urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
52.126.195.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bravo.cxsrecognize.com/
Effective URL: https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKA...
Submission: On March 04 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 34 HTTP transactions. The main IP is 52.126.195.32, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 11006.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 3rd 2023. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 50.21.166.45 29909 (LESSE)
1 72.21.81.200 15133 (EDGECAST)
1 50.21.166.32 29909 (LESSE)
2 172.253.63.106 15169 (GOOGLE)
3 142.251.111.94 15169 (GOOGLE)
2 52.126.195.32 8070 (MICROSOFT...)
9 152.199.4.44 15133 (EDGECAST)
1 52.235.253.124 8075 (MICROSOFT...)
34 9
13    50.21.166.45 (Montreal, Canada)

ASN29909 (LESSE, CA)
bravo.cxsrecognize.com
1    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    50.21.166.32 (Montreal, Canada)

ASN29909 (LESSE, CA)
cdn.engageus.com
2    172.253.63.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f106.1e100.net
www.google.com
3    142.251.111.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net
www.gstatic.com
2    52.126.195.32 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
9    152.199.4.44 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    52.235.253.124 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.us
Apex Domain
Subdomains		 Transfer
13 cxsrecognize.com
bravo.cxsrecognize.com
1 MB
9 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 953
351 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com Failed
415 KB
2 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 11006
26 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
29 KB
1 msftauthimages.us
aadcdn.msftauthimages.us — Cisco Umbrella Rank: 140946
4 KB
1 engageus.com
cdn.engageus.com — Cisco Umbrella Rank: 474695
1 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2776
22 KB
34 8
Domain Requested by
13 bravo.cxsrecognize.com 2 redirects bravo.cxsrecognize.com
9 aadcdn.msftauth.net login.microsoftonline.us
aadcdn.msftauth.net
3 www.gstatic.com www.google.com
www.gstatic.com
2 login.microsoftonline.us bravo.cxsrecognize.com
aadcdn.msftauth.net
2 www.google.com bravo.cxsrecognize.com
www.gstatic.com
1 aadcdn.msftauthimages.us
1 cdn.engageus.com bravo.cxsrecognize.com
1 az416426.vo.msecnd.net bravo.cxsrecognize.com
0 fonts.gstatic.com Failed www.google.com
34 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
cxsrecognize.com
Entrust Certification Authority - L1K		 2024-01-17 -
2025-02-17		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh
www.engageus.com
Entrust Certification Authority - L1K		 2023-09-25 -
2024-10-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2023-12-03 -
2024-12-03		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
aadcdn.msftauthimages.us
Microsoft Azure RSA TLS Issuing CA 03		 2023-12-19 -
2024-12-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F&sso_reload=true
Frame ID: 534965F5D7DB9AE7CE31F52E6D9FE520
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeN1ZMUAAAAABKcBP-_TjSan5j6cYuMu-r3su-H&co=aHR0cHM6Ly9icmF2by5jeHNyZWNvZ25pemUuY29tOjQ0Mw..&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rma9ivfpkpj5
Frame ID: 809D5E99DC054778A0DBA98FE5379997
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. http://bravo.cxsrecognize.com/ HTTP 302
    https://bravo.cxsrecognize.com/ Page URL
  2. https://bravo.cxsrecognize.com/SSO.aspx?Start=1&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F HTTP 302
    https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7k... Page URL
  3. https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

88 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

1926 kB
Transfer

7170 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bravo.cxsrecognize.com/ HTTP 302
    https://bravo.cxsrecognize.com/ Page URL
  2. https://bravo.cxsrecognize.com/SSO.aspx?Start=1&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F HTTP 302
    https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F Page URL
  3. https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bravo.cxsrecognize.com/ HTTP 302
  • https://bravo.cxsrecognize.com/
Request Chain 15
  • https://bravo.cxsrecognize.com/SSO.aspx?Start=1&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F HTTP 302
  • https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bravo.cxsrecognize.com/
Redirect Chain
  • http://bravo.cxsrecognize.com/
  • https://bravo.cxsrecognize.com/
55 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
312b4b566dd6c4e0baf52aaa965eb36c143e3e9f37267efc29984168f501f372
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
56190
Content-Security-Policy
frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Mar 2024 15:36:43 GMT
Request-Context
appId=cid-v1:97e29db8-aeed-44d6-b71b-f927efe7c307
Strict-Transport-Security
max-age=31536000
X-FRAME-OPTIONS
DENY
X-UA-Compatible
IE=Edge
X-XSS-Protection
1

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-length
0
Location
https://bravo.cxsrecognize.com/
config
bravo.cxsrecognize.com/api/context/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/api/context/config?v=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
13da99e5df775d49aa19fa754fce6d670199e60e6b86010c52ff75c9089388a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Request-Context
appId=cid-v1:97e29db8-aeed-44d6-b71b-f927efe7c307
Content-Security-Policy
frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Strict-Transport-Security
max-age=31536000
Date
Mon, 04 Mar 2024 15:36:43 GMT
X-FRAME-OPTIONS
DENY
Content-Type
text/javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
22066
X-XSS-Protection
1
Expires
Tue, 04 Mar 2025 15:36:43 GMT
assets
bravo.cxsrecognize.com/api/context/ 		58 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/api/context/assets?v=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
70d85714714b5a96163e6917efc2f70b803bbee1b1e5fa3f7ec1749f22ce5dc7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Request-Context
appId=cid-v1:97e29db8-aeed-44d6-b71b-f927efe7c307
Content-Security-Policy
frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Strict-Transport-Security
max-age=31536000
Date
Mon, 04 Mar 2024 15:36:43 GMT
X-FRAME-OPTIONS
DENY
Content-Type
text/javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
59139
X-XSS-Protection
1
Expires
Tue, 04 Mar 2025 15:36:43 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/81CC) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:41 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
123
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (cha/81CC)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
361d3f27-401e-00f6-7449-6ec7d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Mon, 04 Mar 2024 16:06:41 GMT
ajax-loader.gif
bravo.cxsrecognize.com/clients/default/images/ 		404 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bravo.cxsrecognize.com/clients/default/images/ajax-loader.gif
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
f480f545db1e31dcc49a15f424945127cc2f883c25651d30d8154c94e5654ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 04 Mar 2024 15:36:43 GMT
Last-Modified
Mon, 26 Feb 2024 19:37:58 GMT
Accept-Ranges
bytes
ETag
"0afa4deb68da1:0"
Content-Length
404
Content-Type
image/gif
localization.builded.en.js
bravo.cxsrecognize.com/clients/GDIT/build/localization/ 		437 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/GDIT/build/localization/localization.builded.en.js?v=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
5e8fad94ad3bef6e91e5887f411e36680c58ac5f35ac0dab114fbcc9f9eceefe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Date
Mon, 04 Mar 2024 15:36:43 GMT
Last-Modified
Mon, 04 Mar 2024 14:00:08 GMT
ETag
"06412443c6eda1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
87594
base.css
bravo.cxsrecognize.com/clients/default/build/ 		317 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/default/build/base.css?v=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
b2fe79b876743b78fced07a71af29a81d45db6b8b48132dd8a6d5b28c1387664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Date
Mon, 04 Mar 2024 15:36:40 GMT
Last-Modified
Mon, 04 Mar 2024 13:44:44 GMT
ETag
"02e531d3a6eda1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
36229
client.css
bravo.cxsrecognize.com/clients/GDIT/build/ 		1 MB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/GDIT/build/client.css?v=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
ff7ffbb9fa2ea92acc3f23f2a0ccf01b0763bffc9d6a43fefc0be6eeb574d78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Date
Mon, 04 Mar 2024 15:36:40 GMT
Last-Modified
Mon, 04 Mar 2024 13:42:52 GMT
ETag
"05691da396eda1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
125236
app_package.js
bravo.cxsrecognize.com/clients/GDIT/build/ 		1 MB
372 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/GDIT/build/app_package.js?v=10
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
931aec50e0a82d956690b1e25d65f9ffbd3ed39763f0fc16fc8b30d7ed32bdb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Date
Mon, 04 Mar 2024 15:36:40 GMT
Last-Modified
Mon, 04 Mar 2024 14:00:08 GMT
ETag
"06412443c6eda1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
380647
app.js
bravo.cxsrecognize.com/clients/GDIT/build/ 		853 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/GDIT/build/app.js?v=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
829f32c0ef26ab5ac22a76a4fa1c6e9d175f8d578386d0ce17f1b6034961ddca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Date
Mon, 04 Mar 2024 15:36:40 GMT
Last-Modified
Mon, 04 Mar 2024 13:55:56 GMT
ETag
"03edead3b6eda1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
166922
angular-locale_en-US.js
cdn.engageus.com/assets/packages/angular-i18n1.5.8/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engageus.com/assets/packages/angular-i18n1.5.8/angular-locale_en-US.js
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.32 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
be1a99b11acde26fa93149b45583b86994c7d7e388ffd24b0b4da17eb7d33f4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 15:36:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2019 20:03:09 GMT
ETag
"80bc2d6e6ae6d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
964
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?&render=6LeN1ZMUAAAAABKcBP-_TjSan5j6cYuMu-r3su-H&hl=en-us
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f106.1e100.net
Software
GSE /
Resource Hash
20fd89d32d46b5ea32661666cd67bd8209df82ec1ac98e85c720e6f5d12d4c4a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bravo.cxsrecognize.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2024 15:36:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?&render=6LeN1ZMUAAAAABKcBP-_TjSan5j6cYuMu-r3su-H&hl=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bravo.cxsrecognize.com/
Origin
https://bravo.cxsrecognize.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:28:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Mar 2025 23:28:11 GMT
Roboto-Regular.ttf
bravo.cxsrecognize.com/clients/default/fonts/Roboto/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/default/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/clients/GDIT/build/client.css?v=202403040900719GDIT
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bravo.cxsrecognize.com/clients/GDIT/build/client.css?v=202403040900719GDIT
Origin
https://bravo.cxsrecognize.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 04 Mar 2024 15:36:43 GMT
Last-Modified
Mon, 26 Feb 2024 19:37:58 GMT
Accept-Ranges
bytes
ETag
"0afa4deb68da1:0"
Content-Length
162876
Content-Type
application/octet-stream
landingpage.tpl.html
bravo.cxsrecognize.com/clients/gdit/vcxsrecognize/app/landingpage/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bravo.cxsrecognize.com/clients/gdit/vcxsrecognize/app/landingpage/landingpage.tpl.html?ridapinc=202403040900719GDIT
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/clients/GDIT/build/app_package.js?v=10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.21.166.45 Montreal, Canada, ASN29909 (LESSE, CA),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/html
Referer
https://bravo.cxsrecognize.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Date
Mon, 04 Mar 2024 15:36:43 GMT
Last-Modified
Wed, 28 Feb 2024 21:34:22 GMT
ETag
"03a8e48d6ada1:0"
Vary
Accept-Encoding
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
1323
saml2
login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/
Redirect Chain
  • https://bravo.cxsrecognize.com/SSO.aspx?Start=1&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F
  • https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZ...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F
Requested by
Host: bravo.cxsrecognize.com
URL: https://bravo.cxsrecognize.com/clients/GDIT/build/app.js?v=202403040900719GDIT
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.126.195.32 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5986824d42cbeac752e8e0a345ed02e1703789d628a920a107c1a7d92d2a7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bravo.cxsrecognize.com/#/home
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9220
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Mar 2024 15:36:41 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.17396.8 - USGVA ProdSlices
x-ms-request-id
5e000736-9999-4de8-8924-10cd78f2cd00

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
985
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Mar 2024 15:36:41 GMT
Location
https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F
Request-Context
appId=cid-v1:97e29db8-aeed-44d6-b71b-f927efe7c307
Strict-Transport-Security
max-age=31536000
anchor
www.google.com/recaptcha/api2/ Frame 809D 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeN1ZMUAAAAABKcBP-_TjSan5j6cYuMu-r3su-H&co=aHR0cHM6Ly9icmF2by5jeHNyZWNvZ25pemUuY29tOjQ0Mw..&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rma9ivfpkpj5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Uk5oeeiVSjUh3Q91_5L0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bravo.cxsrecognize.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--Uk5oeeiVSjUh3Q91_5L0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:36:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 809D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeN1ZMUAAAAABKcBP-_TjSan5j6cYuMu-r3su-H&co=aHR0cHM6Ly9icmF2by5jeHNyZWNvZ25pemUuY29tOjQ0Mw..&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rma9ivfpkpj5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:05:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Mar 2025 15:05:34 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 809D 		492 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeN1ZMUAAAAABKcBP-_TjSan5j6cYuMu-r3su-H&co=aHR0cHM6Ly9icmF2by5jeHNyZWNvZ25pemUuY29tOjQ0Mw..&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rma9ivfpkpj5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:28:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Mar 2025 23:28:11 GMT
sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js
www.google.com/js/bg/ Frame 809D 		0
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 809D 		0
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 809D 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 809D 		0
0
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/064E) /
Resource Hash
b1929eebc1fb383d6db843b846c166ee5074bc0c22431043a3f4c89752985e8a

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:42 GMT
content-encoding
gzip
content-md5
63IKJF2qGIfEE+hzXafj6A==
age
3316266
x-cache
HIT
content-length
49534
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 06:44:17 GMT
server
ECAcc (cha/064E)
etag
0x8DC1CA7E340C4C2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1a67a001-c01e-00ff-6820-50766c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/ 		37 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.126.195.32 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
257606eb8b535fa94cb0a327955ac4fb3074bd55409c88167e41d35bfb610c97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14177
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Mar 2024 15:36:41 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
x-ms-ests-server
2.1.17396.8 - USGAZLR1 ProdSlices
x-ms-request-id
7b87e570-3bf0-466c-97e0-9e525dc65f00
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/81C9) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:42 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
5756395
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (cha/81C9)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4fba7381-e01e-0045-2fef-390e3d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		423 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/066E) /
Resource Hash
44c1362e04ebcb59e5938dd8b3c3374068d646b3dc2f1dbb58b4e101e0b8737e

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:42 GMT
content-encoding
gzip
content-md5
WdUrsd5q8Od3Vt1ZGB3gRw==
age
2161677
x-cache
HIT
content-length
119240
x-ms-lease-status
unlocked
last-modified
Wed, 07 Feb 2024 20:11:57 GMT
server
ECAcc (cha/066E)
etag
0x8DC281909882B1C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f8678345-801e-00d7-01a0-5abf4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_xtex5cpjr0k40urejm0fgg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_xtex5cpjr0k40urejm0fgg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/43243701-7aa8-421a-a131-fed3f11104c8/saml2?SAMLRequest=fZJBT%2BMwEIX%2FSuS7kzgxbddqKxUqRKWFjZaKAxfkOONiybGzHqeU%2FfWbpAuCA1yf3ps389lLlK3txKaPz%2B43%2FOkBY7LbrshTzmZNA3NNC6VrypmeU8nrGVWNnjV1zvVC%2FiDJAwQ03q1IkeYk2SH2sHMYpYuDlBec5iXN%2BZ5diHImOEtZwR9Jsh1ajJNxSj7H2KHIMusPxqWtUcGj19E7axykPWa8LHg5zxmdS7mgvGCSSlYyqqEpNWMs52qRjWcUJLn2QcF0zIpoaRHGpSqJaI7wrlTBR6%2B8vTSuMe6wIn1wwks0KJxsAUVU4n5z%2B1MMR4n6bEJxs99XtPp1vyfJqbUOxUTu%2B3D3v4msl6NbTIDCh%2Fz38WFvCCMlsn6jVAd59Kk6YQDlD878hVT5dpl9GH%2Fu6sTdMG%2B3rbw16nUE08r4dd3wNJNiGqonq%2BgddqCMNtCQZGOtf7kKIOOAMYZ%2BoJitz62fP8%2F6Hw%3D%3D&RelayState=https%3A%2F%2Fbravo.cxsrecognize.com%2F%23%2F&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/8109) /
Resource Hash
43053d16fc8fe8371888cd473a0cfb505aa6894cbe938ad4bf0a9186584858ae

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:42 GMT
content-encoding
gzip
content-md5
GYdBrN4UK706T52wuBroNQ==
age
2929862
x-cache
HIT
content-length
15699
x-ms-lease-status
unlocked
last-modified
Fri, 26 Jan 2024 21:44:25 GMT
server
ECAcc (cha/8109)
etag
0x8DC1EB7F735254D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
23ee2e48-f01e-004c-7aa4-537d2e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneDs_f2e0f4a029670f10d892.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (bsb/2787) /
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:42 GMT
content-encoding
gzip
content-md5
wegr9xrdYirQ87+FcvY0/A==
age
19751131
x-cache
HIT
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:37 GMT
server
ECAcc (bsb/2787)
etag
0x8DB5D44A2CEB430
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
308d1c38-401e-0009-51a7-ba07a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_88c449fa421fff689c33.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_88c449fa421fff689c33.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (bsb/27A4) /
Resource Hash
4e72380674809977fa6deb139a665499b101ad45f5f0c36321b22dcd552c8e09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:42 GMT
content-encoding
gzip
content-md5
V63GW4acsHhvZ5e7Or5Lig==
age
2265100
x-cache
HIT
content-length
54327
x-ms-lease-status
unlocked
last-modified
Mon, 05 Feb 2024 18:12:40 GMT
server
ECAcc (bsb/27A4)
etag
0x8DC26760A6506F8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
edbe8e9d-701e-0084-5baf-59a17b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (bsb/27AF) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:43 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
22548622
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (bsb/27AF)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
965a8687-301e-0071-5635-a11d53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.us/6ebb54f4-x9w8yqcw57s-hjtylldrthc3p06r2pdioaanneqdkbo/logintenantbranding/0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.us/6ebb54f4-x9w8yqcw57s-hjtylldrthc3p06r2pdioaanneqdkbo/logintenantbranding/0/bannerlogo?ts=637506045572794625
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.235.253.124 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1351e3172bda1a3d2c4253e85f1cc35eca6934c1d67053f10b851f031711ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:43 GMT
last-modified
Sat, 06 Mar 2021 05:15:57 GMT
etag
0x8D8E05EECCFADA6
vary
Origin
x-azure-ref
20240304T153643Z-gyr1ytzzp10zf863d1d5exd134000000087g0000000004dv
content-type
image/*
x-ms-request-id
fa34f95c-501e-0034-2dfb-6a4004000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
3297
convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (bsb/27E1) /
Resource Hash
1a4a2437e72df4da5141dddfeae6e8238a85284b4d875106f0e0e8b7f84ef8a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:43 GMT
content-encoding
gzip
content-md5
fc1iN3JW8w+2aO0WjyBoNA==
age
3536239
x-cache
HIT
content-length
35811
x-ms-lease-status
unlocked
last-modified
Sun, 21 Jan 2024 22:04:16 GMT
server
ECAcc (bsb/27E1)
etag
0x8DC1ACCE925018D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
68342a42-c01e-00bb-4820-4e0975000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.44 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (bsb/27E6) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Mar 2024 15:36:43 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
22548657
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (bsb/27E6)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
eabf9c7c-001e-006f-1635-a16395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/js/bg/sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_88c449fa421fff689c33 boolean| __convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd

14 Cookies

Domain/Path Name / Value
bravo.cxsrecognize.com/ Name: engageus2__languageId
Value: en-us
bravo.cxsrecognize.com/ Name: ai_user
Value: qSLaT|2024-03-04T15:36:41.812Z
bravo.cxsrecognize.com/ Name: SAML_SessionId
Value: 23e303f2-fd42-4d02-ba09-8d4cad144246
.login.microsoftonline.us/ Name: esctx-gKKLS1f2owM
Value: AQABCQEAAgBBAibdPA4KTJ6veDTjCiyH6C6dCectoy8yCLnlmTLxDe7LkzdTaPSbKypdOv_pncCfuuD6v-3MuShOHu72EJOOg1psuXNgSiDRrGc4tphPonFtwDiTO-LGWrxQlijtauw1ihAqfHnLuRnowWuXbGbeb3CW1Mu0LOY7VvaSUp6HeyAA
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.us/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.CwMAATckQ6h6GkKhMf7T8REEyNafNU1m78tIocSWiT4Ir-8DAAA.AQABGgEAAgBBAibdPA4KTJ6veDTjCiyHPryJ9aFiQxvNo1h2PxvcWDeG0JrvGIESpRRpOkIv5FAn16Ihmi9AdFq4Ro96q1MdZIs4EKYOJO49y7-XswkLfma6oz9KSTHJ4Ai-70uXiWQgAA
.login.microsoftonline.us/ Name: esctx
Value: PAQABBwEAAgBBAibdPA4KTJ6veDTjCiyHDiDlsDvXwRxIOj84SMsR-yGN44z3yMTEbsR2hk9VPCGeThZ2nY4vBG4BJfSaSfVxYjv1votsfam5J55SmMiLo5-RH0v6tuV9h41miKUXHDWwGoBK5Zx8t-H7gH8LTxfG8Lx-6tb8vu5fj0Um3PLdjtmWf0kboUkRCr70Wf40NBogAA
.login.microsoftonline.us/ Name: esctx-rYgLpwHNyyo
Value: AQABCQEAAgBBAibdPA4KTJ6veDTjCiyHHe83Qx1WD3QFYY9Twa5rCBfY8pJrvXWOB98hoCWisQ1BYnZ9sLDDrZ_-HriNP7_hbx4eh53Xu6ntbHp0ARCbfsB_6jC5TgWQOEBCaTYqBwKFjByqoNTGg_AtB9qj40owGUy1RX_qZDUU1Rb4umWY3yAA
login.microsoftonline.us/ Name: fpc
Value: ApiW3f5hJLlLon2uC0tj7g2MJkPWAQAAAInhd90OAAAA
login.microsoftonline.us/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 9227fad6-02aa-4764-8079-c5e81a7140d1
.login.microsoftonline.us/ Name: brcap
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' office365.com *.office365.com office.com *.office.com
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.us
az416426.vo.msecnd.net
bravo.cxsrecognize.com
cdn.engageus.com
fonts.gstatic.com
login.microsoftonline.us
www.google.com
www.gstatic.com
fonts.gstatic.com
www.google.com
www.gstatic.com
142.251.111.94
152.199.4.44
172.253.63.106
50.21.166.32
50.21.166.45
52.126.195.32
52.235.253.124
72.21.81.200
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
13da99e5df775d49aa19fa754fce6d670199e60e6b86010c52ff75c9089388a3
1a4a2437e72df4da5141dddfeae6e8238a85284b4d875106f0e0e8b7f84ef8a7
20fd89d32d46b5ea32661666cd67bd8209df82ec1ac98e85c720e6f5d12d4c4a
257606eb8b535fa94cb0a327955ac4fb3074bd55409c88167e41d35bfb610c97
312b4b566dd6c4e0baf52aaa965eb36c143e3e9f37267efc29984168f501f372
43053d16fc8fe8371888cd473a0cfb505aa6894cbe938ad4bf0a9186584858ae
44c1362e04ebcb59e5938dd8b3c3374068d646b3dc2f1dbb58b4e101e0b8737e
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4e72380674809977fa6deb139a665499b101ad45f5f0c36321b22dcd552c8e09
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5e8fad94ad3bef6e91e5887f411e36680c58ac5f35ac0dab114fbcc9f9eceefe
70d85714714b5a96163e6917efc2f70b803bbee1b1e5fa3f7ec1749f22ce5dc7
829f32c0ef26ab5ac22a76a4fa1c6e9d175f8d578386d0ce17f1b6034961ddca
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
931aec50e0a82d956690b1e25d65f9ffbd3ed39763f0fc16fc8b30d7ed32bdb9
b1929eebc1fb383d6db843b846c166ee5074bc0c22431043a3f4c89752985e8a
b2fe79b876743b78fced07a71af29a81d45db6b8b48132dd8a6d5b28c1387664
be1a99b11acde26fa93149b45583b86994c7d7e388ffd24b0b4da17eb7d33f4b
c1351e3172bda1a3d2c4253e85f1cc35eca6934c1d67053f10b851f031711ef2
d5986824d42cbeac752e8e0a345ed02e1703789d628a920a107c1a7d92d2a7fb
f480f545db1e31dcc49a15f424945127cc2f883c25651d30d8154c94e5654ede
ff7ffbb9fa2ea92acc3f23f2a0ccf01b0763bffc9d6a43fefc0be6eeb574d78f