urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:d8::5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bezen-internal.bezero.engineering/
Effective URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZ...
Submission: On February 27 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 2603:1027:1:d8::5, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 28th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13.43.78.230 16509 (AMAZON-02)
2 2a05:d01c:4a0... 16509 (AMAZON-02)
1 1 2a05:d01c:4a0... 16509 (AMAZON-02)
2 2603:1027:1:d... 8075 (MICROSOFT...)
7 2606:2800:233... 15133 (EDGECAST)
1 40.126.32.136 8075 (MICROSOFT...)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
22 6
8    13.43.78.230 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
bezen-internal.bezero.engineering
2    2a05:d01c:4a0:2f00:6749:3716:b68e:fa26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
cognito-idp.eu-west-2.amazonaws.com
1    2a05:d01c:4a0:2f01:22be:f1b1:a29a:199f (London, United Kingdom)

ASN16509 (AMAZON-02, US)
rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com
2    2603:1027:1:d8::5 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
7    2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    40.126.32.136 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
Apex Domain
Subdomains		 Transfer
8 bezero.engineering
bezen-internal.bezero.engineering
3 MB
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 883
291 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3189
28 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10
26 KB
2 amazonaws.com
cognito-idp.eu-west-2.amazonaws.com — Cisco Umbrella Rank: 85130
2 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 64
1 amazoncognito.com
rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com
2 KB
22 7
Domain Requested by
8 bezen-internal.bezero.engineering bezen-internal.bezero.engineering
7 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
2 aadcdn.msftauthimages.net
2 login.microsoftonline.com bezen-internal.bezero.engineering
aadcdn.msftauth.net
2 cognito-idp.eu-west-2.amazonaws.com bezen-internal.bezero.engineering
1 login.live.com login.microsoftonline.com
1 rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com 1 redirects
22 7

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
bezen-internal.bezero.engineering
Amazon RSA 2048 M02		 2024-02-27 -
2025-03-27		 a year crt.sh
cognito-idp.eu-west-2.amazonaws.com
Amazon RSA 2048 M02		 2023-04-25 -
2024-05-23		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-28 -
2024-11-28		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-02-13 -
2025-02-13		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-02-18 -
2025-02-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Frame ID: 0CE98B2E796F1C0F5C597C738232C0CF
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://bezen-internal.bezero.engineering/ Page URL
  2. https://bezen-internal.bezero.engineering/ Page URL
  3. https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=1tivehvrmjteds71o5jtbb5num&red... HTTP 302
    https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjs... Page URL
  4. https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjs... Page URL

Page Statistics

22
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

3225 kB
Transfer

4019 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bezen-internal.bezero.engineering/ Page URL
  2. https://bezen-internal.bezero.engineering/ Page URL
  3. https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=1tivehvrmjteds71o5jtbb5num&redirect_uri=https%3A%2F%2Fbezen-internal.bezero.engineering%2Fauth-callback&scope=openid+email&code_challenge=RT5UR0iX-vmrwVw8BD21mSmfPw81uYMHC_ToOqlQ_Jg&code_challenge_method=S256&nonce=9Cy4bgGGOl_LY7laLtMnmD9vswO69NFdbjowKP3vQjs HTTP 302
    https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3 Page URL
  4. https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=1tivehvrmjteds71o5jtbb5num&redirect_uri=https%3A%2F%2Fbezen-internal.bezero.engineering%2Fauth-callback&scope=openid+email&code_challenge=RT5UR0iX-vmrwVw8BD21mSmfPw81uYMHC_ToOqlQ_Jg&code_challenge_method=S256&nonce=9Cy4bgGGOl_LY7laLtMnmD9vswO69NFdbjowKP3vQjs HTTP 302
  • https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bezen-internal.bezero.engineering/ 		448 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
76ceb4cd07ec666010fa26ddbafc5e93513a5916d8564bbb4cd1984701b7e204

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-length
448
content-type
text/html; charset=utf-8
date
Tue, 27 Feb 2024 15:45:44 GMT
last-modified
Wed, 21 Feb 2024 15:00:02 GMT
vary
Origin
index-TSKb-2HI.js
bezen-internal.bezero.engineering/assets/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
fafacd7cf811c71936018ab78e00e7c433d1690d10b679348d519e870bc57861

Request headers

Referer
https://bezen-internal.bezero.engineering/
Origin
https://bezen-internal.bezero.engineering
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 15:45:44 GMT
last-modified
Wed, 21 Feb 2024 15:00:02 GMT
accept-ranges
bytes
content-length
1467674
vary
Origin
content-type
text/javascript; charset=utf-8
index-IVZ0jpcL.css
bezen-internal.bezero.engineering/assets/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/assets/index-IVZ0jpcL.css
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
5ab9c2872db79a4b5f274bc230056109c5316bf2111003c78f245d159fb85adf

Request headers

Referer
https://bezen-internal.bezero.engineering/
Origin
https://bezen-internal.bezero.engineering
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 15:45:44 GMT
last-modified
Wed, 21 Feb 2024 15:00:02 GMT
accept-ranges
bytes
content-length
1817
vary
Origin
content-type
text/css; charset=utf-8
config
bezen-internal.bezero.engineering/form/ 		272 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/form/config
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
af0298be9dfc18eef711173f9250884fc71a027667151e4eba18776a1033b842

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bezen-internal.bezero.engineering/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 15:45:44 GMT
content-length
272
vary
Origin
content-type
application/json
openid-configuration
cognito-idp.eu-west-2.amazonaws.com/eu-west-2_5TzRu86X5/.well-known/ 		981 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-idp.eu-west-2.amazonaws.com/eu-west-2_5TzRu86X5/.well-known/openid-configuration
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d01c:4a0:2f00:6749:3716:b68e:fa26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept
application/json
Referer
https://bezen-internal.bezero.engineering/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Feb 2024 15:45:45 GMT
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
e22cd3bc-6a89-4efc-8672-919ee03c4eef
content-length
981
content-type
application/json
/
bezen-internal.bezero.engineering/ 		448 B
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
76ceb4cd07ec666010fa26ddbafc5e93513a5916d8564bbb4cd1984701b7e204

Request headers

Referer
https://bezen-internal.bezero.engineering/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-length
448
content-type
text/html; charset=utf-8
date
Tue, 27 Feb 2024 15:45:45 GMT
last-modified
Wed, 21 Feb 2024 15:00:02 GMT
vary
Origin
index-TSKb-2HI.js
bezen-internal.bezero.engineering/assets/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
fafacd7cf811c71936018ab78e00e7c433d1690d10b679348d519e870bc57861

Request headers

Referer
https://bezen-internal.bezero.engineering/
Origin
https://bezen-internal.bezero.engineering
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 15:45:45 GMT
last-modified
Wed, 21 Feb 2024 15:00:02 GMT
accept-ranges
bytes
content-length
1467674
vary
Origin
content-type
text/javascript; charset=utf-8
index-IVZ0jpcL.css
bezen-internal.bezero.engineering/assets/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/assets/index-IVZ0jpcL.css
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
5ab9c2872db79a4b5f274bc230056109c5316bf2111003c78f245d159fb85adf

Request headers

Referer
https://bezen-internal.bezero.engineering/
Origin
https://bezen-internal.bezero.engineering
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 15:45:45 GMT
last-modified
Wed, 21 Feb 2024 15:00:02 GMT
accept-ranges
bytes
content-length
1817
vary
Origin
content-type
text/css; charset=utf-8
config
bezen-internal.bezero.engineering/form/ 		272 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bezen-internal.bezero.engineering/form/config
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-230.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
af0298be9dfc18eef711173f9250884fc71a027667151e4eba18776a1033b842

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bezen-internal.bezero.engineering/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 15:45:45 GMT
content-length
272
vary
Origin
content-type
application/json
openid-configuration
cognito-idp.eu-west-2.amazonaws.com/eu-west-2_5TzRu86X5/.well-known/ 		981 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-idp.eu-west-2.amazonaws.com/eu-west-2_5TzRu86X5/.well-known/openid-configuration
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d01c:4a0:2f00:6749:3716:b68e:fa26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd58ade3278a2a49a394139f7c256d49dbec49d4b38ab23073c753316c58b6fb

Request headers

accept
application/json
Referer
https://bezen-internal.bezero.engineering/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Feb 2024 15:45:45 GMT
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
72a81fe5-c9ca-4636-89df-1063c8885a10
content-length
981
content-type
application/json
saml2
login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/
Redirect Chain
  • https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=1tivehvrmjteds71o5jtbb5num&redirect_uri=https%3A%2F%2Fbezen-internal.bezero.engin...
  • https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63N...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3
Requested by
Host: bezen-internal.bezero.engineering
URL: https://bezen-internal.bezero.engineering/assets/index-TSKb-2HI.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46f32eb38ee74ebc6f372c507c57dfac648a172a52fd184191fc7a6dd0fa3be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bezen-internal.bezero.engineering/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9027
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Feb 2024 15:45:45 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.17396.8 - SEC ProdSlices
x-ms-request-id
7a0a1122-cd12-40b6-ab54-4dfd01e4ab00

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy-report-only
script-src https://d36xj9p3yhtjhl.cloudfront.net https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com; style-src https://d36xj9p3yhtjhl.cloudfront.net https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com; img-src https://d36xj9p3yhtjhl.cloudfront.net https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com; report-uri https://rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/cspreport
date
Tue, 27 Feb 2024 15:45:45 GMT
location
https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cognito-request-id
10e1c181-a303-4068-8aa8-99b6ebc2d1fb
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E1) /
Resource Hash
b1929eebc1fb383d6db843b846c166ee5074bc0c22431043a3f4c89752985e8a

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:45 GMT
content-encoding
gzip
content-md5
63IKJF2qGIfEE+hzXafj6A==
age
2798511
x-cache
HIT
content-length
49534
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 06:44:17 GMT
server
ECAcc (ama/48E1)
etag
0x8DC1CA7E340C4C2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
362299b5-f01e-0060-6e20-501804000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/ 		42 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4aeb5db80a7e29eba13f984cf9e510282a694c579ef29de492b32ec8fa93859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14155
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Feb 2024 15:45:45 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.17396.8 - NEULR1 ProdSlices
x-ms-request-id
0e3614f5-4fb3-4de2-81c3-8a8b6a02bd00
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C4) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
5286233
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (ama/48C4)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
eb3f5b99-a01e-00bd-5280-39f379000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		423 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
44c1362e04ebcb59e5938dd8b3c3374068d646b3dc2f1dbb58b4e101e0b8737e

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
content-encoding
gzip
content-md5
WdUrsd5q8Od3Vt1ZGB3gRw==
age
1645466
x-cache
HIT
content-length
119240
x-ms-lease-status
unlocked
last-modified
Wed, 07 Feb 2024 20:11:57 GMT
server
ECAcc (ama/489D)
etag
0x8DC281909882B1C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f70c77eb-e01e-0055-089c-5abe1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_xumfmfvavlrskghzryvs3a2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_xumfmfvavlrskghzryvs3a2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C9) /
Resource Hash
f631bccb99913fb8ec387de663ccb1e61b20dcf75efe4db6c4ec49806534d813

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
content-encoding
gzip
content-md5
y14sVSaW/xqBt+Nk+iMv8w==
age
2363048
x-cache
HIT
content-length
15756
x-ms-lease-status
unlocked
last-modified
Fri, 26 Jan 2024 21:44:25 GMT
server
ECAcc (ama/48C9)
etag
0x8DC1EB7F7337971
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
07a0505a-f01e-00a0-0916-549c40000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_88c449fa421fff689c33.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_88c449fa421fff689c33.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
4e72380674809977fa6deb139a665499b101ad45f5f0c36321b22dcd552c8e09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
content-encoding
gzip
content-md5
V63GW4acsHhvZ5e7Or5Lig==
age
1755106
x-cache
HIT
content-length
54327
x-ms-lease-status
unlocked
last-modified
Mon, 05 Feb 2024 18:12:40 GMT
server
ECAcc (ama/4893)
etag
0x8DC26760A6506F8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
81c9d298-801e-002b-809d-59ee02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/c1c6b6c8-9qlvrrhz-j2yaxr5gmtthfsjqothvm8lhxwwraxizyw/logintenantbranding/0/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-9qlvrrhz-j2yaxr5gmtthfsjqothvm8lhxwwraxizyw/logintenantbranding/0/illustration?ts=637841373965321176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa47b56b9b4f1f3391de4976c1b69621309cf346394a1e444db311a19457c773

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
50755578
content-length
21783
x-ms-lease-status
unlocked
last-modified
Tue, 29 Mar 2022 07:56:36 GMT
etag
0x8DA1159A661E8EC
x-azure-ref
20240227T154546Z-3g1cnh1h3d61p6av3m7gz515x400000003bg00000000aa4k
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
2deea039-601e-0053-6f4d-697898000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-9qlvrrhz-j2yaxr5gmtthfsjqothvm8lhxwwraxizyw/logintenantbranding/0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-9qlvrrhz-j2yaxr5gmtthfsjqothvm8lhxwwraxizyw/logintenantbranding/0/bannerlogo?ts=637841373969852480
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52a7e44324fd24c04558e6a0e46c07df8a95365ad5c884b2a305a40b22f5d154

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
50755578
content-length
5449
x-ms-lease-status
unlocked
last-modified
Tue, 29 Mar 2022 07:56:37 GMT
etag
0x8DA1159A68AA0B0
x-azure-ref
20240227T154546Z-3g1cnh1h3d61p6av3m7gz515x400000003bg00000000aa4m
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
1c20305e-801e-0064-414d-69aa34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DD) /
Resource Hash
1a4a2437e72df4da5141dddfeae6e8238a85284b4d875106f0e0e8b7f84ef8a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
content-encoding
gzip
content-md5
fc1iN3JW8w+2aO0WjyBoNA==
age
3053152
x-cache
HIT
content-length
35811
x-ms-lease-status
unlocked
last-modified
Sun, 21 Jan 2024 22:04:16 GMT
server
ECAcc (ama/48DD)
etag
0x8DC1ACCE925018D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a85243ed-201e-0049-3ecf-4dfa24000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48ED) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Feb 2024 15:45:46 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
23584558
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (ama/48ED)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1fb84801-d01e-0021-0513-935ed9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_88c449fa421fff689c33 boolean| __convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd

17 Cookies

Domain/Path Name / Value
bezen-internal.bezero.engineering/ Name: AWSALB
Value: xg0sZF6q+lW/BcSzmvtZf8wmphgJQH7rWwycSzaUujfRjb9jsYo3F7IJ+bYgyY+im9zV2eVQo/2CiCrXMUU6mXpUzcBcX2yqwYguhM5yQutCqLW1JF8aHv1cRrym
bezen-internal.bezero.engineering/ Name: AWSALBCORS
Value: xg0sZF6q+lW/BcSzmvtZf8wmphgJQH7rWwycSzaUujfRjb9jsYo3F7IJ+bYgyY+im9zV2eVQo/2CiCrXMUU6mXpUzcBcX2yqwYguhM5yQutCqLW1JF8aHv1cRrym
rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/ Name: XSRF-TOKEN
Value: da1700b7-fbc9-4230-b335-50c8bc8b19ec
rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/ Name: csrf-state
Value: 9Cy4bgGGOl_LY7laLtMnmD9vswO69NFdbjowKP3vQjs
rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com/ Name: csrf-state-legacy
Value: 9Cy4bgGGOl_LY7laLtMnmD9vswO69NFdbjowKP3vQjs
.login.microsoftonline.com/ Name: esctx-ckZhvHMZbdY
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8YFzhhk3JyC8ReUVLmAZcXOIpt_Lm4lILbMJkMtBnWnHDG7Y43TP9GVI-R1qPMWljpIug7yFZcw-aiYuqN1s6uM0rrFGjQLx3MxLIvct43ZaIwSy-snZzuQCkKW42fsAqJGUpmQfFozhOMzFXdKHhSiAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AYIAqCndR4sGlEWJwfKbkl9ltQAAAAAAAAAAAAAAAAAAAACCAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8eMVpnFSCNOUUMaFZmG4Wx-ml3RV4Di96WTvwixdo4rwV7hiolbjyT5QxZbFLe44rynt6inayt98O-lM-uihcLFQTbCdLnu2mRNuXJt_ob0wgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8Qde16IKVw5tZ9OffKthbGG9wCBgYTmYtl55jezCm-vfQK6a5FsleTtrS34BMi76W15bLubE5_-GBDJiuHY_3dBh4R1lBF0-uXb-mEjV18S0ZgQsmHtR_OZS26TgkNcm7v1tSeqL-TuwNeAbw9ppiFov5V9tTMIJ6AXiRHpnnNsggAA
.login.microsoftonline.com/ Name: esctx-KR79kFeqXls
Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8mDKIwxCJCFgMXH-Jwn82TjpjK_a8N30nSt8zN2J8OAVHUBwFj9c34FMOlzagVLxxb-Q9IojBK9Pbpl3QQ1ZfvaL0wPr3GOsi_Tg5pfjnzxvs4e0eHjkFibvba3paV4qPlMnKPjoT_9nljUedAFPSFiAA
login.microsoftonline.com/ Name: fpc
Value: AtqgYib5NuJPpiBScSimGMXunomRAQAAAKn6b90OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: afa1a724eaf6489bb6ac12b53ba1881c
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1709048746&co=1

2 Console Messages

Source Level URL
Text
other warning URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/47dd29a8-068b-4594-89c1-f29b925f65b5/saml2?SAMLRequest=fZLNatwwFIX3fQqjvfyjsRxbjB2GhEAg3UwmoXQTZPl6IrCvHElO23n6yp5MaTYBbSTOud%2FlHG2vf49D9A7WaYM1yeKURIDKdBqPNXk63NGSXDfftk6OA5vEbvavuIe3GZyPds6B9cF3Y9DNI9hHsO9awdP%2BoSav3k9OJImd6GRNN6tFSFs4AVKNHizKIZZhXAwz%2FRXGURbLUZ5MgB9RexMrMyYrNtHdZMFNgQIkug1ajdKv%2B14ogzlqjEetrHGm9wYHjbBOyK%2B6jlWypGlRtjTnVU7LSmW0Z1VbMd4XvOVnDInub2vyUhWbVvZZR7u%2BKGieFWkwsI72Zb7pVZn1UORB6twM9%2Bi8RF8TlrKcpoyyq0PGRb6cmPPNTxI9X5JlS7Iha3TinGVNZovCSKedQDmCE16Jx933BxGkImTmjTIDac7RixVooztjR%2Bm%2F9i4vOiy8SgWg1%2F7PJ%2FbXdnmplTSL7FyK%2BGhFuEn8K%2ByFH077uSx%2B8G3y%2F5bNx%2FXzf2n%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAF2Qy27bMBBF_4VrUxb1oCnt0gRN0dp14rhBgqIQ-JSp8KFKlIS46L-X2hRod5fDcwaY-wtQUAM5wUWOAWZNeb6eJoJfSrABLP4weZUOahfk4KiJQx6HKOhZXubBdkGKcYd82QXGSjfZCIgIXELox3q7_ddO1ufgE-la7aQctGu3dAoXyKkxjPK3aMtocy9kjCrGp5vDPsYW1N-B76XTYmUs1Qb82AAdidO5_HZK9Quc7bA8L-TDXYbsk1UPC0HT6-HTbXP2x5_msfncRrVbd2YljvEtxur2vWDt_f3RNPvXnaH7cHD2rprH5Yirrx8F6_zy5SGfH7sxGiYaQw_7wYuJB-0d_O--9Zjkb5cJtfTqHfet08En3K_tWFCjXVqlBdkV5Qb0oFbUjHIDhrXXVCKOCII0T3NYpJhAQimBVcWwZDwTSLG4I0S0qXDOqEICCoUxLBBOIakyARUpcsUJUhIX4Pcfd3Vnpt8BAAA.H4sIAAAAAAAAAHPb3TTh3Xn_jbWe2tYvnHqdHLo-szVyaf7nsc96IZDyazkAobKUdSAAAAA.3&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
bezen-internal.bezero.engineering
cognito-idp.eu-west-2.amazonaws.com
login.live.com
login.microsoftonline.com
rp-production-bezen-internal.auth.eu-west-2.amazoncognito.com
13.43.78.230
2603:1027:1:d8::5
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:bdf::60
2a05:d01c:4a0:2f00:6749:3716:b68e:fa26
2a05:d01c:4a0:2f01:22be:f1b1:a29a:199f
40.126.32.136
1a4a2437e72df4da5141dddfeae6e8238a85284b4d875106f0e0e8b7f84ef8a7
44c1362e04ebcb59e5938dd8b3c3374068d646b3dc2f1dbb58b4e101e0b8737e
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4e72380674809977fa6deb139a665499b101ad45f5f0c36321b22dcd552c8e09
52a7e44324fd24c04558e6a0e46c07df8a95365ad5c884b2a305a40b22f5d154
5ab9c2872db79a4b5f274bc230056109c5316bf2111003c78f245d159fb85adf
76ceb4cd07ec666010fa26ddbafc5e93513a5916d8564bbb4cd1984701b7e204
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46f32eb38ee74ebc6f372c507c57dfac648a172a52fd184191fc7a6dd0fa3be
af0298be9dfc18eef711173f9250884fc71a027667151e4eba18776a1033b842
b1929eebc1fb383d6db843b846c166ee5074bc0c22431043a3f4c89752985e8a
bd58ade3278a2a49a394139f7c256d49dbec49d4b38ab23073c753316c58b6fb
e4aeb5db80a7e29eba13f984cf9e510282a694c579ef29de492b32ec8fa93859
f631bccb99913fb8ec387de663ccb1e61b20dcf75efe4db6c4ec49806534d813
fa47b56b9b4f1f3391de4976c1b69621309cf346394a1e444db311a19457c773
fafacd7cf811c71936018ab78e00e7c433d1690d10b679348d519e870bc57861