login.microsoftonline.com Open in urlscan Pro
40.126.32.73  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Page URL
2. https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256 Page URL
3. https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response qa.mobilitylogbook.humanitarianbooking.wfp.org/	3 KB 2 KB	160ms 32ms	Document text/html	99.86.4.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-95.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 42ab9d02e245fc8344a9dfc6e2f5d5d41395312e49f4258c44448282082a613d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 12 content-encoding gzip content-type text/html date Thu, 23 Feb 2023 02:08:57 GMT etag W/"bff73f9b357c7c3e94686191b094bb32" last-modified Fri, 09 Sep 2022 08:51:15 GMT server AmazonS3 vary Accept-Encoding via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) x-amz-cf-id BnuDp4SN50vzbWF6-ASI3jmdqsHQK_PuCaRxTpPMv1pRThcCj-wQgw== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront
GET H2	200	css2 fonts.googleapis.com/	3 KB 1 KB	252ms 60ms	Stylesheet text/css	2a00:1450:400d:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans&display=swap Requested by Host: qa.mobilitylogbook.humanitarianbooking.wfp.org URL: https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 23 Feb 2023 02:09:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 23 Feb 2023 01:13:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Feb 2023 02:09:09 GMT
GET H2	200	2.71262aac.chunk.css qa.mobilitylogbook.humanitarianbooking.wfp.org/static/css/	559 KB 68 KB	140ms 139ms	Stylesheet text/css	99.86.4.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.mobilitylogbook.humanitarianbooking.wfp.org/static/css/2.71262aac.chunk.css Requested by Host: qa.mobilitylogbook.humanitarianbooking.wfp.org URL: https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-95.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:51:16 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag W/"dd5f3bf06889812c8f22f9d529f50ef5" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id JUBX1IkQ1VxgvpkzVqeKDJqLCNZiKJYSvkH_9sGwziRSBEyp6NUc0w==
GET H2	200	main.e75d8c37.chunk.css qa.mobilitylogbook.humanitarianbooking.wfp.org/static/css/	15 KB 4 KB	177ms 176ms	Stylesheet text/css	99.86.4.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.mobilitylogbook.humanitarianbooking.wfp.org/static/css/main.e75d8c37.chunk.css Requested by Host: qa.mobilitylogbook.humanitarianbooking.wfp.org URL: https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-95.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:51:16 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag W/"4738d1d629ab6e160fd0998f2bf24635" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-cf-id EH-_zktidApJhoPbmgGICH8QBE7y_LYb_bH-FVyn8enQFl4LrGLPfA==
GET H2	200	2.5ae11b65.chunk.js Show response qa.mobilitylogbook.humanitarianbooking.wfp.org/static/js/	712 KB 214 KB	45ms 44ms	Script application/javascript	99.86.4.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.mobilitylogbook.humanitarianbooking.wfp.org/static/js/2.5ae11b65.chunk.js Requested by Host: qa.mobilitylogbook.humanitarianbooking.wfp.org URL: https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-95.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 7f1160cc93056d409420ca17237ce5f4ce42159a96a6ced2606f0e375b040366 Request headers accept-language de-DE,de;q=0.9 Referer https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:51:17 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag W/"4e3ad41944379942dd2039edf93f677f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id MeDqWS8H7lBQXzCogXdlf-54QZa82UXf-JTG_vFnm1XUtjwfLTmNLQ==
GET H2	200	main.ee26e5b9.chunk.js Show response qa.mobilitylogbook.humanitarianbooking.wfp.org/static/js/	358 KB 137 KB	117ms 117ms	Script application/javascript	99.86.4.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.mobilitylogbook.humanitarianbooking.wfp.org/static/js/main.ee26e5b9.chunk.js Requested by Host: qa.mobilitylogbook.humanitarianbooking.wfp.org URL: https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-95.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash c7756402b5021f36bfecdafc32ccc12ec1ae1509293a7588e3a6cb2984a6a50b Request headers accept-language de-DE,de;q=0.9 Referer https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:51:18 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag W/"89b49c3a1d58bbe9c6aa231e47b9ced9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id EZ0Drjoy29LEuIjKH3OpG2oH_Dqr1q5bQihadq1H2fnsFm9Z943PvQ==
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET		/ qa.unbooking.org/secure/office/	0 0
GET		/ api.qa.ddo.unbooking.org/api/v1/facilities/null/mobility/logbook/drives/filter-data/	0 0
OPTIONS H2	200	/ api.qa.ddo.unbooking.org/api/v1/facilities/null/mobility/logbook/drives/filter-data/	0 0	330ms 46ms	Preflight text/html	54.171.45.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.qa.ddo.unbooking.org/api/v1/facilities/null/mobility/logbook/drives/filter-data/?to_do_drives=false&to_date=2023-02-28&from_date=2023-02-01 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.45.105 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-45-105.eu-west-1.compute.amazonaws.com Software gunicorn / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-subscription-token Access-Control-Request-Method GET Origin https://qa.mobilitylogbook.humanitarianbooking.wfp.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true content-length 0 content-type text/html; charset=utf-8 date Thu, 23 Feb 2023 02:09:10 GMT server gunicorn vary Origin
GET H/1.1	200 OK	authorize login.microsoftonline.com/common/oauth2/V2.0/	152 KB 55 KB	228ms 51ms	Document text/html	40.126.32.73 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256 Requested by Host: qa.mobilitylogbook.humanitarianbooking.wfp.org URL: https://qa.mobilitylogbook.humanitarianbooking.wfp.org/static/js/2.5ae11b65.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.32.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://qa.mobilitylogbook.humanitarianbooking.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache Content-Encoding gzip Content-Length 55157 Content-Type text/html; charset=utf-8 Date Thu, 23 Feb 2023 02:09:09 GMT Expires -1 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-XSS-Protection 0 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]} x-ms-ests-server 2.1.14649.20 - WEULR1 ProdSlices x-ms-request-id 858ae843-65a7-40e8-9d34-cea1af644100
GET H/1.1	200 OK	Primary Request authorize Show response login.microsoftonline.com/common/oauth2/V2.0/	198 KB 52 KB	173ms 173ms	Document text/html	40.126.32.73 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.32.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3611862a6024ae9d5bbb951c2c95f21c05488239a641dc735323ba5642d93a00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache Content-Encoding gzip Content-Length 51137 Content-Type text/html; charset=utf-8 Date Thu, 23 Feb 2023 02:09:09 GMT Expires -1 Link <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-DNS-Prefetch-Control on X-Frame-Options DENY X-XSS-Protection 0 nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]} x-ms-ests-server 2.1.14649.20 - NEULR1 ProdSlices x-ms-request-id 3275e18c-02fe-4d28-994b-3a14df711500
GET H2	200	ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js Show response aadcdn.msftauth.net/shared/1.0/content/js/	401 KB 112 KB	141ms 25ms	Script application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C8D) / Resource Hash b12e862a8e4489c99304a04d61f61b08995f47699811ab785f791374805f5f12 Request headers Referer https://login.microsoftonline.com/ Origin https://login.microsoftonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 hr0cDEuDmS74/sss2l7JXQ== age 1053309 x-cache HIT content-length 113908 x-ms-lease-status unlocked last-modified Fri, 10 Feb 2023 02:34:40 GMT server ECAcc (frc/4C8D) etag 0x8DB0B0F5C6BB5D5 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 04bb2c50-d01e-0027-3b97-3db818000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	Me.htm login.live.com/	0 0	345ms 118ms	Other text/html	40.126.32.69 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.live.com/Me.htm?v=3 Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.126.32.69 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
GET H2	200	convergedlogin_pcustomizationloader_086a128d5c29a4968a7b.js Show response aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/	107 KB 32 KB	85ms 22ms	Script application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_086a128d5c29a4968a7b.js Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4D09) / Resource Hash 397f77ce4d1850a7f7988228df747be85fd05fd39378e75dd6b415c0a4ff694a Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 8ICF9qFMKUOBDjwyCYq/PQ== age 2971205 x-cache HIT content-length 32190 x-ms-lease-status unlocked last-modified Tue, 17 Jan 2023 23:52:59 GMT server ECAcc (frc/4D09) etag 0x8DAF8E5F6B3C107 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 628ce1b1-f01e-0033-7a25-2cec9c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 20 KB	21ms 21ms	Other text/css	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C94) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 9K2/nGCj75WAmmAI9nZNCA== age 13917518 x-cache HIT content-length 19970 x-ms-lease-status unlocked last-modified Thu, 04 Aug 2022 19:37:00 GMT server ECAcc (frc/4C94) etag 0x8DA7650B375AC9B vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id ce9670ed-701e-0052-0a97-c89062000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 15 KB	21ms 21ms	Other application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C8E) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 o1/rFbsTFiIvaHxjFATcuQ== age 2908040 x-cache HIT content-length 15221 x-ms-lease-status unlocked last-modified Wed, 18 Jan 2023 23:28:28 GMT server ECAcc (frc/4C8E) etag 0x8DAF9ABB3FCF196 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 19ab46c0-801e-0008-46b9-2cf9aa000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	2_bc3d32a696895f78c19df6c717586a5d.svg aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/	2 KB 837 B	21ms 21ms	Image image/svg+xml	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CE3) / Resource Hash 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 DhdidjYrlCeaRJJRG/y9mA== age 13917517 x-cache HIT content-length 673 x-ms-lease-status unlocked last-modified Wed, 12 Feb 2020 22:01:50 GMT server ECAcc (frc/4CE3) etag 0x8D7B007297AE131 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id f66b17b7-a01e-0078-3697-c8c471000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg aadcdn.msftauth.net/shared/1.0/content/images/	4 KB 2 KB	24ms 24ms	Image image/svg+xml	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CFA) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 nzaLxFgP7ZB3dfMcaybWzw== age 13917517 x-cache HIT content-length 1435 x-ms-lease-status unlocked last-modified Thu, 16 Jan 2020 00:32:52 GMT server ECAcc (frc/4CFA) etag 0x8D79A1B9F5E121A vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id e0c1be84-e01e-005d-7397-c8af81000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	convergedlogin_pstringcustomizationhelper_f53bef4ba0ed443dd8c9.js Show response aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/	111 KB 35 KB	23ms 22ms	Script application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_f53bef4ba0ed443dd8c9.js Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CB8) / Resource Hash 0c15268fe179052bffdf2a3d26f41e6acb3bbb6ddb08bb9614b2e6b7878f02b3 Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:10 GMT content-encoding gzip content-md5 pkqYz65/eisZkYX+719VTw== age 2970999 x-cache HIT content-length 35789 x-ms-lease-status unlocked last-modified Tue, 17 Jan 2023 23:53:02 GMT server ECAcc (frc/4CB8) etag 0x8DAF8E5F857E33D vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 8615c74e-801e-0082-3226-2c2bad000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	signin-options_4e48046ce74f4b89d45037c90576bfac.svg aadcdn.msftauth.net/shared/1.0/content/images/	2 KB 795 B	23ms 23ms	Image image/svg+xml	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CA3) / Resource Hash 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93 Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:11 GMT content-encoding gzip content-md5 R2FAVxfpONfnQAuxVxXbHg== age 13917516 x-cache HIT content-length 621 x-ms-lease-status unlocked last-modified Tue, 10 Nov 2020 03:41:05 GMT server ECAcc (frc/4CA3) etag 0x8D8852A740F01B9 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 42aceff7-b01e-0055-2797-c888ae000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	108 KB 0	23ms 22ms	Fetch text/css	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C94) / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:15 GMT content-encoding gzip content-md5 9K2/nGCj75WAmmAI9nZNCA== age 13917523 x-cache HIT content-length 19970 x-ms-lease-status unlocked last-modified Thu, 04 Aug 2022 19:37:00 GMT server ECAcc (frc/4C94) etag 0x8DA7650B375AC9B vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id ce9670ed-701e-0052-0a97-c89062000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	52 KB 0	26ms 26ms	Fetch application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js Requested by Host: login.microsoftonline.com URL: https://login.microsoftonline.com/common/oauth2/V2.0/authorize?response_type=code&client_id=604f4f67-b7b8-43c1-91a7-487454fa3b89&scope=email+openid+profile&redirect_uri=https%3A%2F%2Fqa.mobilitylogbook.unbooking.org%2Fcallback&code_challenge=Pn7FE3cX5jR7URfMDfMVtTsJx1CttPO9NqmpCReG5RM&code_challenge_method=S256&sso_reload=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C8E) / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://login.microsoftonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Feb 2023 02:09:15 GMT content-encoding gzip content-md5 o1/rFbsTFiIvaHxjFATcuQ== age 2908045 x-cache HIT content-length 15221 x-ms-lease-status unlocked last-modified Wed, 18 Jan 2023 23:28:28 GMT server ECAcc (frc/4C8E) etag 0x8DAF9ABB3FCF196 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 19ab46c0-801e-0008-46b9-2cf9aa000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

qa.unbooking.org

URL

https://qa.unbooking.org/secure/office/

Domain

api.qa.ddo.unbooking.org

URL

https://api.qa.ddo.unbooking.org/api/v1/facilities/null/mobility/logbook/drives/filter-data/?to_do_drives=false&to_date=2023-02-28&from_date=2023-02-01

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_086a128d5c29a4968a7b boolean| __convergedlogin_pstringcustomizationhelper_f53bef4ba0ed443dd8c9

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA|NoExtension
			login.microsoftonline.com/	1970-01-20 09:51:58	Name: SSOCOOKIEPULLED Value: 1
			login.microsoftonline.com/	1970-01-20 10:35:10	Name: buid Value: 0.AXoArtkqRtnXBkK4dHGx4Hl3b2dPT2C4t8FDkadIdFT6O4l6AAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr52-Rr2DEyUypk8qrL0H5Ew3OpIzsDR1sC8pgzHdCe9f9_Ov4e21_sQ1Ug_Qr6xHeglieSnAKGqAV1B4LlL_IoP2pp5oCIiF-owYMNIt-l1ogAA
			login.microsoftonline.com/	1970-01-20 10:35:10	Name: fpc Value: AuKMyAIEOQhAlY4bA1sgKOv05froAQAAAMbBiNsOAAAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrSt-9Uj5F3HPoff5bnVS8wtRSBrtvVjuYLubdFfmYCogekTZTw2-HGlMPfAR-W3TGuwOesNfybvJG2KAlvQUTYS47BngCBDUgQjiTgnLM6nfaSbOtlhyxFS__-haS2-jEwNVGhaqt6n2TZXeh8MFzO8-ObdbEwQzu89o37q_S4ZcgAA
			.login.microsoftonline.com/	1970-01-20 19:13:34	Name: brcap Value: 0
			.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: e40abda74a8041ab9318c2cad28765b6
			.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1677118150&co=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
api.qa.ddo.unbooking.org
fonts.googleapis.com
login.live.com
login.microsoftonline.com
qa.mobilitylogbook.humanitarianbooking.wfp.org
qa.unbooking.org
api.qa.ddo.unbooking.org
qa.unbooking.org
152.199.23.37
2a00:1450:400d:80e::200a
40.126.32.69
40.126.32.73
54.171.45.105
99.86.4.95
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0c15268fe179052bffdf2a3d26f41e6acb3bbb6ddb08bb9614b2e6b7878f02b3
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
3611862a6024ae9d5bbb951c2c95f21c05488239a641dc735323ba5642d93a00
397f77ce4d1850a7f7988228df747be85fd05fd39378e75dd6b415c0a4ff694a
42ab9d02e245fc8344a9dfc6e2f5d5d41395312e49f4258c44448282082a613d
7f1160cc93056d409420ca17237ce5f4ce42159a96a6ced2606f0e375b040366
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
b12e862a8e4489c99304a04d61f61b08995f47699811ab785f791374805f5f12
c7756402b5021f36bfecdafc32ccc12ec1ae1509293a7588e3a6cb2984a6a50b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855