
General
Full URL
https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/main.51b8665f8c5d1b5d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:c8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aba2d4c1ff82545edfa8b84ac2c7a4215f9e18eb7904310ac6a2bc354abc511e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
68908
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Dec 2024 18:10:38 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.317.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
31070b39-abb1-4825-88c5-1f2566290ae6
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
cd2cbd11-abbc-4b0b-b655-1d7948052912

Redirect headers

content-length
0
content-security-policy
default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
date
Fri, 20 Dec 2024 18:10:36 GMT
location
https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
referrer-policy
no-referrer
request-context
appId=cid-v1:3f5d296d-e0c8-444b-bf96-b997f2f9e8ed
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20241220T181036Z-16fbf75468ctz466hC1FRAy35g0000000a90000000002c39
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff, nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
track
dc.services.visualstudio.com/v2/
96 B
0
Fetch
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/polyfills.f3367ea54a3695e5.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
sdk-context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Fri, 20 Dec 2024 18:10:36 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
hrd-collect-username.html
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
15 KB
16 KB
XHR
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/hrd-collect-username.html
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e43b4762ba5bdb3faef4041156a17d1a1ebfde0570432d0e70c57cecedfd1a0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17E10C26F2"
x-fd-int-roxy-purgeid
4
access-control-allow-methods
GET, OPTIONS
x-ms-lease-state
available
x-ms-blob-content-md5
9nF62eUeRRNplY4a+KLkAQ==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
text/html
last-modified
Wed, 11 Dec 2024 19:13:21 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:56 GMT
x-ms-request-id
ce91a88c-101e-002f-390a-530596000000
accept-ranges
bytes
access-control-allow-origin
https://cwslogin.b2clogin.com
content-length
15681
x-azure-ref
20241220T181038Z-16fbf75468clmvxzhC1FRA2w6000000009p000000000nmgs
x-ms-blob-type
BlockBlob
hrd-collect-username.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
11 KB
11 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/hrd-collect-username.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f837c5861f67cb9a3cc5631dffef9753717dd2d42d82e00505ccdd26ed463995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17DF1B7584"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
jALDqpjwC9w/ctYYUONn2w==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:18 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:56 GMT
x-ms-request-id
d9395609-401e-001d-4a0a-5305e1000000
accept-ranges
bytes
content-length
10774
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mk
x-ms-blob-type
BlockBlob
catNLSJSON.en.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
0
0
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/catNLSJSON.en.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-version
2022-11-02
x-fd-int-roxy-purgeid
4
x-ms-request-id
7e49ccd0-e01e-0004-610a-53855a000000
x-cache
TCP_MISS
content-length
215
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/xml
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mn
x-ms-error-code
BlobNotFound
catNLSJSON.de.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
87 KB
88 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/catNLSJSON.de.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bb3b792e01f9ba7eeb50119c82fa7236e06554ad49ae16bd5e1aefaf134f094

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17D9FB8005"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
NQfHz6IcNauygSbIjE2w8g==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:10 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:56 GMT
x-ms-request-id
8b1f3a60-001e-001c-670a-535a3d000000
accept-ranges
bytes
content-length
89152
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mm
x-ms-blob-type
BlockBlob
project.constants.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
39 KB
39 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/project.constants.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
33f04132e88889a5c4a18c3906d6b494aba3c41b731a52f4f750950f0aab1277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17DCBC5B26"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
D/WeyZzzj/Vlr2NyLY0Zwg==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:14 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:57 GMT
x-ms-request-id
d3a8947b-b01e-0019-290a-5388e6000000
accept-ranges
bytes
content-length
39429
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mt
x-ms-blob-type
BlockBlob
project.common.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
49 KB
50 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/project.common.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
714df9a53e228b3d556db090813e08dc72b91c888844038c5bf92e6ef3871a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17DD15B896"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
ZyfYxWCNCBZMtePasmsADg==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:15 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:57 GMT
x-ms-request-id
e46691c8-001e-0023-310a-53929e000000
accept-ranges
bytes
content-length
50668
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mq
x-ms-blob-type
BlockBlob
field-validator.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
11 KB
12 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/field-validator.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38de4458f202972af9bcc13c8d64cb9cde2302ce907193e78853b929f15a1949

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17D90B9E0C"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
KIT1tvQdVAVl0vYtyHSc3A==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:08 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:56 GMT
x-ms-request-id
7720e6f3-c01e-0061-2e0a-532b1e000000
accept-ranges
bytes
content-length
11354
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mp
x-ms-blob-type
BlockBlob
project.draw.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
43 KB
43 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/project.draw.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a3860480f271c097d9b04b22c4ca13ace23f962ff87aa4d1c9829fa7b606a70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17E0A118D7"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
+XDK+P+/cIKHE34QIJ3yPQ==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:21 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:57 GMT
x-ms-request-id
993b5acd-301e-0091-740a-536def000000
accept-ranges
bytes
content-length
43790
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048ms
x-ms-blob-type
BlockBlob
project.cookies.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/
3 KB
4 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/project.cookies.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32309e46398abfba09ce7691cafaf8d7b4f8897dfc1b99bc2e3bc87ec970e0e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17E3C56213"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
WyYUSVZUb2BIJI7OIyXPdg==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:26 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:57 GMT
x-ms-request-id
3d92fee0-f01e-0027-600a-531f99000000
accept-ranges
bytes
content-length
3214
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mr
x-ms-blob-type
BlockBlob
grid.css
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/
37 KB
38 KB
Stylesheet
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/grid.css
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfc021b5a3e6b7e0d28963220385d3f99ffc5c62949c0d48c45480d54f6ee729

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cwslogin.b2clogin.com
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17DBB76D9C"
x-fd-int-roxy-purgeid
4
access-control-allow-methods
GET, OPTIONS
x-ms-lease-state
available
x-ms-blob-content-md5
OOXbGWrZb8ZS+5THiefxcA==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
text/css
last-modified
Wed, 11 Dec 2024 19:13:12 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:54 GMT
x-ms-request-id
210c33ec-401e-008b-3f0a-530c30000000
accept-ranges
bytes
access-control-allow-origin
https://cwslogin.b2clogin.com
content-length
38224
x-azure-ref
20241220T181039Z-16fbf75468clmvxzhC1FRA2w6000000009p000000000nmkt
x-ms-blob-type
BlockBlob
common.css
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/
13 KB
14 KB
Stylesheet
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/common.css
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05ed0bea23f8b5b0445d2d19ccad02bc6ac5001d0de3c773a92e1b726bf4c704

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cwslogin.b2clogin.com
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17E2AE00C1"
x-fd-int-roxy-purgeid
4
access-control-allow-methods
GET, OPTIONS
x-ms-lease-state
available
x-ms-blob-content-md5
nEDRE06ennUp5AzRvuM0XQ==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
text/css
last-modified
Wed, 11 Dec 2024 19:13:24 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:54 GMT
x-ms-request-id
4a83e1ea-001e-0051-1f0a-5395d1000000
accept-ranges
bytes
access-control-allow-origin
https://cwslogin.b2clogin.com
content-length
13355
x-azure-ref
20241220T181039Z-16fbf75468clmvxzhC1FRA2w6000000009p000000000nmku
x-ms-blob-type
BlockBlob
unified.css
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/
116 KB
116 KB
Stylesheet
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/unified.css
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7830d67d9d72ee7745c0334556c64e36ea6b00e528cc4c962f86d9501ae5490b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cwslogin.b2clogin.com
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17DC83040B"
x-fd-int-roxy-purgeid
4
access-control-allow-methods
GET, OPTIONS
x-ms-lease-state
available
x-ms-blob-content-md5
+96gI0ds7nfvANAWuEeVvg==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:40 GMT
content-type
text/css
last-modified
Wed, 11 Dec 2024 19:13:14 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:54 GMT
x-ms-request-id
f8aaf838-d01e-006d-1d0a-53bc16000000
accept-ranges
bytes
access-control-allow-origin
https://cwslogin.b2clogin.com
content-length
118523
x-azure-ref
20241220T181039Z-16fbf75468clmvxzhC1FRA2w6000000009p000000000nmkv
x-ms-blob-type
BlockBlob
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;600&family=Roboto+Condensed:wght@700&display=swap
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c04c5c1bf008f358dfbed57afb873b9b0d9014885cd388d041eb6b3c7858d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 18:10:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 20 Dec 2024 17:50:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/
345 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MTLFR43
Requested by
Host: vst-pr28.cat.com
URL: https://vst-pr28.cat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdaeff7ed0a93c71ce7024120366e135d8c2ed7913650db13ce8754a33d1388c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 20 Dec 2024 18:10:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109210
x-xss-protection
0
server
Google Tag Manager
catNLSJSON.en.js
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/en/
74 KB
75 KB
Script
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/en/catNLSJSON.en.js
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
000db55967f7dfd76976ec3b1b201995d7c4d3731c647d301c1d82af88d4dcc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17DE24B6BE"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
8XqYVQq34h/Gg2wD9qfRJQ==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:40 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Dec 2024 19:13:16 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:13:05 GMT
x-ms-request-id
94bd54b5-901e-007c-550a-5326a2000000
accept-ranges
bytes
content-length
75898
x-azure-ref
20241220T181039Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048mv
x-ms-blob-type
BlockBlob
favicon.ico
www.caterpillar.com/content/dam/favicons/
2 KB
3 KB
Other
General
Full URL
https://www.caterpillar.com/content/dam/favicons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.224.142 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-224-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4159385fa0fcb046021e0a20e0df9c642b6bd28cb61430f7f60528619e09a327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security max-age:31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

strict-transport-security
max-age:31536000
vary
Accept-Encoding
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self'
cache-control
max-age=31556952
content-encoding
gzip
etag
"9c4-6181222ad2795"
expires
Sun, 17 Nov 2024 01:02:00 GMT
accept-ranges
bytes
content-length
2317
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 10 May 2024 04:40:30 GMT
server
x-frame-options
SAMEORIGIN
perftrace
cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SignIn_NonProd/client/
0
447 B
XHR
General
Full URL
https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SignIn_NonProd/client/perftrace?tx=StateProperties=eyJUSUQiOiIzMTA3MGIzOS1hYmIxLTQ4MjUtODhjNS0xZjI1NjYyOTBhZTYifQ&p=B2C_1A_P2_V1_SignIn_NonProd
Requested by
Host: cwslogin.b2clogin.com
URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:c8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
ZkY5UlhPeE16VUNhSndQZUE2dWtqVHlXRFBCdncxb0JyOG9WSU1ZRzNhR08xVG41aDBKM09UOEhIQjkxeXM1dGFPUGUzTXJuRElIVFlmVGFKZExYOUE9PTsyMDI0LTEyLTIwVDE4OjEwOjM3LjkzNjU1NDdaO3pqUFVhSHp1ZElUUkxSQzU2VndIWFE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo4fQ==
Referer
https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
59a0c4db-3864-489f-82af-42093352256e
Public
OPTIONS,TRACE,GET,HEAD,POST
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Fri, 20 Dec 2024 18:10:39 GMT
X-Frame-Options
DENY
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTLFR43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1DE4B7A34202
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
41767
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 15:17:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
1138e44e-a01e-0067-6135-50202d000000
cf-ray
8f5197247dbbd35a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
74a822b3-d9ac-4330-a05c-b3b467eeccaf.json
cdn.cookielaw.org/consent/74a822b3-d9ac-4330-a05c-b3b467eeccaf/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/74a822b3-d9ac-4330-a05c-b3b467eeccaf/74a822b3-d9ac-4330-a05c-b3b467eeccaf.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321117da6405662512e914bddafc53d55fc16d20062c74478bec4b63c6e77af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
SpvKCuafR+sDlim/TNBt+w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCDE1773C4188D
age
35740
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 21 Dec 2024 18:10:39 GMT
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 10:39:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
f6c939bc-401e-00a1-402d-3a5d11000000
cf-ray
8f519724fb964db5-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1795
x-ms-blob-type
BlockBlob
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://cwslogin.b2clogin.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8f5197259ab61d92-FRA
access-control-allow-origin
*
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202408.1.0/
453 KB
110 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b18751f3a50a2525e37e8caeda2e00f3c683f1689d629dbb21f3d570a9343af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496E561314
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
58732
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 03:34:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6f17847a-601e-0058-1e5d-3297f1000000
cf-ray
8f519725f881d35a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
112788
x-ms-blob-type
BlockBlob
server
cloudflare
en.json
cdn.cookielaw.org/consent/74a822b3-d9ac-4330-a05c-b3b467eeccaf/018e577d-f9bf-7635-81f8-2c825e6d7757/
61 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/74a822b3-d9ac-4330-a05c-b3b467eeccaf/018e577d-f9bf-7635-81f8-2c825e6d7757/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a698ec07e30b68dda3db7393a4da813cfdd28dc0defc5780b413b5711d01c96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
xiLab9o9+RtwM/HdhosNJA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCDE17771F87A1
age
72356
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 21 Dec 2024 18:10:39 GMT
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 10:39:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
9c07317d-d01e-00c9-544d-260340000000
cf-ray
8f5197266cb84db5-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
15579
x-ms-blob-type
BlockBlob
server
cloudflare
otFlat.json
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
sJMlMDwvdZk7rNpgGQCzTA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496AC72635
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
46561
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 03:34:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
304f6d16-501e-003d-425d-0e26ac000000
cf-ray
8f519726cd0c4db5-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3003
x-ms-blob-type
BlockBlob
server
cloudflare
otPcPanel.json
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/v2/
64 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81a622d5550eb9220a609e964745dca5fa20a4b36594863a916a46af58eeb4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
kep4AqhiDHffA3Ey0Qhw6w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496C2A7EBE
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
46561
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 03:34:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
541abf9c-601e-0071-085d-0ee1b3000000
cf-ray
8f519726cd0e4db5-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12881
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
7329
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=24745
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 03:34:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
4ef1e9b0-d01e-000e-795d-0e7f81000000
cf-ray
8f519726cd0f4db5-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
495 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
18069
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 15:17:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2c6c7db8-001e-00e2-5d4b-5077f8000000
cf-ray
8f5197270d3e4db5-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
1x1_transparent.png
cdn.cookielaw.org/logos/dacb864b-cd78-48d1-a68b-5f1d05fe1473/74a822b3-d9ac-4330-a05c-b3b467eeccaf/677b3f75-9386-431a-b967-11d1d687274a/
81 B
250 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/dacb864b-cd78-48d1-a68b-5f1d05fe1473/74a822b3-d9ac-4330-a05c-b3b467eeccaf/677b3f75-9386-431a-b967-11d1d687274a/1x1_transparent.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e89879184510e91e477d41c61bd86a0e9209e9ecc17909a7b0ee20427950cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
xEZkapXNQ8NtJVg/2uo9vA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DC0D1398A56132
age
18069
cf-cache-status
HIT
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
image/png
last-modified
Thu, 04 Jan 2024 10:54:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
0ca6789e-401e-0048-5fd2-9b73f4000000
cf-ray
8f5197271aa6d35a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
81
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
46366
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Dec 2024 18:10:39 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 15:17:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
227f14eb-001e-0007-5a80-50650f000000
cf-ray
8f5197271aa9d35a-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
notifications_de.json
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/notifications/
3 KB
4 KB
Fetch
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/notifications/notifications_de.json
Requested by
Host: b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net
URL: https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/hrd-collect-username.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45c9ee7aeae839fdfa064dac0c5777264c6f260c1b8ebe04540b6ccf046a2ff7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DCFD01EE8AECA4"
x-fd-int-roxy-purgeid
4
access-control-allow-methods
GET, OPTIONS
x-ms-lease-state
available
x-ms-blob-content-md5
WfWhBchJP9EQ+jD1MsLkhA==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:40 GMT
content-type
application/json
last-modified
Mon, 04 Nov 2024 18:53:11 GMT
x-ms-creation-time
Thu, 12 Sep 2024 14:01:38 GMT
x-ms-request-id
04bf785c-b01e-007b-010a-534ac1000000
accept-ranges
bytes
access-control-allow-origin
https://cwslogin.b2clogin.com
content-length
3165
x-azure-ref
20241220T181040Z-16fbf75468clmvxzhC1FRA2w6000000009p000000000nmq6
x-ms-blob-type
BlockBlob
CaterpillarL1.png
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/assets/images/
14 KB
14 KB
Image
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/assets/images/CaterpillarL1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f375d36f3564fb193abfcd237519f450cc49a792a7a8dd7e8504f95c339e365b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cwslogin.b2clogin.com/

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17D78D9ABE"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
aqYj8RyrkmUz3p6KEYglrg==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:40 GMT
content-type
image/png
last-modified
Wed, 11 Dec 2024 19:13:05 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:49 GMT
x-ms-request-id
41d9538f-001e-007e-070a-53981a000000
accept-ranges
bytes
content-length
14253
x-azure-ref
20241220T181040Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048sh
x-ms-blob-type
BlockBlob
user.svg
b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/assets/images/
913 B
1 KB
Image
General
Full URL
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/assets/images/user.svg
Requested by
Host: b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net
URL: https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/unified.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71d6ad4bff08eb4c484e0ddc2390aac99638cb4632f47523829c0b910d3055d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/css/unified.css

Response headers

x-ms-server-encrypted
true
x-ms-version
2022-11-02
x-ms-lease-status
unlocked
etag
"0x8DD1A17CFE3898A"
x-fd-int-roxy-purgeid
4
x-ms-lease-state
available
x-ms-blob-content-md5
oCaFCAN6uVOlKmmJQdSVzw==
x-cache
TCP_MISS
date
Fri, 20 Dec 2024 18:10:40 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Dec 2024 19:12:53 GMT
x-ms-creation-time
Tue, 10 Sep 2024 02:12:51 GMT
x-ms-request-id
f5d1a421-101e-0096-160a-53018c000000
accept-ranges
bytes
content-length
913
x-azure-ref
20241220T181040Z-16fbf75468cwwdbphC1FRA59ks00000009700000000048sq
x-ms-blob-type
BlockBlob
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;600&family=Roboto+Condensed:wght@700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cwslogin.b2clogin.com
Referer
https://fonts.googleapis.com/

Response headers

age
573937
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 02:45:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 02:45:03 GMT
last-modified
Wed, 18 Oct 2023 17:53:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21140
x-xss-protection
0
server
sffe
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v38/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v38/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;600&family=Roboto+Condensed:wght@700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cwslogin.b2clogin.com
Referer
https://fonts.googleapis.com/

Response headers

age
292237
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:00:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:00:03 GMT
last-modified
Wed, 04 Dec 2024 06:43:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35840
x-xss-protection
0
server
sffe
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v38/
35 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v38/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;600&family=Roboto+Condensed:wght@700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cwslogin.b2clogin.com
Referer
https://fonts.googleapis.com/

Response headers

age
292237
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:00:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:00:03 GMT
last-modified
Wed, 04 Dec 2024 06:43:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35840
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| browserSupportsAllFeatures function| ie function| main object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady function| OptanonWrapper object| OtTrustedType object| otStubData object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups string| privacyStatement string| legalStatement string| privacyStatement_rcc object| unified object| unifiedNew object| catNLSJSONen object| catNLSJSONsrc object| catNLSJSON object| catNLSJSONde object| PROJECT function| mobileCheck function| detectIncognito function| getCorrelationID string| cookieConsentKey string| cookieConsentValue function| dhCheck function| getUrlParameter function| handleTractorTheme function| getData function| dateToEpochTime function| onBlurInput

9 Cookies

Domain/Path Name / Value
vst-pr28.cat.com/ Name: AnonymousSession
Value: CfDJ8EcZyD%2BTdG1PsRC5A4rUc%2F04bUsmj55mWWnFF%2BGFI4siMtBWW7aYeC%2BTWk0go58gfYDY3RwxeMWjiLDGfm7eZbeDIYBEJv7CzmMg3Qd7repJtMRBCZMiYTIMqrpjrE%2BYIUz6f0U1ahQjrwNbm5AP62eksSj7ikyKm2iU0L2YY5J%2F
vst-pr28.cat.com/ Name: ASLBSA
Value: 00031ab5dc983cc55622c32135705d556d532ca521995ff10ae88350a2fb9d8d61b1
vst-pr28.cat.com/ Name: ASLBSACORS
Value: 00031ab5dc983cc55622c32135705d556d532ca521995ff10ae88350a2fb9d8d61b1
.cwslogin.b2clogin.com/ Name: x-ms-cpim-sso:cwslogin.onmicrosoft.com_0
Value: m1.KjNWiWyao0MCqx3Q.Er2kOJEiWFR3iy8t56YxBA==.0.kcW+Z1JA72qhh7nJbeenAZphr8esRKTYa8tuO7PmgtHhy81gdOI7543038l/nU9T/tv3LFp2q6K7pMdxPDE6hZDtCsExe6jvuPJsQlE89X198IBYRKwyOXxLN5ih2F1RMFOOwoww3dLsR5UHkZSktPd80wcVnaCzoJwtW5ReBdFZbZVdx3C9DopttqF1Fn+/TENHWyDg+0apfxUKdQF1f8UpnH6o6wFnqVquDHzR1Q4/nDbZGGrleR58RSQhFoKVrD/PB9sTGsUCyHcCDtWMzADAbp/zVdQBbEE+noR6NOLBqrOSOYLACqodDzWAhMK74nzdjur+w5GIgJYiaZczqXT+A9h4PrJ3jf9MltCG9FmNe/1CjGTF4qCMZLHw1AkF/2fFRNnHFUa6NPBh8atzsr1/m0wkrY/2kI6vdTij/ncm6bpjsVOekm3ndaGWa4b3zLARq11/KTWGcmcc2MlyiotLjev1gx05O45UByFNn2/+Yk+KxNAka1YdDsLWSVfWRDw9dkxAVrYbywqY4SXC/khLOLPTTR4n/QW5aIYZJ7TpZjNEgjVk/9I+IQuNqq64KlSqbqkh3YybFgQfIrWve1t2TD4PixJnDK+OBAzlAjdJR03LVUe1+USZWvKngvOJ7aA3fcKo/Tsfvr9HiXuuALHv+LuqLpHZdjNI506KfuLC2kuNrw==
.cwslogin.b2clogin.com/ Name: x-ms-cpim-csrf
Value: ZkY5UlhPeE16VUNhSndQZUE2dWtqVHlXRFBCdncxb0JyOG9WSU1ZRzNhR08xVG41aDBKM09UOEhIQjkxeXM1dGFPUGUzTXJuRElIVFlmVGFKZExYOUE9PTsyMDI0LTEyLTIwVDE4OjEwOjM3LjkzNjU1NDdaO3pqUFVhSHp1ZElUUkxSQzU2VndIWFE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo4fQ==
.cwslogin.b2clogin.com/ Name: x-ms-cpim-cache|oqshmbgrjuiixr8lzikk5g_0
Value: m1.YsSNbJGC77zM9YoY.FLn2AfvsY/1Kvq7ChqlQVQ==.0.DofiU+Pa+hhNC8hCQlxn8ZWdg/IW2ogNoP9l3yvBRc57dto9Cs3leKHX+moRMC55NWQkOC1wNsbLEKTAQk/G3jFMNVFRbRQKa6R0OybhEKTsA7d0na6cCZ9LZlt83j8p3tghIfx+q17F5eRX7/R3xN6gTP5jhKYR4EBwMdT7gOoxO9SdDbEpYVGpZUr+LH6gv0h1/enBQZnZlutbfXOaOOHlDjMuXYiTq2MKb5UCpuM8BO0yQwiQ4pDi5XozuEE0WlifQPyE1b5bV0Qqv+SVdVVJPK5cyRK0AM/BR0zXKg43K+mvRJRUVMc0JJkRYxfb+b/ITgJEx68zLTnD/9N8Nol5wlHSQTYULflrv6JwzcOYFdUDpMMka++FaTJGb54Xqrx8PKh8eg+n0xNOQb5Rn2+Mxpgai79CR9ptJ1GAe1KoXaJA7eEEWBK/51eReNT2qot4GONkatQVx+Gml3y7HFnK0EA9tq4ewaWshgKrzSmAaNTGg/0ArWWMfpCQKCPpD3nLoA3r8ZTN390sT7iOzPzp6u+3S3pq2DLhr3wMz8wS/KWV6MbYPJhlAhJFDWnt+8CAo5tdw6a7C0rFQEEqLFWQ+x0xmhnkleCVNp2jv9UbmPhocVAZJ2KqnXOGh94tAvk9czzKHYX7KvUBUlmYqe6kLlLT9DqLXEDtd8WE5CpTmvEBgu7gzWuhEaD+U2dNCoF5gEmR+ywZfi6J8u4IX0+n+sl8+mqhf4lS4nmVsGr5F+kSg2GXrSn2lB3ks4RG8vNUijhykppWGCvj4slKg6cBDpqPO996r0mY6Z4Nyq4wT4HppHycdNrcC4WPU5BZxzwZ57I6tZeFfBL2n9UL8gDRdzq6cHZMLbAIrbdOeuWqTgeCNULrDhBXB3geRqYP0/62UA0JBKDAbLj8ssYz5W2qtESaFpHY5hlBzj9ITD4J/+pxd+GizZLQ5riS+OW1saXnJc2G84U4TgaiYuXB5URY6LJ1dyY+VqTpAyBs/ZYPHTPiy1a7iMoEDQTZerOuyast17JiOzosbyYgVcR4VT43zrYI6iE92w84ol02lwRc0WXAaMCiNw2Epm9f4jCaskD2SMmRFWB4IsEvTfTcWCgUSStkL+5ZgU/MJU2QW8cluF4MKup5G1CVEh+Q5yRB/WcBY0xefGuHa2e2JkPtLel1BYWzGWEPq4B4F0paccxuXhS0prxGd3dgdhKVBpQNgAPgp8p6rVwY9DCos5jNkf8/8Hk/6/b1+GSzKlNTC4tLG1noYA0sNwYaQHvBvpRaGz6r4D+4Uo7DVdzEV0SR8IvK8sQYCYKew5g5UE40zY4f5e6+5tqBCvYY+UrKSBICkFvX+xN6TC78QgaH2LVc44CK4WmfFdF5pC2+z2w0Bs/dBl08LbDJC/oqT1YQQ/uBm4FIGMDbEaVtr566SZOvcS22cgAclr6Gw7k9neV/lM4yZho4erCtnFiDjutpFk+S4HtFm0GnQJz+e5M7vfCu1eTfKmieVA818WHxcka8Ba/QpeA66pHGFj29CcN0umm+JWlOKeyEHsErDyOQYBPls+06DDjl2JxiplcaxQPQu6uN1Cf/mwpvtUNtYehDijgZQqxZyadZLkFJhQg/Ja7SWcX6t9kunfpaYgNtjyc+Vfc8Wai2Vfba30mnV2R8zuxy4z+s0GruF0WjGuCEUOaN1aysY+kbWtYrYd8EOqIaUjxNV0f1oFDgtVJh0THA5XFaRsragUV3Y1CuUEDZL5G65BYthHUtpVGLNCvPeHUSJfLTjRMPe1JhS7Oe1ZYkH8QesZmuycQCyow4kWq8pEwZWYQodkIC0BBoYCDJhkSG1A1d5zxgTz0ZIdmBMzzdHlMqMwbSRMlnJeT1yD8gEk1DyxZR6IwMXGQGcQW3c5fzl4O0CxSSEciewQoSksLMpbP21102li2MjpwTqp89fDs6ol95UF/gQtGBZxq4Tue4/pd294OBZr5KUETi2fs+gJUGeVc5v+UtOMuo62dEoU/3hUA4jhKfDnV9BHh4grxRL5zJ8h5Rrqxfa+AasAJYPl66wsCHHYM7z33Hxy+qQJO/f09BsnL61PP16190MdrBar8i1ejiL1nJzi1qdbJj5q2adplIIPkVB6vx9qdVffdLhqVV8EXio2l/qm8QuSqXgFjA13oJjqws1JnVlvcnb7Bz0oK/NIamlP0L45ZtNvRROZYBkojGvQgFS61UIEqGaT/XS/x0O6agoACfaAyqAUPmiF3O0R/ruEiNGHTTUnhIY/+vl/KPSOY6RppPj2VLF0k1FLw4oSv+nHTLm8pL19AypRDA12uDChV6OA1bB+ZGoUVPoRGPln2hR5Ig56dIkpt0ODObouiHypPgH4EzqVnK0Kla43eHLYMk4JI+/uv8nN/11g==
.cwslogin.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjMxMDcwYjM5LWFiYjEtNDgyNS04OGM1LTFmMjU2NjI5MGFlNiIsIlQiOiJjd3Nsb2dpbi5vbm1pY3Jvc29mdC5jb20iLCJQIjoiQjJDXzFBX1AyX1YxX1NJR05JTl9OT05QUk9EIiwiQyI6ImVhOTdhYWY1LWM0N2EtNDU3OC04MjZjLTc5NDc4MDA5ZDdlMCIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiMzEwNzBiMzktYWJiMS00ODI1LTg4YzUtMWYyNTY2MjkwYWU2In0=
cwslogin.b2clogin.com/ Name: x-ms-cpim-geo
Value: NA
.cwslogin.b2clogin.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Dec+20+2024+19%3A10%3A39+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202408.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=8f1fc7cf-5978-46e2-9cd9-861255c31dba&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fcwslogin.b2clogin.com%2Fcwslogin.onmicrosoft.com%2FB2C_1A_P2_V1_SIGNIN_NONPROD%2Foauth2%2Fv2.0%2Fauthorize%3Fclient_id%3Dea97aaf5-c47a-4578-826c-79478009d7e0%26redirect_uri%3Dhttps%253A%252F%252Fvst-pr28.cat.com%252Fapi%252Foauth2%252Fauthorize%26response_type%3Dcode%26scope%3Dhttps%253A%252F%252Fcwslogin.onmicrosoft.com%252F167cee82-afd1-4bb9-a995-6870ee9c9a27%252Fread+openid+profile+offline_access%26state%3DeyJSZXR1cm5VcmwiOiIvIn0%253D%26code_challenge_method%3DS256%26code_challenge%3Dp0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ&groups=C0001%3A1%2CC0002%3A0

7 Console Messages

Source Level URL
Text
network error URL: https://vst-pr28.cat.com/api/test?random=1734718236200
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://vst-pr28.cat.com/api/users/current/userConfig
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://vst-pr28.cat.com/api/files/sas/images/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://vst-pr28.cat.com/api/test
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://vst-pr28.cat.com/api/test
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net/b2ccardsnonprod/Unified/Default/de/catNLSJSON.en.js
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation error URL: https://cwslogin.b2clogin.com/cwslogin.onmicrosoft.com/B2C_1A_P2_V1_SIGNIN_NONPROD/oauth2/v2.0/authorize?client_id=ea97aaf5-c47a-4578-826c-79478009d7e0&redirect_uri=https%3A%2F%2Fvst-pr28.cat.com%2Fapi%2Foauth2%2Fauthorize&response_type=code&scope=https%3A%2F%2Fcwslogin.onmicrosoft.com%2F167cee82-afd1-4bb9-a995-6870ee9c9a27%2Fread+openid+profile+offline_access&state=eyJSZXR1cm5VcmwiOiIvIn0%3D&code_challenge_method=S256&code_challenge=p0QMDZG1EHOO7LEIzCcxMEnNvClj6nIy2YDNMP3nvMQ(Line 106)
Message:
Listener added for a 'DOMSubtreeModified' mutation event. Support for this event type has been removed, and this event will no longer be fired. See https://chromestatus.com/feature/5083947249172480 for more information.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://dc.services.visualstudio.com https://*.google-analytics.com https://*.microsoft.com https://*.azure.com data: blob:;style-src 'self' 'unsafe-inline' https://*.microsoft.com;img-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net data: blob:;font-src 'self' https://*.microsoft.com data: blob:;connect-src 'self' https://*.cat.com https://*.googleapis.com https://*.google-analytics.com https://*.blob.core.windows.net https://www.googletagmanager.com https://*.applicationinsights.azure.com https://dc.services.visualstudio.com https://*.doubleclick.net https://*.microsoft.com https://*.azure.com https://catturbostoragedev1.blob.core.windows.net https://ipinfo.io blob: https://atlas.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b2cstorage-cdnendpoint-nonprod-cycve2gphnhtgzcp.a03.azurefd.net
cdn.cookielaw.org
cwslogin.b2clogin.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
js.monitor.azure.com
vst-pr28.cat.com
www.caterpillar.com
www.googletagmanager.com
104.87.224.142
2603:1026:3000:c8::9
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2620:1ec:bdf::45
2a00:1450:4001:809::200a
2a00:1450:4001:810::2008
2a00:1450:4001:82f::2003
000db55967f7dfd76976ec3b1b201995d7c4d3731c647d301c1d82af88d4dcc6
05ed0bea23f8b5b0445d2d19ccad02bc6ac5001d0de3c773a92e1b726bf4c704
086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add
12c50eb5fff45fa797a5c14e531ab4a2b1feb930603ce8e4bdbba763a9576dbc
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23015d32f51f9c1babf80d55b0bb34e3aefb1dbe8b505b4daf7a56864043ace9
31ed6051434d3ef2b6f006ea7ea0c7c08fc2e262edf0065fa31c5632c5b1dc0d
321117da6405662512e914bddafc53d55fc16d20062c74478bec4b63c6e77af0
32309e46398abfba09ce7691cafaf8d7b4f8897dfc1b99bc2e3bc87ec970e0e7
33f04132e88889a5c4a18c3906d6b494aba3c41b731a52f4f750950f0aab1277
38de4458f202972af9bcc13c8d64cb9cde2302ce907193e78853b929f15a1949
4159385fa0fcb046021e0a20e0df9c642b6bd28cb61430f7f60528619e09a327
45c9ee7aeae839fdfa064dac0c5777264c6f260c1b8ebe04540b6ccf046a2ff7
481e38db7f6e86ec0228f595a69f30f61b1fe0b642428d6f07dd3b97a825495b
4b18751f3a50a2525e37e8caeda2e00f3c683f1689d629dbb21f3d570a9343af
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
5a3860480f271c097d9b04b22c4ca13ace23f962ff87aa4d1c9829fa7b606a70
5bb3b792e01f9ba7eeb50119c82fa7236e06554ad49ae16bd5e1aefaf134f094
5e89879184510e91e477d41c61bd86a0e9209e9ecc17909a7b0ee20427950cbc
5ea1f4929aa914992a42e4ea17fcd5903a10eb58261602a763490fa37b474b82
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ad3b4baaa976654ed7d7ccbd693c80b4ffb98a0cec49653aa4e277a3cde7819
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
714df9a53e228b3d556db090813e08dc72b91c888844038c5bf92e6ef3871a5a
71d6ad4bff08eb4c484e0ddc2390aac99638cb4632f47523829c0b910d3055d7
7830d67d9d72ee7745c0334556c64e36ea6b00e528cc4c962f86d9501ae5490b
883ede3fe623191b1b6b95590b1f93f3a71041389beafbfd455cf8f2105b9fee
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
9c04c5c1bf008f358dfbed57afb873b9b0d9014885cd388d041eb6b3c7858d34
a521428b80a8dc67260422a41b81dae8a4c68d978e8be5c2ecfe33833f6a7084
a698ec07e30b68dda3db7393a4da813cfdd28dc0defc5780b413b5711d01c96f
aba2d4c1ff82545edfa8b84ac2c7a4215f9e18eb7904310ac6a2bc354abc511e
b4aaa99e6076c75e7785bebd5431a5399043db47090233cae80cf76acf0114ca
bdaeff7ed0a93c71ce7024120366e135d8c2ed7913650db13ce8754a33d1388c
bfc021b5a3e6b7e0d28963220385d3f99ffc5c62949c0d48c45480d54f6ee729
d187fd7f76422abe17bc844010afa0f1d3a710313a4c9769608d72cb0a6e2025
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b4762ba5bdb3faef4041156a17d1a1ebfde0570432d0e70c57cecedfd1a0e
e5f74b2390f8c19cfd0bf52f9472c77a55b94e0a00cdf831735ae7339ae001ac
f375d36f3564fb193abfcd237519f450cc49a792a7a8dd7e8504f95c339e365b
f81a622d5550eb9220a609e964745dca5fa20a4b36594863a916a46af58eeb4b
f837c5861f67cb9a3cc5631dffef9753717dd2d42d82e00505ccdd26ed463995