Submitted URL: https://users-qa.pro-nonprod.govteams.gov.au/
Effective URL: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-...
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from AU

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 20 HTTP transactions. The main IP is 20.190.151.70, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 14.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 22nd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 20.53.111.250 8075 (MICROSOFT...)
2 20.190.151.70 8075 (MICROSOFT...)
2 23.76.219.179 16625 (AKAMAI-AS)
2 42.99.140.170 4637 (ASN-TELST...)
1 152.199.39.242 15133 (EDGECAST)
7 13.107.213.70 8075 (MICROSOFT...)
1 20.190.151.69 8075 (MICROSOFT...)
2 152.199.40.61 15133 (EDGECAST)
20 9
Apex Domain
Subdomains
Transfer
7 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1003
277 KB
3 govteams.gov.au
users-qa.pro-nonprod.govteams.gov.au
1 MB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 4437
267 KB
2 akamaihd.net
spoprod-a.akamaihd.net — Cisco Umbrella Rank: 7895
23 KB
2 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2902
67 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 14
27 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 55
1 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1029
48 KB
20 8
Domain Requested by
7 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
3 users-qa.pro-nonprod.govteams.gov.au users-qa.pro-nonprod.govteams.gov.au
2 aadcdn.msauthimages.net
2 spoprod-a.akamaihd.net
2 static2.sharepointonline.com
2 login.microsoftonline.com users-qa.pro-nonprod.govteams.gov.au
aadcdn.msftauth.net
1 login.live.com login.microsoftonline.com
1 aadcdn.msftauth.net login.microsoftonline.com
20 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
users-dev.pro-nonprod.govteams.gov.au
R3
2023-05-25 -
2023-08-23
3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2023-05-22 -
2024-05-22
a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA
2022-09-19 -
2023-09-19
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2023-01-31 -
2024-01-31
a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA
2023-04-28 -
2024-04-28
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2023-07-06 -
2024-07-06
a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02
2023-03-08 -
2024-03-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true
Frame ID: D3233270130536DE5A78F1BA4C7B545F
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://users-qa.pro-nonprod.govteams.gov.au/ Page URL
  2. https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token... Page URL
  3. https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token... Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

1838 kB
Transfer

5601 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://users-qa.pro-nonprod.govteams.gov.au/ Page URL
  2. https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d Page URL
  3. https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
users-qa.pro-nonprod.govteams.gov.au/
566 B
2 KB
Document
General
Full URL
https://users-qa.pro-nonprod.govteams.gov.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.53.111.250 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40703a0d3b29f74f079b8f64e606a521ff9967873dff26167f03170230963f3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
495
Content-Security-Policy-Report-Only
default-src 'self' *.govteams.gov.au; script-src 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com www.google.com www.gstatic.com ajax.aspnetcdn.com 'unsafe-eval' *.azure.com; connect-src 'self' *.govteams.gov.au graph.microsoft.com *.azure.com; img-src 'self' data: blob: *.sharepointonline.com *.akamaihd.net *.office.net;; style-src 'self' 'unsafe-inline' *.sharepointonline.com *.fontawesome.com; base-uri 'self' *.fontawesome.com; form-action 'self' *.govteams.gov.au; font-src 'self' * data:; frame-src 'self' login.microsoftonline.com www.google.com; script-src-elem 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com www.google.com www.gstatic.com ajax.aspnetcdn.com *.azure.com; media-src 'self' data:; style-src-elem 'self' *.fontawesome.com 'unsafe-inline' *.sharepointonline.com data:; report-uri https://govteams.uriports.com/reports/report;
Content-Type
text/html
Date
Tue, 25 Jul 2023 00:04:26 GMT
ETag
"1d9612cd25e7236"
Last-Modified
Tue, 28 Mar 2023 04:21:52 GMT
Referrer-Policy
strict-origin
Request-Context
appId=cid-v1:985935b8-3701-4edd-82c6-e972c3e05250
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Public.8a046629.css
users-qa.pro-nonprod.govteams.gov.au/css/
192 KB
41 KB
Stylesheet
General
Full URL
https://users-qa.pro-nonprod.govteams.gov.au/css/Public.8a046629.css
Requested by
Host: users-qa.pro-nonprod.govteams.gov.au
URL: https://users-qa.pro-nonprod.govteams.gov.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.53.111.250 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
efc386440fc909ef6486ec763da29ff49d4c3a25b9f11a275097330aff6800f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://users-qa.pro-nonprod.govteams.gov.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 00:04:26 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 28 Mar 2023 04:21:52 GMT
ETag
"1d9612cd25c8f67"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Content-Security-Policy-Report-Only
default-src 'self' *.govteams.gov.au; script-src 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com www.google.com www.gstatic.com ajax.aspnetcdn.com 'unsafe-eval' *.azure.com; connect-src 'self' *.govteams.gov.au graph.microsoft.com *.azure.com; img-src 'self' data: blob: *.sharepointonline.com *.akamaihd.net *.office.net;; style-src 'self' 'unsafe-inline' *.sharepointonline.com *.fontawesome.com; base-uri 'self' *.fontawesome.com; form-action 'self' *.govteams.gov.au; font-src 'self' * data:; frame-src 'self' login.microsoftonline.com www.google.com; script-src-elem 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com www.google.com www.gstatic.com ajax.aspnetcdn.com *.azure.com; media-src 'self' data:; style-src-elem 'self' *.fontawesome.com 'unsafe-inline' *.sharepointonline.com data:; report-uri https://govteams.uriports.com/reports/report;
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:985935b8-3701-4edd-82c6-e972c3e05250
Public.97be7ce5.js
users-qa.pro-nonprod.govteams.gov.au/js/
4 MB
1 MB
Script
General
Full URL
https://users-qa.pro-nonprod.govteams.gov.au/js/Public.97be7ce5.js
Requested by
Host: users-qa.pro-nonprod.govteams.gov.au
URL: https://users-qa.pro-nonprod.govteams.gov.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.53.111.250 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
51eaaa537c81554b5e37374d3e7bd4b82b79472059f7104c7722d10c95572add
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://users-qa.pro-nonprod.govteams.gov.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 00:04:26 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 28 Mar 2023 04:21:52 GMT
ETag
"1d9612cd262d45e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Security-Policy-Report-Only
default-src 'self' *.govteams.gov.au; script-src 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com www.google.com www.gstatic.com ajax.aspnetcdn.com 'unsafe-eval' *.azure.com; connect-src 'self' *.govteams.gov.au graph.microsoft.com *.azure.com; img-src 'self' data: blob: *.sharepointonline.com *.akamaihd.net *.office.net;; style-src 'self' 'unsafe-inline' *.sharepointonline.com *.fontawesome.com; base-uri 'self' *.fontawesome.com; form-action 'self' *.govteams.gov.au; font-src 'self' * data:; frame-src 'self' login.microsoftonline.com www.google.com; script-src-elem 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com www.google.com www.gstatic.com ajax.aspnetcdn.com *.azure.com; media-src 'self' data:; style-src-elem 'self' *.fontawesome.com 'unsafe-inline' *.sharepointonline.com data:; report-uri https://govteams.uriports.com/reports/report;
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:985935b8-3701-4edd-82c6-e972c3e05250
authorize
login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/
20 KB
10 KB
Document
General
Full URL
https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d
Requested by
Host: users-qa.pro-nonprod.govteams.gov.au
URL: https://users-qa.pro-nonprod.govteams.gov.au/js/Public.97be7ce5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.70 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8794ea7f57de957eec55d462b91e269710143d6ebf3bd859cda4a58a89e21c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://users-qa.pro-nonprod.govteams.gov.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8882
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jul 2023 00:04:29 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.15811.7 - AUELR2 ProdSlices
x-ms-request-id
543d84fa-e8fa-4965-ab8d-e43eda2b2300
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
35 KB
36 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.219.179 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-219-179.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://users-qa.pro-nonprod.govteams.gov.au/
Origin
https://users-qa.pro-nonprod.govteams.gov.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:28 GMT
last-modified
Thu, 14 Jun 2018 15:58:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D5D20FB145CFD1
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
50ad6108-201e-0015-2596-c897a8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=27229125
x-ms-version
2009-09-19
content-length
36344
fabric-icons-5-f6de453a.woff
spoprod-a.akamaihd.net/files/fabric/assets/icons/
16 KB
16 KB
Font
General
Full URL
https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabric-icons-5-f6de453a.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.170 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-170.pacnet.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://users-qa.pro-nonprod.govteams.gov.au/
Origin
https://users-qa.pro-nonprod.govteams.gov.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:28 GMT
last-modified
Mon, 22 Jun 2020 16:25:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8DE9DABB5
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
ea9c9b80-701e-0008-3ef0-b79a14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30570550
x-ms-version
2009-09-19
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
16216
fabric-icons-a13498cf.woff
spoprod-a.akamaihd.net/files/fabric/assets/icons/
7 KB
7 KB
Font
General
Full URL
https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabric-icons-a13498cf.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.170 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-170.pacnet.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://users-qa.pro-nonprod.govteams.gov.au/
Origin
https://users-qa.pro-nonprod.govteams.gov.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
unused62
8096267
date
Tue, 25 Jul 2023 00:04:28 GMT
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6784
x-ms-lease-status
unlocked
last-modified
Mon, 22 Jun 2020 16:25:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8DFB8C4B6
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
9a6266bc-f01e-0090-0cce-60ba75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=25880449
x-ms-version
2009-09-19
timing-allow-origin
*
segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
31 KB
31 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.219.179 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-219-179.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://users-qa.pro-nonprod.govteams.gov.au/
Origin
https://users-qa.pro-nonprod.govteams.gov.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:28 GMT
last-modified
Mon, 22 Jun 2020 16:25:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8EA13B786
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
86c1f664-101e-001e-2296-c86cc3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=27229128
x-ms-version
2009-09-19
content-length
31824
BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/
135 KB
48 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7AF) /
Resource Hash
b9971c126e784f8ebd1c49e506bdae14af53c240928cb9ae615f5a0908d9d296

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:30 GMT
content-encoding
gzip
content-md5
bv6E9btC0YG9X7/vcx+/ag==
age
2171565
x-cache
HIT
content-length
48709
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 03:12:13 GMT
server
ECAcc (nwa/E7AF)
etag
0x8DB7785785D977F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6feb88d2-801e-0084-3dcb-aacd6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/
39 KB
17 KB
Document
General
Full URL
https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.70 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4591c4d634d36943fe97383e864ccf93a13ed3eb8eb7971b5e844be811159a52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15343
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jul 2023 00:04:31 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.15868.6 - AUSELR1 ProdSlices
x-ms-request-id
729eb01c-a7e8-434a-bebe-ac365c4c0100
converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/
108 KB
20 KB
Stylesheet
General
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:31 GMT
content-encoding
gzip
content-md5
51nXYTkRfeACFNqVw7bA7Q==
x-cache
TCP_HIT
content-length
20105
x-ms-lease-status
unlocked
last-modified
Wed, 17 May 2023 19:54:03 GMT
etag
0x8DB5710770A6D5D
x-azure-ref
0kBG/ZAAAAACTc/4SXuy2R7T44xDTmf0yU1lEMDNFREdFMTgyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d9e80161-101e-009e-27b1-b97219000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ConvergedLogin_PCore_Yr2W_ca6qSA3cxe3HgqLFw2.js
aadcdn.msauth.net/shared/1.0/content/js/
412 KB
114 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Yr2W_ca6qSA3cxe3HgqLFw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08fdd343954fac22aa0f81d28032af0cededf37a942ab0dedd5f0400f9342301

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:31 GMT
content-encoding
gzip
content-md5
snuKaovbNISO69nbIbGCMg==
x-cache
TCP_HIT
content-length
116548
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 03:12:46 GMT
etag
0x8DB77858BED257A
x-azure-ref
0kBG/ZAAAAADZor3s6cirSK+gTujW/zarU1lEMDNFREdFMTgyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
02fbb513-c01e-0023-2cb1-b9db46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_zrspqvfkkfzwifqf_ppbrg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/
49 KB
14 KB
Script
General
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_zrspqvfkkfzwifqf_ppbrg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2c06d8be08b400717b354ef573904222ab39aa26a578745ccd0a4c617ce280b3

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:31 GMT
content-encoding
gzip
content-md5
3kYC/BFvllaJ8q8QYmfF9w==
x-cache
TCP_HIT
content-length
14529
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jun 2023 07:28:04 GMT
etag
0x8DB6D720EE3C482
x-azure-ref
0kBG/ZAAAAABVLBGG9K7xSpo56ppY/dbyU1lEMDNFREdFMTgyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
04e2bf1d-b01e-0000-6efc-ba3773000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/502d56e9-1ca1-4f9a-ad6e-c836ce937d6e/oauth2/authorize?response_type=id_token&client_id=9e4618f7-7eb1-49b7-8bac-94f83cd50dd5&redirect_uri=https%3A%2F%2Fusers-qa.pro-nonprod.govteams.gov.au%2F&state=4dfebb83-21dc-4eaf-908b-a0d20cad366f&client-request-id=d05edf81-d977-47f2-8a46-4966378195d3&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=40c1a90e-e78e-4ccc-b090-56d9c74c434d&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.69 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/
186 KB
60 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Yr2W_ca6qSA3cxe3HgqLFw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:32 GMT
content-encoding
gzip
content-md5
wegr9xrdYirQ87+FcvY0/A==
x-cache
TCP_HIT
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:47 GMT
etag
0x8DB5D44A8CEE4F4
x-azure-ref
0kBG/ZAAAAAAVyxZaFsahQ4Fa8CFelftfU1lEMDNFREdFMTgyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
76796b49-b01e-0068-5488-b92d40000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/
107 KB
32 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Yr2W_ca6qSA3cxe3HgqLFw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:33 GMT
content-encoding
gzip
content-md5
2bI1Berv2EWLfhOTg8ynrg==
x-cache
TCP_HIT
content-length
32254
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jun 2023 17:22:22 GMT
etag
0x8DB6C32C003B3FA
x-azure-ref
0kRG/ZAAAAABpye4j1Gc0QabujdC5e7hQU1lEMDNFREdFMTgyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6e7bc640-201e-0095-181f-bb570e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/81d6b03a-dshg6khm37v7j-z4futghglugyaemhqnfdkkdyq79k8/logintenantbranding/0/
261 KB
261 KB
Image
General
Full URL
https://aadcdn.msauthimages.net/81d6b03a-dshg6khm37v7j-z4futghglugyaemhqnfdkkdyq79k8/logintenantbranding/0/illustration?ts=637619973193680889
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.40.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7A7) /
Resource Hash
f94064f8a584abca9fa65e2b60a2d505009ab53efcf73e809d5eaf9bad7b99bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:33 GMT
content-md5
hy1BFsc8cmPyW6Wr6vdsmQ==
age
81767
x-cache
HIT
content-length
266792
x-ms-lease-status
unlocked
last-modified
Fri, 16 Jul 2021 01:55:19 GMT
server
ECAcc (nwa/E7A7)
etag
0x8D947FCC41F661E
content-type
image/*
access-control-allow-origin
https://login.microsoftonline.com
x-ms-request-id
a5c4cc04-f01e-0053-5ccd-bdf5e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msauthimages.net/81d6b03a-dshg6khm37v7j-z4futghglugyaemhqnfdkkdyq79k8/logintenantbranding/0/
6 KB
6 KB
Image
General
Full URL
https://aadcdn.msauthimages.net/81d6b03a-dshg6khm37v7j-z4futghglugyaemhqnfdkkdyq79k8/logintenantbranding/0/bannerlogo?ts=637619973200569564
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.40.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E794) /
Resource Hash
1ad0d2e094d1ea505210e1d8a4efa559d7b2626f64086c2795271a3884d812fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:33 GMT
last-modified
Fri, 16 Jul 2021 01:55:20 GMT
server
ECAcc (nwa/E794)
content-md5
hqdvJMU/tPOmsCawdz21Fw==
age
81767
etag
0x8D947FCC47D4E5A
x-cache
HIT
content-type
image/*
x-ms-request-id
f2de6b7a-601e-000c-35cd-bd41d8000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
6058
convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/
111 KB
35 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Yr2W_ca6qSA3cxe3HgqLFw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:33 GMT
content-encoding
gzip
content-md5
Adc2Toi5EeUeXRIO4fBe3g==
x-cache
TCP_HIT
content-length
35820
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jun 2023 17:22:24 GMT
etag
0x8DB6C32C0B49A7E
x-azure-ref
0kRG/ZAAAAABfZohnH7rIS4DSsk1TsYgkU1lEMDNFREdFMTgyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
31b2d247-601e-0005-1c2a-bbb079000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/
2 KB
876 B
Image
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Jul 2023 00:04:33 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F49ED96E0
x-azure-ref
0kRG/ZAAAAAByv6gtCtZtRolElvHJirzSU1lEMDNFREdFMTgyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
401fad46-501e-0032-0351-be4066000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1 boolean| __convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13

11 Cookies

Domain/Path Name / Value
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AWYA6VYtUKEcmk-tbsg2zpN9bvcYRp6xfrdJi6yU-DzVDdVmAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrvf-iJJlNjuQKmc76EwhyPwCeSqdSy9DohsGJhxeri1elahY-F8Rljf2Aj0FzZqU8AJ7Doq1W7UXe8b7UdiPo154o8XReXmYy-wQFKldMkWggAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrZ_WwTf73u5gTrRw3WZ7itOhc9NgEouKz2UubHYx53bapbOSkrDfmFxxKzAlCnRD0iafKrz2L1zsbmSmTkRpO-J4Ia2S-6plK6P3TcJtNjyeRL4T8jTS1fk6zKdSBM1HvBqz0zEiTMeOl47BcP9D5hP2sUrg1K3c5FAlIDDPgZrkqJa8lz474lbak1ifWfYlZcA4AMbphcc7Qm3QRo6v7XE6_S-4JNewlrAIBs0SlK_ogAA
login.microsoftonline.com/ Name: fpc
Value: AgB1PITftTRAteUige_RUqVbOJz8AQAAAI4IUdwOAAAA
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: fe36a3f5-9f15-4e7b-8900-4e877c12f6b8
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 5dc9e5c12cd74b2bb4c2ddaa3af27f6d
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1690243473&co=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains