urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:c8::9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pedro.buzzeasy.com/
Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3...
Submission: On June 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2603:1026:3000:c8::9, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 20.60.246.196 8075 (MICROSOFT...)
2 3 20.105.88.92 8075 (MICROSOFT...)
2 2603:1026:300... 8075 (MICROSOFT...)
13 2606:2800:233... 15133 (EDGECAST)
1 40.126.31.67 8075 (MICROSOFT...)
1 20.190.159.4 8075 (MICROSOFT...)
34 7
15    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pedro.buzzeasy.com
1    20.60.246.196 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
buzzeasyagentuiqa.blob.core.windows.net
3    20.105.88.92 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
geoauth-qa.geomant.cloud
2    2603:1026:3000:c8::9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
13    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    40.126.31.67 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    20.190.159.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Apex Domain
Subdomains		 Transfer
15 buzzeasy.com
pedro.buzzeasy.com
2 MB
13 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1089
326 KB
3 geomant.cloud
geoauth-qa.geomant.cloud
5 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 67
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
27 KB
1 windows.net
buzzeasyagentuiqa.blob.core.windows.net
709 B
34 6
Domain Requested by
15 pedro.buzzeasy.com pedro.buzzeasy.com
13 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
3 geoauth-qa.geomant.cloud 2 redirects pedro.buzzeasy.com
2 login.live.com login.microsoftonline.com
aadcdn.msftauth.net
2 login.microsoftonline.com pedro.buzzeasy.com
aadcdn.msftauth.net
1 buzzeasyagentuiqa.blob.core.windows.net pedro.buzzeasy.com
34 6

This site contains links to these domains. Also see Links.

Domain
login.live.com
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
pedro.buzzeasy.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-08		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-04-12 -
2025-04-07		 a year crt.sh
*.geomant.cloud
R3		 2024-04-20 -
2024-07-19		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-05-27 -
2025-05-27		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Frame ID: A5A932D398F7EDCC5E1786C1FE7BA952
Requests: 33 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 2F8EDE8F07DED86A8D23D3C74B8B59CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://pedro.buzzeasy.com/ Page URL
  2. https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedr... HTTP 302
    https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzz... HTTP 302
    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&... Page URL
  3. https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&... Page URL

Page Statistics

34
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1982 kB
Transfer

5533 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pedro.buzzeasy.com/ Page URL
  2. https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedro.buzzeasy.com%2F&response_type=code&scope=openid+profile+email+phone&state=99c89e05a97648c6b375112504c5d808&code_challenge=Roj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY&code_challenge_method=S256&response_mode=query&acr_values=idp%3Aaad.oidc HTTP 302
    https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzzeasy-agentui%26redirect_uri%3Dhttps%253A%252F%252Fpedro.buzzeasy.com%252F%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%2520phone%26state%3D99c89e05a97648c6b375112504c5d808%26code_challenge%3DRoj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Aaad.oidc HTTP 302
    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0 Page URL
  3. https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedro.buzzeasy.com%2F&response_type=code&scope=openid+profile+email+phone&state=99c89e05a97648c6b375112504c5d808&code_challenge=Roj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY&code_challenge_method=S256&response_mode=query&acr_values=idp%3Aaad.oidc HTTP 302
  • https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzzeasy-agentui%26redirect_uri%3Dhttps%253A%252F%252Fpedro.buzzeasy.com%252F%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%2520phone%26state%3D99c89e05a97648c6b375112504c5d808%26code_challenge%3DRoj4I0G3UA8tNdVCERAE4q7eBYRTZQIUGr3ddS3TVBY%26code_challenge_method%3DS256%26response_mode%3Dquery%26acr_values%3Didp%253Aaad.oidc HTTP 302
  • https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pedro.buzzeasy.com/ 		1 KB
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4359dcdbb96db103aa5576f35629d5a3c4a6ba80ff4b96f9c33c3dc7f02cb278

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 09 Jun 2024 17:04:34 GMT
etag
W/"0x8DC86CA8D681DA8"
last-modified
Fri, 07 Jun 2024 08:19:29 GMT
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hf9
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
71088339
x-ms-request-id
e984c428-901e-0078-3f8f-baf1e7000000
x-ms-version
2018-03-28
index.css
pedro.buzzeasy.com/ 		166 B
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/index.css
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c82cde4ccce49c7f96e9935186de8efd8840e37e2d5b9f51114f6db7a83b9c0c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
last-modified
Fri, 07 Jun 2024 08:19:29 GMT
etag
"0x8DC86CA8D749EF7"
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hgu
x-cache
TCP_MISS
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9fec0f18-701e-0050-548f-ba8658000000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
accept-ranges
bytes
content-length
166
configuration.js
pedro.buzzeasy.com/ 		334 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/configuration.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
005d4dc734921543c6e001977ccf6843d978852416bdda73f0cc02e608a770a1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
last-modified
Fri, 07 Jun 2024 08:19:29 GMT
etag
"0x8DC86CA8D7B069E"
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hgz
x-cache
TCP_MISS
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e984c461-901e-0078-6f8f-baf1e7000000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
accept-ranges
bytes
content-length
334
main-D0quAZSV.js
pedro.buzzeasy.com/assets/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/main-D0quAZSV.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
46d053e6b4ab84bd1c8a179dd4519da1cbf394207037253baca4ed945dcde527

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:31 GMT
etag
W/"0x8DC86CA8E9C0328"
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hgv
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
af0fda7d-801e-0028-7a8f-baeeef000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
useTranslation-DUywjPnJ.js
pedro.buzzeasy.com/assets/ 		310 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/useTranslation-DUywjPnJ.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e93303eb3fa5ca223f198b17f1b92e8368aaf3d986f7b9695059e2555cd0dcf9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:30 GMT
etag
W/"0x8DC86CA8E1F92A8"
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hgw
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
af0fda87-801e-0028-048f-baeeef000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
i18next-BIll90s5.js
pedro.buzzeasy.com/assets/ 		215 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/i18next-BIll90s5.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f154944bb0ccf7a06c0f5772ec0812b91b65ca64572ac716a8c198b933679bdf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:30 GMT
etag
W/"0x8DC86CA8E349E1E"
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hgx
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e984c45f-901e-0078-6d8f-baf1e7000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
CenterContent-C1psah9S.js
pedro.buzzeasy.com/assets/ 		919 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/CenterContent-C1psah9S.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0316061656cb245fdc388ba35f17188b4717c8a3635f4705a467eec971494053

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
last-modified
Fri, 07 Jun 2024 08:19:31 GMT
etag
"0x8DC86CA8EA0484B"
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hgy
x-cache
TCP_MISS
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
af0fda81-801e-0028-7e8f-baeeef000000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
accept-ranges
bytes
content-length
919
extensions-HnHIZori.js
pedro.buzzeasy.com/assets/ 		126 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/extensions-HnHIZori.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31255776b2ffd83b971ac97ae52f69be8ea369dbfaeff42a7004bc4231e2312d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:31 GMT
etag
W/"0x8DC86CA8E8EE5C9"
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
03b483f1-701e-0014-1e8f-ba5a34000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
index-BFPLXnTm.js
pedro.buzzeasy.com/assets/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/index-BFPLXnTm.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a597190a993aa0189a529ec1719ac48f93a0cc61c4215fa0f99cc5d5c351e85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:30 GMT
etag
W/"0x8DC86CA8E0F4170"
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
03b483f2-701e-0014-1f8f-ba5a34000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
AuthProvider-BJlOzhtC.js
pedro.buzzeasy.com/assets/ 		199 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/AuthProvider-BJlOzhtC.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d4e8553eb097766c70436fc66396ca29a1427f864d56fce985638f38741596c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:31 GMT
etag
W/"0x8DC86CA8EA74C21"
vary
Accept-Encoding
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9fec0f19-701e-0050-558f-ba8658000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
useForceUpdate-CZ_jML9b.js
pedro.buzzeasy.com/assets/ 		120 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/useForceUpdate-CZ_jML9b.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f797469ab6a7eac6a66fc38d21f38ab7f0edc663b5c4cc4072d9ad66b6f6049

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
last-modified
Fri, 07 Jun 2024 08:19:30 GMT
etag
"0x8DC86CA8E38BC43"
x-azure-ref
20240609T170434Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh3
x-cache
TCP_MISS
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9fec0f16-701e-0050-528f-ba8658000000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
accept-ranges
bytes
content-length
120
AntDesignAppProvider-BYqqi-HH.js
pedro.buzzeasy.com/assets/ 		151 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/AntDesignAppProvider-BYqqi-HH.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9a7e09337c7eaa0d7159a76f54f45884ef8c10490f28d7bb1dec161d4d04846

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:31 GMT
etag
W/"0x8DC86CA8E8A2B89"
vary
Accept-Encoding
x-azure-ref
20240609T170435Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
af0fda91-801e-0028-0d8f-baeeef000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
index-CYtPq5Yx.js
pedro.buzzeasy.com/assets/ 		228 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/index-CYtPq5Yx.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c411971990cade07d9f6f4994a3d24c00a918e5297f58838d26b4890bac4c721

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:30 GMT
etag
W/"0x8DC86CA8E2D2530"
vary
Accept-Encoding
x-azure-ref
20240609T170435Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e984c46b-901e-0078-798f-baf1e7000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
IdleAndBreakInfo-fh073N8i.js
pedro.buzzeasy.com/assets/ 		3 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/assets/IdleAndBreakInfo-fh073N8i.js
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bec4432f9122421b8aa36a9f6e2e74afd2befb2fdf35ccc5a20f8c7dfba7d20e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Origin
https://pedro.buzzeasy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:31 GMT
etag
W/"0x8DC86CA8E82647C"
vary
Accept-Encoding
x-azure-ref
20240609T170435Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hh8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f36b4483-601e-0000-5a8f-ba9950000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
pedro.buzzeasy.com.json
buzzeasyagentuiqa.blob.core.windows.net/themes/ 		267 B
709 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://buzzeasyagentuiqa.blob.core.windows.net/themes/pedro.buzzeasy.com.json
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/assets/extensions-HnHIZori.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.246.196 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2542f7fb5455a138fcd45061343931f411b0eff9decc24e7e88e1d5283690584

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 09 Jun 2024 17:04:35 GMT
Last-Modified
Tue, 14 May 2024 12:03:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
yo9jN807AZXVoZrEef6xKQ==
ETag
0x8DC740DE063B95F
Content-Type
application/json
Access-Control-Allow-Origin
*
x-ms-request-id
b78c0f11-f01e-004a-168f-baa937000000
x-ms-version
2009-09-19
Content-Length
267
favicon.svg
pedro.buzzeasy.com/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pedro.buzzeasy.com/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fa7e1ecc5739bbe1d0792489023edc6d484b9cf28e7423d4cd73fdfd2093439

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pedro.buzzeasy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 08:19:29 GMT
etag
W/"0x8DC86CA8D6C14B2"
vary
Accept-Encoding
x-azure-ref
20240609T170435Z-16577d9575d7f6xb79un0dwtsw00000009ng000000019hkp
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09252e0d-b01e-0064-268f-ba29f0000000
x-cache
TCP_MISS
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
71088339
openid-configuration
geoauth-qa.geomant.cloud/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoauth-qa.geomant.cloud/.well-known/openid-configuration
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/assets/AuthProvider-BJlOzhtC.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.105.88.92 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
twentyone /
Resource Hash
befd325a8edac9052f14eca910cd1f999635ef29bc12452a07cd2f7171596be9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI=' 'sha256-orD0/VhH8hLqrLxKHD/HUEMdwqX6/0ve7c5hspX5VJ8='
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/jwk-set+json, application/json
Referer
https://pedro.buzzeasy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 17:04:35 GMT
content-security-policy
default-src 'self'; script-src 'self' 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI=' 'sha256-orD0/VhH8hLqrLxKHD/HUEMdwqX6/0ve7c5hspX5VJ8='
x-content-type-options
nosniff
server
twentyone
transfer-encoding
chunked
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pedro.buzzeasy.com
request-context
appId=cid-v1:8c28e4ec-1e87-4591-94e8-d8fd4ebb3aec
authorize
login.microsoftonline.com/common/oauth2/v2.0/
Redirect Chain
  • https://geoauth-qa.geomant.cloud/connect/authorize?client_id=buzzeasy-agentui&redirect_uri=https%3A%2F%2Fpedro.buzzeasy.com%2F&response_type=code&scope=openid+profile+email+phone&state=99c89e05a976...
  • https://geoauth-qa.geomant.cloud/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbuzzeasy-agentui%26redirect_uri%3Dhttps%253A%252F%252Fpedro.buzzeasy.com%252F%26response_typ...
  • https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=cod...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0
Requested by
Host: pedro.buzzeasy.com
URL: https://pedro.buzzeasy.com/assets/AuthProvider-BJlOzhtC.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:c8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
efa537593f7ac65d20256f56427e32c156a1547cbf332815f4da0e54f0bcdf45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pedro.buzzeasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8595
Content-Type
text/html; charset=utf-8
Date
Sun, 09 Jun 2024 17:04:36 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.18261.3 - WEULR1 ProdSlices
x-ms-request-id
6c3fe2d9-a9f8-4b8d-91e9-5bb8419d7500
x-ms-srs
1.P

Redirect headers

content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI=' 'sha256-orD0/VhH8hLqrLxKHD/HUEMdwqX6/0ve7c5hspX5VJ8='
date
Sun, 09 Jun 2024 17:04:36 GMT
location
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0
request-context
appId=cid-v1:8c28e4ec-1e87-4591-94e8-d8fd4ebb3aec
server
twentyone
x-content-type-options
nosniff
BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE4) /
Resource Hash
3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:37 GMT
content-encoding
gzip
content-md5
cPQeKCUJbAEJwW4VWTtIpw==
age
3456369
x-cache
HIT
content-length
49700
x-ms-lease-status
unlocked
last-modified
Mon, 29 Apr 2024 17:13:52 GMT
server
ECAcc (frc/4CE4)
etag
0x8DC686FBE54D2B6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
97addd69-b01e-001c-7b1f-9b1e1d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.com/common/oauth2/v2.0/ 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:c8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86b399e33c31e114025af4c623913cf58cff7ce2729e635bbe8e2f2de5db9405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
15507
Content-Type
text/html; charset=utf-8
Date
Sun, 09 Jun 2024 17:04:37 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.18216.5 - FRC ProdSlices
x-ms-request-id
7c8b276d-b5a0-41d7-8683-f3a4c65e5f00
x-ms-srs
1.P
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8E) /
Resource Hash
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:37 GMT
content-encoding
gzip
content-md5
Xt+D0D6ntnvS81Ry5DXRfg==
age
1718061
x-cache
HIT
content-length
20390
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 00:59:03 GMT
server
ECAcc (frc/4C8E)
etag
0x8DC7543615A617D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
20adcbed-001e-005b-2dee-aa1c02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		436 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCE) /
Resource Hash
d8b0fed6144f0c0fd14e2b788389d772f425374b104043a02fc73c69c3770f69

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:37 GMT
content-encoding
gzip
content-md5
PFFfIlM84xzUqvftyKDWnA==
age
1717964
x-cache
HIT
content-length
121582
x-ms-lease-status
unlocked
last-modified
Wed, 15 May 2024 20:44:37 GMT
server
ECAcc (frc/4CCE)
etag
0x8DC751FD64BB581
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b0626ab3-801e-00af-7aef-aa155f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_3dydi2elnbeygkwjiyb5qw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_3dydi2elnbeygkwjiyb5qw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8B) /
Resource Hash
b276515cb8ba565056ffc0c55b9fb8130ed169d1bdc7225fbced902de0368a32

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:37 GMT
content-encoding
gzip
content-md5
IP656ye9JZFDRZrYD/7+Iw==
age
1683618
x-cache
HIT
content-length
17577
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 01:00:46 GMT
server
ECAcc (frc/4C8B)
etag
0x8DC75439E8489AA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
72430d71-701e-00fc-413f-ab0b6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.67 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C84) /
Resource Hash
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-encoding
gzip
content-md5
P5ihddUjL2Zb7/wjNS1xdg==
age
5833829
x-cache
HIT
content-length
54318
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:23:30 GMT
server
ECAcc (frc/4C84)
etag
0x8DC4F6D50F3D2E7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0d451fae-201e-00dd-7d80-85b15b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
6701037
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
server
ECAcc (frc/4CBA)
etag
0x8D8731240E548EB
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
debb0496-801e-00bf-299d-7da57d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF5) /
Resource Hash
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-encoding
gzip
content-md5
NuzanQiiHb2/rc4qm18OGQ==
age
5819372
x-cache
HIT
content-length
5515
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:23:32 GMT
server
ECAcc (frc/4CF5)
etag
0x8DC4F6D51B11E63
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5c855eba-301e-0050-19a1-853915000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDE) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
6701038
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4CDE)
etag
0x8DB5C3F4982FD30
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
08f58f55-a01e-00e9-639d-7d3c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D04) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
6700937
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4D04)
etag
0x8DB5C3F492F3EE5
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
b6e17d00-601e-00a1-2e9d-7db742000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
6701080
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (frc/4CBF)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
920c4446-a01e-00e9-709c-7d3c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
6701117
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frc/4C94)
etag
0x8DB5C3F495F4B8C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f2ff5853-201e-0065-619c-7d9f0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ Frame 2F8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=315360000
Content-Encoding
gzip
Content-Length
1132
Content-Type
text/html; charset=utf-8
Date
Sun, 09 Jun 2024 17:04:38 GMT
Expires
Wed, 07 Jun 2034 17:04:38 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF0001DA40 V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
833b20f6-53e4-4c4f-a4df-ec8de7690012
x-ms-route-info
C559_BL2
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_di4DzSSDi_CmjsEJgCTpgg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9C) /
Resource Hash
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-encoding
gzip
content-md5
/PcUcu/J5hSxDf1JmAX3KQ==
age
5833828
x-cache
HIT
content-length
35807
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:23:33 GMT
server
ECAcc (frc/4C9C)
etag
0x8DC4F6D5254E400
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
af16a545-201e-00b5-6680-85ab68000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 17:04:38 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
6701079
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frc/4CA2)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cc0763e7-101e-0082-0a9c-7d5b77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8

14 Cookies

Domain/Path Name / Value
geoauth-qa.geomant.cloud/signin-oidc-aad Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Fq75u2LXdZGp2UHUBA9_WTcXxHiqpcOJ8JZHV2BgzvMr56cKiFtJ40CWij0E8YI_iF54yChzEmw-YvmGUHDkF7YBuvw2-29zpa7aBn1UUby6BQF9oBpPRW3RkstWY-x5Tdv_I70wM0xYYYIcgCSimRnXQ8YUgrp0_9oyh17U2tD__zek64KQZqDtFG2zuvtF7AnUp1ECrw-oVVOs-A9SCuxCQEJQog55AblsFUj7wnLUxFYWMD4dOMn1tlDo4uXUiMY3lUc-JGbXAgQOzVGagI
Value: N
geoauth-qa.geomant.cloud/signin-oidc-aad Name: .AspNetCore.Correlation.siUawK4sz8pfmMwnxk-tR-ZvpPU6VD8qG69s6ytvp-Q
Value: N
.login.microsoftonline.com/ Name: esctx-x9LTF6nAnA
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8ykf70oCPqgjGRq-ZyESMIagItIwNB7EN8733eUEBBVF_6nApmByg2jVTApXf3ZqXAsZb6uR5WraQRzEdHMHt9Rr66tu3VQpFNq0Mc4OXNnhPQFs68PO0_mY2Yr8NZhrODhn38lxSYMqGzEe4QCag8iAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AV8AWNTRDkeMtEiwuCFJcWgMJ523gRv_EBRGgcxaw9xkpAwPAQA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8hnViZ5oBX_QZVgnT1t9kgZ9FdTxgrArxNH1tUBd2JtYtYbZP0atCEn9i8ev4WQHFduwhkWCKrUEzu2muc5kRK1yqm6T1M7m1zBlExPVIln0gAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8efHxS_z9l7VCfcexZ9SOvxgMlYxis73EYzfjyjx7EiwDtVeavzHioqTuIcDGrdDrsytRHeQND8ExzD9sGrPzGrdSBHTC51A-qA3PUoCj9V_eAudO-LtPPmCSSDllhDAlEid8CZXHsQp_nHAAQEAX1wqcuoOkBRp3i0NaXasgXVsgAA
.login.microsoftonline.com/ Name: esctx-ipxTVGxnkw
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8t16Gz9iovj1CODyrFyHReR_dP8jFYOhe8DLkWV00sJug0BvT6cvV-bJirEsTUQgpdGcAJr9Sla9vvxSHugcQx9RJTxd7oEaivIp_toI3-MTRq60CbG91wxs7_jmFtx4Wj30-5fsEIjS9_5c-CTKYiCAA
login.microsoftonline.com/ Name: fpc
Value: AoEQ1RxRQGlNqE2ja8Es7cqmHR6hAQAAAKTX990OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1717952678&co=1
.login.live.com/ Name: uaid
Value: dc03ca3371b546bf925519591c9d6700

5 Console Messages

Source Level URL
Text
other warning URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=1b81b79d-10ff-4614-81cc-5ac3dc64a40c&redirect_uri=https%3A%2F%2Fgeoauth-qa.geomant.cloud%2Fsignin-oidc-aad&response_type=code&scope=openid%20profile%20email%20offline_access%20User.Read.All%20Presence.Read.All&code_challenge=rl8BgpuHW-zlGgpnEkxm1OIRFpjjWMVyINBW6UHNnRM&code_challenge_method=S256&response_mode=form_post&nonce=638535494770375191.ZThkYjI0YTAtMjQ5ZC00M2I0LTgyZTEtYjdiNTQwZTllYTRiODBiNGZiMDMtMTc3Yy00NDkyLTlhYzMtMDE4NmNiODYwMWIx&state=CfDJ8Fq75u2LXdZGp2UHUBA9_WRXEsm3QaJlpPYBw8s9aL8a1T2tlJX7HIqrydTR_XMhBiIP8CjVnW3uhaZ6zreDkOHqPNnFhqU-gs1-SFI4Tfv5n-Me3mxlBEaCsiXKmuJN7Ozygry9aBkx_DcOMmV_EsKD3d7t2YyD5eLs2gZhJC5s&x-client-SKU=ID_NET6_0&x-client-ver=6.23.1.0&sso_reload=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
buzzeasyagentuiqa.blob.core.windows.net
geoauth-qa.geomant.cloud
login.live.com
login.microsoftonline.com
pedro.buzzeasy.com
20.105.88.92
20.190.159.4
20.60.246.196
2603:1026:3000:c8::9
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
40.126.31.67
005d4dc734921543c6e001977ccf6843d978852416bdda73f0cc02e608a770a1
0316061656cb245fdc388ba35f17188b4717c8a3635f4705a467eec971494053
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0d4e8553eb097766c70436fc66396ca29a1427f864d56fce985638f38741596c
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0fa7e1ecc5739bbe1d0792489023edc6d484b9cf28e7423d4cd73fdfd2093439
2542f7fb5455a138fcd45061343931f411b0eff9decc24e7e88e1d5283690584
31255776b2ffd83b971ac97ae52f69be8ea369dbfaeff42a7004bc4231e2312d
3332d913029f564f91b3ee85abb4fa444d8db0f97b346804088fa4b9da643f66
35afb11dab6edcbc989a25fe5cf19f5d8289499232b7ec775f318d8b8a5bbf78
4359dcdbb96db103aa5576f35629d5a3c4a6ba80ff4b96f9c33c3dc7f02cb278
46d053e6b4ab84bd1c8a179dd4519da1cbf394207037253baca4ed945dcde527
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
7a597190a993aa0189a529ec1719ac48f93a0cc61c4215fa0f99cc5d5c351e85
86b399e33c31e114025af4c623913cf58cff7ce2729e635bbe8e2f2de5db9405
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9f797469ab6a7eac6a66fc38d21f38ab7f0edc663b5c4cc4072d9ad66b6f6049
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b276515cb8ba565056ffc0c55b9fb8130ed169d1bdc7225fbced902de0368a32
bec4432f9122421b8aa36a9f6e2e74afd2befb2fdf35ccc5a20f8c7dfba7d20e
befd325a8edac9052f14eca910cd1f999635ef29bc12452a07cd2f7171596be9
c411971990cade07d9f6f4994a3d24c00a918e5297f58838d26b4890bac4c721
c82cde4ccce49c7f96e9935186de8efd8840e37e2d5b9f51114f6db7a83b9c0c
c9a7e09337c7eaa0d7159a76f54f45884ef8c10490f28d7bb1dec161d4d04846
d8b0fed6144f0c0fd14e2b788389d772f425374b104043a02fc73c69c3770f69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93303eb3fa5ca223f198b17f1b92e8368aaf3d986f7b9695059e2555cd0dcf9
efa537593f7ac65d20256f56427e32c156a1547cbf332815f4da0e54f0bcdf45
f154944bb0ccf7a06c0f5772ec0812b91b65ca64572ac716a8c198b933679bdf