urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mac.internal.dev.tgl.tmrwsg.com/
Effective URL: https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2FlHthNbxC5hOoVCC0PbzGI...
Submission: On July 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2603:1026:3000:148::7, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 25th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    52.84.174.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-38.cdg50.r.cloudfront.net
mac.internal.dev.tgl.tmrwsg.com
4    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    54.145.86.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-86-201.compute-1.amazonaws.com
events.launchdarkly.com
2    2600:1901:0:c072:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
rum.browser-intake-us5-datadoghq.com
session-replay.browser-intake-us5-datadoghq.com
1    2600:1f18:257:8001:6e1e:46ac:d915:7b96 (None, )

ASN- ()
mac-dev.auth.us-east-1.amazoncognito.com
1    2603:1026:3000:148::7 (None, )

ASN- ()
login.microsoftonline.com
Domain Requested by
4 events.launchdarkly.com mac.internal.dev.tgl.tmrwsg.com
4 app.launchdarkly.com mac.internal.dev.tgl.tmrwsg.com
4 mac.internal.dev.tgl.tmrwsg.com mac.internal.dev.tgl.tmrwsg.com
1 session-replay.browser-intake-us5-datadoghq.com mac.internal.dev.tgl.tmrwsg.com
1 login.microsoftonline.com mac.internal.dev.tgl.tmrwsg.com
1 mac-dev.auth.us-east-1.amazoncognito.com 1 redirects
1 rum.browser-intake-us5-datadoghq.com mac.internal.dev.tgl.tmrwsg.com
0 aadcdn.msauth.net Failed login.microsoftonline.com
17 8

This site contains no links.

Subject Issuer Validity Valid
mac.internal.dev.tgl.tmrwsg.com
Amazon RSA 2048 M02		 2023-07-28 -
2024-08-25		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh
*.browser-intake-us5-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-23		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-05-25 -
2024-05-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2FlHthNbxC5hOoVCC0PbzGI2RZauE4Elubpy2s7Tj%2BM0w3RT0EbinPtdztHm6s0M0RE8amcbksUpicBKp7TdN2T3dEMrctV%2B26AwAxv5dgoH%2BwAvE2CItojgw%2Bz77ixOBvwj%2BKOWsHu4a8ghhBF5khghqYJjLGZnPCEFgYFmsTDij5s5e6uDi6UzyUJItBo94DgPBBJdzxRtRVhWuwwc3F7b2GjpHbo%2BODtoC8uEtOu7TNWKlt0qo8Wa9bQqhaIpK4Sq61WdZuUZQ6Lb64Y8533XlarMabqCFS066GgFpaT9upaVLNc56%2FNZijjBrcUgbGgIS9msX1NWPWUVPx0WF3nxm0S%2FLiGyU4hzrBb5ObaGTN5yJ1Ajt8IA8iD54%2Fb%2Bjs9SPnoXnHQDac8p8wXooxvnjQhfe08vWtF%2BkXKwQYf3T%2Byv7eLSIGlPsnMp%2FKMVjiP%2FV9jz7udrfnj7AX6T%2FL9l%2B3H9%2FDXavw%3D%3D&RelayState=H4sIAAAAAAAAAD2RXZOaMBiF_0uuDUJCQvBOd9nVZa12_dq103FCCIJIiBD8oNP_3vSivcrJm-ecOfPmF-BgBLoWSt4a6B02yxvO75FswAAk9mU9_9itdN2YFj7Lqx0KO_RleylNGRJOKoYaHVKuThVuSm2B1AK5MbodDYepR5Pi0p5KrbSRjjjXXZo1tTKOkmZoYWlhUafSyszK1Xj-buURjH6AWktVpPbGb60j6qMqTO20hT2V07WycXhaFQr8HIDcOhee_3Z6i6Onx5JRXd6XpZsH32IcZrTXSFwhymxUYcm613vTrJ4el3f1fDmOzwFK15_fJ10S-Ucob4t4Z9oc3qswso7T31aIUCtLKzHcfbWqeA0n58YLNy_G45rQbh9_mMZbqGmfr4lYkDDaHR7okNV3reUEzzf78SSh-sHxgZ0Qmm-K2Qq_7qe34LILWfcZKIZlvm285dv2Fu_nq2VPUf0B4zHc55t2tTUv59Ad-_3xPZj0KtiK5bH5mq-r0ttQ7O8mT74qoiieTbsZo_fTvZndbOOzbVxxAVN5dXhncuf_Pzu84n2t_q1V1JXFKzDyaOgSylCIBkCDUcbPrRyAxuZ4mS_chCaQUeJCH2cpTITEkBGGKHaZF2TMZhiLHnCWJCQlGLpUUugn0rokETALQsEECTDKMPj9B569a3p7AgAA.H4sIAAAAAAAAAAvS7ozTPbxnq-Sy-PMObUXRiiKqm-3KvgZ-e7W_Yof-9vUAHTVcaiAAAAA.4
Frame ID: 79E9C10B9B70B909062D20AC057C0AF3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mac.internal.dev.tgl.tmrwsg.com/ Page URL
  2. https://mac-dev.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fd16biqsjkpnpte.cloudfront.net%2F... HTTP 302
    https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2Fl... Page URL

Page Statistics

17
Requests

88 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

6
IPs

1
Countries

1705 kB
Transfer

6842 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mac.internal.dev.tgl.tmrwsg.com/ Page URL
  2. https://mac-dev.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fd16biqsjkpnpte.cloudfront.net%2F&response_type=code&client_id=4esqktk95a5m82rp96anjm3rkp&identity_provider=&scope=openid%20aws.cognito.signin.user.admin&state=O14JjJKECyP86pkxPk0h7NK39f6zp2cv-2f&code_challenge=ozpZtrSCyqLnDqgAl72dTXQBubE4g-ewOKWtsh-xm9E&code_challenge_method=S256 HTTP 302
    https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2FlHthNbxC5hOoVCC0PbzGI2RZauE4Elubpy2s7Tj%2BM0w3RT0EbinPtdztHm6s0M0RE8amcbksUpicBKp7TdN2T3dEMrctV%2B26AwAxv5dgoH%2BwAvE2CItojgw%2Bz77ixOBvwj%2BKOWsHu4a8ghhBF5khghqYJjLGZnPCEFgYFmsTDij5s5e6uDi6UzyUJItBo94DgPBBJdzxRtRVhWuwwc3F7b2GjpHbo%2BODtoC8uEtOu7TNWKlt0qo8Wa9bQqhaIpK4Sq61WdZuUZQ6Lb64Y8533XlarMabqCFS066GgFpaT9upaVLNc56%2FNZijjBrcUgbGgIS9msX1NWPWUVPx0WF3nxm0S%2FLiGyU4hzrBb5ObaGTN5yJ1Ajt8IA8iD54%2Fb%2Bjs9SPnoXnHQDac8p8wXooxvnjQhfe08vWtF%2BkXKwQYf3T%2Byv7eLSIGlPsnMp%2FKMVjiP%2FV9jz7udrfnj7AX6T%2FL9l%2B3H9%2FDXavw%3D%3D&RelayState=H4sIAAAAAAAAAD2RXZOaMBiF_0uuDUJCQvBOd9nVZa12_dq103FCCIJIiBD8oNP_3vSivcrJm-ecOfPmF-BgBLoWSt4a6B02yxvO75FswAAk9mU9_9itdN2YFj7Lqx0KO_RleylNGRJOKoYaHVKuThVuSm2B1AK5MbodDYepR5Pi0p5KrbSRjjjXXZo1tTKOkmZoYWlhUafSyszK1Xj-buURjH6AWktVpPbGb60j6qMqTO20hT2V07WycXhaFQr8HIDcOhee_3Z6i6Onx5JRXd6XpZsH32IcZrTXSFwhymxUYcm613vTrJ4el3f1fDmOzwFK15_fJ10S-Ucob4t4Z9oc3qswso7T31aIUCtLKzHcfbWqeA0n58YLNy_G45rQbh9_mMZbqGmfr4lYkDDaHR7okNV3reUEzzf78SSh-sHxgZ0Qmm-K2Qq_7qe34LILWfcZKIZlvm285dv2Fu_nq2VPUf0B4zHc55t2tTUv59Ad-_3xPZj0KtiK5bH5mq-r0ttQ7O8mT74qoiieTbsZo_fTvZndbOOzbVxxAVN5dXhncuf_Pzu84n2t_q1V1JXFKzDyaOgSylCIBkCDUcbPrRyAxuZ4mS_chCaQUeJCH2cpTITEkBGGKHaZF2TMZhiLHnCWJCQlGLpUUugn0rokETALQsEECTDKMPj9B569a3p7AgAA.H4sIAAAAAAAAAAvS7ozTPbxnq-Sy-PMObUXRiiKqm-3KvgZ-e7W_Yof-9vUAHTVcaiAAAAA.4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mac.internal.dev.tgl.tmrwsg.com/ 		457 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mac.internal.dev.tgl.tmrwsg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-38.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ddc2aa33ceec8341a54b3e527455013c9cf988e808fb3b01cb33ad4012ab4fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2440
content-length
457
content-type
text/html
date
Fri, 28 Jul 2023 17:37:28 GMT
etag
"8eceb5a0961026d5f2310848a9c8960d"
last-modified
Fri, 28 Jul 2023 14:05:39 GMT
server
AmazonS3
via
1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront)
x-amz-cf-id
Qn4dyH1LrtQmnUktMtBCiaa8s4VYIDvszC6gRcezmqmsOSyrOBuGAQ==
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
index-79be408d.js
mac.internal.dev.tgl.tmrwsg.com/assets/ 		3 MB
587 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-38.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b540a69ab1645d22909f943c6607d52557a1045f76fd2b2e2ad47ccd2cb6ea3e

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
Origin
https://mac.internal.dev.tgl.tmrwsg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:18:08 GMT
content-encoding
gzip
via
1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 14:05:39 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P1
etag
W/"5018c15cf56b69b569aa8ff07ec6a551"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
uA5JhzA9vh7skjl3T5d8U-grvlf7G3CMNDRSwsbMmJPtsxe72xvOKA==
index-7b03ce3d.css
mac.internal.dev.tgl.tmrwsg.com/assets/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mac.internal.dev.tgl.tmrwsg.com/assets/index-7b03ce3d.css
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-38.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b03ce3d1135f04fedd90a39bf887c314e0e17cfb184923deeae1d0c65d859dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mac.internal.dev.tgl.tmrwsg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:18:08 GMT
content-encoding
gzip
via
1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 14:05:39 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P1
etag
W/"328cc3673894efc770152647808dfb40"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
H0yHcPZEaYz8L2OUFbqzqrYvCAzM0c1uP3NeBSLCvg3uGJiqYFjUbw==
browser-3e8a999d.js
mac.internal.dev.tgl.tmrwsg.com/assets/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://mac.internal.dev.tgl.tmrwsg.com/assets/browser-3e8a999d.js
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-38.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
972fee730f9e98ba966cba3ef62fd11ce9b919f6d9a4152450e2f9c7327a281e

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
Origin
https://mac.internal.dev.tgl.tmrwsg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:18:09 GMT
content-encoding
gzip
via
1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 14:05:39 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P1
etag
W/"b4fedc7261b565316f725e83df8d713d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
7ORz2pQfqEg9cd6nnCKPfqenErZACZJSL8FnlRXbFtsUHU13NhkW5Q==
ab03621f-eac0-4029-a074-03fe92904a9a
https://mac.internal.dev.tgl.tmrwsg.com/ 		24 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mac.internal.dev.tgl.tmrwsg.com/ab03621f-eac0-4029-a074-03fe92904a9a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d864b61c190297721b440b241cd61c2e7a377176a0fbb12b2d3342757b1f34da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
24961
Content-Type
641c80e7ace8a9138732e0fa
app.launchdarkly.com/sdk/goals/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/641c80e7ace8a9138732e0fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://mac.internal.dev.tgl.tmrwsg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 28 Jul 2023 18:18:10 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230064-FRA
x-timer
S1690568290.497159,VS0,VE380
641c80e7ace8a9138732e0fa
events.launchdarkly.com/events/diagnostic/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/641c80e7ace8a9138732e0fa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.145.86.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-86-201.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://mac.internal.dev.tgl.tmrwsg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 28 Jul 2023 18:18:10 GMT
strict-transport-security
max-age=31536000
641c80e7ace8a9138732e0fa
app.launchdarkly.com/sdk/goals/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/641c80e7ace8a9138732e0fa
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Fri, 28 Jul 2023 18:18:11 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
MISS
content-length
26
x-served-by
cache-fra-eddf8230064-FRA
x-timer
S1690568291.906713,VS0,VE359
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
641c80e7ace8a9138732e0fa
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/641c80e7ace8a9138732e0fa
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.145.86.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-86-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Jul 2023 18:18:10 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyJ9
app.launchdarkly.com/sdk/evalx/641c80e7ace8a9138732e0fa/contexts/ 		2 KB
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/641c80e7ace8a9138732e0fa/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyJ9
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:18:11 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
215
x-served-by
cache-fra-etou8220047-FRA, cache-fra-eddf8230064-FRA
x-timer
S1690568291.890687,VS0,VE751
etag
"77dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyJ9
app.launchdarkly.com/sdk/evalx/641c80e7ace8a9138732e0fa/contexts/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/641c80e7ace8a9138732e0fa/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://mac.internal.dev.tgl.tmrwsg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 28 Jul 2023 18:18:10 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230064-FRA
x-timer
S1690568290.497148,VS0,VE363
rum
rum.browser-intake-us5-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Abeacon%2Cenv%3Adev%2Cservice%3Amatch-admin-console&dd-api-key=pubb8298bd90c90cdcf0f01096e9539fcb8&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=8c7e499b-42b7-4fa4-a867-8e34d2777931&batch_time=1690568291669
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Primary Request saml2
login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/
Redirect Chain
  • https://mac-dev.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fd16biqsjkpnpte.cloudfront.net%2F&response_type=code&client_id=4esqktk95a5m82rp96anjm3rkp&identity_provid...
  • https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2FlHthNbxC5hOoVCC0PbzGI2RZauE4Elubpy2s7Tj%2BM0w3RT0EbinPtdztHm6s0M0RE8amcbksUpicBKp7TdN2T3...
21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2FlHthNbxC5hOoVCC0PbzGI2RZauE4Elubpy2s7Tj%2BM0w3RT0EbinPtdztHm6s0M0RE8amcbksUpicBKp7TdN2T3dEMrctV%2B26AwAxv5dgoH%2BwAvE2CItojgw%2Bz77ixOBvwj%2BKOWsHu4a8ghhBF5khghqYJjLGZnPCEFgYFmsTDij5s5e6uDi6UzyUJItBo94DgPBBJdzxRtRVhWuwwc3F7b2GjpHbo%2BODtoC8uEtOu7TNWKlt0qo8Wa9bQqhaIpK4Sq61WdZuUZQ6Lb64Y8533XlarMabqCFS066GgFpaT9upaVLNc56%2FNZijjBrcUgbGgIS9msX1NWPWUVPx0WF3nxm0S%2FLiGyU4hzrBb5ObaGTN5yJ1Ajt8IA8iD54%2Fb%2Bjs9SPnoXnHQDac8p8wXooxvnjQhfe08vWtF%2BkXKwQYf3T%2Byv7eLSIGlPsnMp%2FKMVjiP%2FV9jz7udrfnj7AX6T%2FL9l%2B3H9%2FDXavw%3D%3D&RelayState=H4sIAAAAAAAAAD2RXZOaMBiF_0uuDUJCQvBOd9nVZa12_dq103FCCIJIiBD8oNP_3vSivcrJm-ecOfPmF-BgBLoWSt4a6B02yxvO75FswAAk9mU9_9itdN2YFj7Lqx0KO_RleylNGRJOKoYaHVKuThVuSm2B1AK5MbodDYepR5Pi0p5KrbSRjjjXXZo1tTKOkmZoYWlhUafSyszK1Xj-buURjH6AWktVpPbGb60j6qMqTO20hT2V07WycXhaFQr8HIDcOhee_3Z6i6Onx5JRXd6XpZsH32IcZrTXSFwhymxUYcm613vTrJ4el3f1fDmOzwFK15_fJ10S-Ucob4t4Z9oc3qswso7T31aIUCtLKzHcfbWqeA0n58YLNy_G45rQbh9_mMZbqGmfr4lYkDDaHR7okNV3reUEzzf78SSh-sHxgZ0Qmm-K2Qq_7qe34LILWfcZKIZlvm285dv2Fu_nq2VPUf0B4zHc55t2tTUv59Ad-_3xPZj0KtiK5bH5mq-r0ttQ7O8mT74qoiieTbsZo_fTvZndbOOzbVxxAVN5dXhncuf_Pzu84n2t_q1V1JXFKzDyaOgSylCIBkCDUcbPrRyAxuZ4mS_chCaQUeJCH2cpTITEkBGGKHaZF2TMZhiLHnCWJCQlGLpUUugn0rokETALQsEECTDKMPj9B569a3p7AgAA.H4sIAAAAAAAAAAvS7ozTPbxnq-Sy-PMObUXRiiKqm-3KvgZ-e7W_Yof-9vUAHTVcaiAAAAA.4
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:148::7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9157
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jul 2023 18:18:11 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15868.7 - FRC ProdSlices
x-ms-request-id
191d717e-49e4-4411-8235-b016e59b0e00

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 28 Jul 2023 18:18:12 GMT
location
https://login.microsoftonline.com/0bfb1d9d-5b61-472f-85ad-024ad9969015/saml2?SAMLRequest=fZLNauMwFIX38xRGe%2FlHthNbxC5hOoVCC0PbzGI2RZauE4Elubpy2s7Tj%2BM0w3RT0EbinPtdztHm6s0M0RE8amcbksUpicBKp7TdN2T3dEMrctV%2B26AwAxv5dgoH%2BwAvE2CItojgw%2Bz77ixOBvwj%2BKOWsHu4a8ghhBF5khghqYJjLGZnPCEFgYFmsTDij5s5e6uDi6UzyUJItBo94DgPBBJdzxRtRVhWuwwc3F7b2GjpHbo%2BODtoC8uEtOu7TNWKlt0qo8Wa9bQqhaIpK4Sq61WdZuUZQ6Lb64Y8533XlarMabqCFS066GgFpaT9upaVLNc56%2FNZijjBrcUgbGgIS9msX1NWPWUVPx0WF3nxm0S%2FLiGyU4hzrBb5ObaGTN5yJ1Ajt8IA8iD54%2Fb%2Bjs9SPnoXnHQDac8p8wXooxvnjQhfe08vWtF%2BkXKwQYf3T%2Byv7eLSIGlPsnMp%2FKMVjiP%2FV9jz7udrfnj7AX6T%2FL9l%2B3H9%2FDXavw%3D%3D&RelayState=H4sIAAAAAAAAAD2RXZOaMBiF_0uuDUJCQvBOd9nVZa12_dq103FCCIJIiBD8oNP_3vSivcrJm-ecOfPmF-BgBLoWSt4a6B02yxvO75FswAAk9mU9_9itdN2YFj7Lqx0KO_RleylNGRJOKoYaHVKuThVuSm2B1AK5MbodDYepR5Pi0p5KrbSRjjjXXZo1tTKOkmZoYWlhUafSyszK1Xj-buURjH6AWktVpPbGb60j6qMqTO20hT2V07WycXhaFQr8HIDcOhee_3Z6i6Onx5JRXd6XpZsH32IcZrTXSFwhymxUYcm613vTrJ4el3f1fDmOzwFK15_fJ10S-Ucob4t4Z9oc3qswso7T31aIUCtLKzHcfbWqeA0n58YLNy_G45rQbh9_mMZbqGmfr4lYkDDaHR7okNV3reUEzzf78SSh-sHxgZ0Qmm-K2Qq_7qe34LILWfcZKIZlvm285dv2Fu_nq2VPUf0B4zHc55t2tTUv59Ad-_3xPZj0KtiK5bH5mq-r0ttQ7O8mT74qoiieTbsZo_fTvZndbOOzbVxxAVN5dXhncuf_Pzu84n2t_q1V1JXFKzDyaOgSylCIBkCDUcbPrRyAxuZ4mS_chCaQUeJCH2cpTITEkBGGKHaZF2TMZhiLHnCWJCQlGLpUUugn0rokETALQsEECTDKMPj9B569a3p7AgAA.H4sIAAAAAAAAAAvS7ozTPbxnq-Sy-PMObUXRiiKqm-3KvgZ-e7W_Yof-9vUAHTVcaiAAAAA.4
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cognito-request-id
1f4c0b6b-8650-43fd-bce3-8582630817f8
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
replay
session-replay.browser-intake-us5-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Abeacon%2Cenv%3Adev%2Cservice%3Amatch-admin-console&dd-api-key=pubb8298bd90c90cdcf0f01096e9539fcb8&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=0815efd3-9577-4d42-935a-be4b3c2f623f
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryMo1ACJsSj5GAN5fZ

Response headers
641c80e7ace8a9138732e0fa
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/641c80e7ace8a9138732e0fa
Requested by
Host: mac.internal.dev.tgl.tmrwsg.com
URL: https://mac.internal.dev.tgl.tmrwsg.com/assets/index-79be408d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.145.86.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-86-201.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mac.internal.dev.tgl.tmrwsg.com/
X-LaunchDarkly-Payload-ID
1ce0af40-2d73-11ee-97f6-fbbe7316bbf4
X-LaunchDarkly-Event-Schema
4
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Jul 2023 18:18:12 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
641c80e7ace8a9138732e0fa
events.launchdarkly.com/events/bulk/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/641c80e7ace8a9138732e0fa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.145.86.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-86-201.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://mac.internal.dev.tgl.tmrwsg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 28 Jul 2023 18:18:12 GMT
strict-transport-security
max-age=31536000
BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msauth.net
URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
mac.internal.dev.tgl.tmrwsg.com/ Name: _dd_s
Value: rum=1&id=1773c6df-145b-4aa1-954b-ce33d9478ba9&created=1690568288462&expire=1690569188462