Submitted URL: https://lms.vinciworks.com/cms
Effective URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd...
Submission Tags: falconsandbox
Submission: On April 20 via api from US — Scanned from GB

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 25 HTTP transactions. The main IP is 40.126.31.69, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 30.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 2nd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 185.13.246.154 15692 (RAZORBLUE)
1 69.16.175.10 20446 (STACKPATH...)
1 172.217.18.8 15169 (GOOGLE)
3 40.126.31.69 8075 (MICROSOFT...)
13 152.199.23.37 15133 (EDGECAST)
1 20.190.160.17 8075 (MICROSOFT...)
2 13.107.213.45 8068 (MICROSOFT...)
1 40.126.32.68 8075 (MICROSOFT...)
25 9
Apex Domain
Subdomains
Transfer
13 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 2612
266 KB
4 vinciworks.com
lms.vinciworks.com
3 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 30
109 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 6869
111 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1590
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 61
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
44 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 997
32 KB
0 google-analytics.com Failed
www.google-analytics.com Failed
25 9
Domain Requested by
13 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
4 lms.vinciworks.com 2 redirects code.jquery.com
3 login.microsoftonline.com lms.vinciworks.com
login.microsoftonline.com
aadcdn.msftauth.net
2 aadcdn.msftauthimages.net
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
1 www.googletagmanager.com lms.vinciworks.com
1 code.jquery.com lms.vinciworks.com
0 www.google-analytics.com Failed www.googletagmanager.com
25 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.vinciworks.com
AlphaSSL CA - SHA256 - G4
2023-02-07 -
2024-03-10
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2023-03-02 -
2024-03-02
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2023-01-31 -
2024-01-31
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2023-04-02 -
2024-04-02
a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure TLS Issuing CA 01
2023-03-17 -
2024-03-11
a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA
2023-04-02 -
2024-04-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Frame ID: 144CCAE6D2DF58C2DE7A888C92CB75F2
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://lms.vinciworks.com/cms HTTP 301
    https://lms.vinciworks.com/cms/ Page URL
  2. https://lms.vinciworks.com/cms/Shibboleth.sso/Login?target=https%3A%2F%2Flms.vinciworks.com%2Fcms%2Fsso... HTTP 302
    https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVs... Page URL
  3. https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVs... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

565 kB
Transfer

1477 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lms.vinciworks.com/cms HTTP 301
    https://lms.vinciworks.com/cms/ Page URL
  2. https://lms.vinciworks.com/cms/Shibboleth.sso/Login?target=https%3A%2F%2Flms.vinciworks.com%2Fcms%2Fssologin.aspx&entityID=https%3A%2F%2Fsts.windows.net%2F8ddab297-11af-4f76-b704-c18a1d2b702f%2F HTTP 302
    https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b Page URL
  3. https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://lms.vinciworks.com/cms HTTP 301
  • https://lms.vinciworks.com/cms/
Request Chain 4
  • https://lms.vinciworks.com/cms/Shibboleth.sso/Login?target=https%3A%2F%2Flms.vinciworks.com%2Fcms%2Fssologin.aspx&entityID=https%3A%2F%2Fsts.windows.net%2F8ddab297-11af-4f76-b704-c18a1d2b702f%2F HTTP 302
  • https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
lms.vinciworks.com/cms/
Redirect Chain
  • https://lms.vinciworks.com/cms
  • https://lms.vinciworks.com/cms/
3 KB
2 KB
Document
General
Full URL
https://lms.vinciworks.com/cms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.13.246.154 London, United Kingdom, ASN15692 (RAZORBLUE, GB),
Reverse DNS
185-13-246-154.static.razorblue.net.uk
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
04d66a69c7f76c033e356bd2bbd366566ffafbf8f86de5eb8421b4a55a9d2349

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1325
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Apr 2023 15:09:06 GMT
ETag
"dc9e1c73f695d41:0"
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 17 Dec 2018 10:51:22 GMT
Server
Microsoft-IIS/8.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Connection
Keep-Alive
Content-Length
153
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Apr 2023 15:09:06 GMT
Keep-Alive
timeout=5, max=100
Location
/cms/
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
jquery-1.10.2.min.js
code.jquery.com/
91 KB
32 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: lms.vinciworks.com
URL: https://lms.vinciworks.com/cms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://lms.vinciworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 15:09:07 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-16bb3"
vary
Accept-Encoding
x-hw
1682003347.dop218.lo4.t,1682003347.cds059.lo4.hn,1682003347.cds259.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32788
js
www.googletagmanager.com/gtag/
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36470130-1
Requested by
Host: lms.vinciworks.com
URL: https://lms.vinciworks.com/cms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://lms.vinciworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 15:09:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44625
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Apr 2023 15:09:07 GMT
GetHtmlLink
lms.vinciworks.com/cms/FirmsMgmt/GetSSORedirectionLink.aspx/
202 B
540 B
XHR
General
Full URL
https://lms.vinciworks.com/cms/FirmsMgmt/GetSSORedirectionLink.aspx/GetHtmlLink
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.13.246.154 London, United Kingdom, ASN15692 (RAZORBLUE, GB),
Reverse DNS
185-13-246-154.static.razorblue.net.uk
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lms.vinciworks.com/cms/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Thu, 20 Apr 2023 15:09:06 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
private, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
202
saml2
login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/
Redirect Chain
  • https://lms.vinciworks.com/cms/Shibboleth.sso/Login?target=https%3A%2F%2Flms.vinciworks.com%2Fcms%2Fssologin.aspx&entityID=https%3A%2F%2Fsts.windows.net%2F8ddab297-11af-4f76-b704-c18a1d2b702f%2F
  • https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0...
154 KB
56 KB
Document
General
Full URL
https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b
Requested by
Host: lms.vinciworks.com
URL: https://lms.vinciworks.com/cms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9117dff0d75bef15fd5913f514c8684572ff630e9d65e5a19eb654f62b866fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lms.vinciworks.com/cms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55928
Content-Type
text/html; charset=utf-8
Date
Thu, 20 Apr 2023 15:09:07 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.15175.8 - NEULR2 ProdSlices
x-ms-request-id
962d5039-be6e-4a43-9249-0f52bc071e00

Redirect headers

Cache-Control
private,no-store,no-cache,max-age=0
Connection
Keep-Alive
Content-Length
40
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Apr 2023 15:09:06 GMT
Expires
Wed, 01 Jan 1997 12:00:00 GMT
Keep-Alive
timeout=5, max=97
Location
https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
analytics.js
www.google-analytics.com/
0
0

Primary Request saml2
login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/
197 KB
51 KB
Document
General
Full URL
https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5bdbabd88fad6b66c1aff21c3fa280c70b8d737d8722ed2db626f386c28e0d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50789
Content-Type
text/html; charset=utf-8
Date
Thu, 20 Apr 2023 15:09:07 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.15175.8 - WEULR1 ProdSlices
x-ms-request-id
6820b833-482c-48d2-99cd-7974446c2a00
ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
aadcdn.msftauth.net/shared/1.0/content/js/
406 KB
113 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A6) /
Resource Hash
67769a6666da049160418b9bc23f1b5ef80b8e64f31adfeae07609c1323a8df4

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-encoding
gzip
content-md5
8k5PcnJiUND9J+3SrqIU9Q==
age
2699832
x-cache
HIT
content-length
114908
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 18:14:12 GMT
server
ECAcc (lhd/35A6)
etag
0x8DB264A3EF39570
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c2ceb121-301e-0015-3d0c-5b740c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
107 KB
32 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35BD) /
Resource Hash
684b00f00affae290934eecbe42eb5eda60e464ad42f84fcfbeacc44ea94e058

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-encoding
gzip
content-md5
OQp8wyezCVBxxlQ0oNEkXg==
age
4230170
x-cache
HIT
content-length
32199
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 01:21:52 GMT
server
ECAcc (lhd/35BD)
etag
0x8DB192A2C7B783B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
76cdb4a9-201e-003e-2c20-4dde12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_ri9kuwotliet3wfbgspsga2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
0
20 KB
Other
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ri9kuwotliet3wfbgspsga2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/359C) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-encoding
gzip
content-md5
ChFamsxirG9fmBt4/kbQ4Q==
age
3711500
x-cache
HIT
content-length
20004
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 21:23:23 GMT
server
ECAcc (lhd/359C)
etag
0x8DB1F522EBD9183
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
09dc16ec-201e-0093-5ed8-516a88000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_zpibxgfrjp34am4d6asnjg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
0
14 KB
Other
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_zpibxgfrjp34am4d6asnjg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A3) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-encoding
gzip
content-md5
3sp4sOk2blnM0+UcecVkTQ==
age
2675842
x-cache
HIT
content-length
14179
x-ms-lease-status
unlocked
last-modified
Fri, 17 Mar 2023 00:56:52 GMT
server
ECAcc (lhd/35A3)
etag
0x8DB26827F4237EC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
88274bd4-d01e-0064-3443-5bb7da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_acf6fa8e3cf2ed1f4a24.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
15 KB
6 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_acf6fa8e3cf2ed1f4a24.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35FE) /
Resource Hash
5c3262829ee080da4f3a9e8792a4a4dc6d83ff25e5112d582f9a469e86a3440a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-encoding
gzip
content-md5
RiTl/DRDayD2iHRM6kSPAA==
age
4217105
x-cache
HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 01:21:52 GMT
server
ECAcc (lhd/35FE)
etag
0x8DB192A2C8E1446
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
52397edb-801e-004d-153f-4d10a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DC) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
29690158
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35DC)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3cb1ccf0-e01e-007c-1992-652fdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B5) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
29690158
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35B5)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
94c54aee-301e-0034-4592-65f450000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/c1c6b6c8-zsegslf2tp504a-sdbzu1kdxmvw164tmyyvz54ypr0/logintenantbranding/0/
102 KB
103 KB
Image
General
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-zsegslf2tp504a-sdbzu1kdxmvw164tmyyvz54ypr0/logintenantbranding/0/illustration?ts=637533357686746589
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
799b42f84688315f9c8b6335807c56bb3ca1db4717a0fa8d48617ca0e82c6175

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
last-modified
Tue, 06 Apr 2021 19:56:09 GMT
x-azure-ref-originshield
0yApAZAAAAADnrQuwzdekQqEqKjTuWejCTU5aMjIxMDYwNjEyMDMxADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5
U++mKMegMYq0zEI11H+VtQ==
etag
0x8D8F9360595CE4F
vary
Origin
x-cache
TCP_HIT
content-type
image/*
x-azure-ref
0lVVBZAAAAADLmr9uFuibT5gMOdC4loycQVRBRURHRTEyMTUANTk2NjU3MTUtNDI2YS00ZjFjLWEwNTktZDVkZmQ0MGFlNmI5
x-ms-request-id
3a604e43-b01e-0050-5bd4-7299fc000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
104433
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-zsegslf2tp504a-sdbzu1kdxmvw164tmyyvz54ypr0/logintenantbranding/0/
8 KB
8 KB
Image
General
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-zsegslf2tp504a-sdbzu1kdxmvw164tmyyvz54ypr0/logintenantbranding/0/bannerlogo?ts=637533411804693043
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d40a22b506531fada853b6d1af8a131fa919c93fa2eb615881d8f1440bb25a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
last-modified
Tue, 06 Apr 2021 21:26:20 GMT
x-azure-ref-originshield
0lVVBZAAAAADWoJRSypBkS7thKZWQDKuoTU5aMjIxMDYwNjEyMDE3ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5
L5GaBjDeoPabP0DD0k+CjA==
etag
0x8D8F9429F3C8587
vary
Origin
x-cache
TCP_REMOTE_HIT
content-type
image/*
x-azure-ref
0lVVBZAAAAADbQTirsWXwSIaPWjrZbhrDQVRBRURHRTEyMTUANTk2NjU3MTUtNDI2YS00ZjFjLWEwNTktZDVkZmQ0MGFlNmI5
x-ms-request-id
0f7ef12a-f01e-0041-47d4-720348000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
7899
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DC) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
29690158
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35DC)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3cb1ccf0-e01e-007c-1992-652fdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B5) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:08 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
29690158
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (lhd/35B5)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
94c54aee-301e-0034-4592-65f450000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/8ddab297-11af-4f76-b704-c18a1d2b702f/winauth/
12 B
1 KB
Image
General
Full URL
https://autologon.microsoftazuread-sso.com/8ddab297-11af-4f76-b704-c18a1d2b702f/winauth/ssoprobe?client-request-id=2d9b0ee4-e542-4604-90c4-24743e8329cd&_=1682003348854
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 15:09:08 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
f56e8e46-0b2d-4723-98ea-3472cd141f00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15175.8 - WEULR2 ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/
265 B
1 KB
XHR
General
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e1c0517cfeb663b994a053b84d9c260ee44ec93af83ff83c7001f0ddc979edaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
6820b833-482c-48d2-99cd-7974446c2a00
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
client-request-id
2d9b0ee4-e542-4604-90c4-24743e8329cd
canary
PAQABAAEAAAD--DLA3VO7QrddgJg7WevrRiUYVKJp8eAIF_xTtPf-yVcI2diHEt1W1MENkhctPYtqJt5yTWOZVD2GiFjdnTwSzNXif2wEgO4cPP4jAaJQakGfxLFloEnoL_JhLSpxe0Y71q3ualF4d-0Fecx3A0NmVoszhAUIjRkuRf1PN-w09AFOeE-oBnKW9eAwtbWmtBbYPiuGGqqGqbXJvawPW-rgCCJVm2qZnuSnbMyg8oLojyAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 20 Apr 2023 15:09:08 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
2d9b0ee4-e542-4604-90c4-24743e8329cd
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
d5d8664f-0502-4291-b854-e07650c61b00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.15175.8 - WEULR2 ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_12d145c6db04e5f655d1.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
111 KB
35 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_12d145c6db04e5f655d1.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fDEeyPmTrJZRJANKd5wNrA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A1) /
Resource Hash
63208f374321428494b35beefbc5a80b325c319c3a5d71311879159ec52ea5e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:09 GMT
content-encoding
gzip
content-md5
UGdLnNjQ2ANqAZtcyoAOCg==
age
4228954
x-cache
HIT
content-length
35822
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 01:21:54 GMT
server
ECAcc (lhd/35A1)
etag
0x8DB192A2D6B421E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6c256fb7-201e-0095-5223-4d8c49000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/
2 KB
784 B
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3589) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:09 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
29690158
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (lhd/3589)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
101484d9-e01e-005b-7792-654940000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_ri9kuwotliet3wfbgspsga2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
108 KB
20 KB
Fetch
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ri9kuwotliet3wfbgspsga2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/359C) /
Resource Hash
0475171785bc7ab2d22a42a8d2e8d219c25e18cb7c0b48c5bfbabf4e4070afe9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:13 GMT
content-encoding
gzip
content-md5
ChFamsxirG9fmBt4/kbQ4Q==
age
3711505
x-cache
HIT
content-length
20004
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 21:23:23 GMT
server
ECAcc (lhd/359C)
etag
0x8DB1F522EBD9183
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
09dc16ec-201e-0093-5ed8-516a88000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_zpibxgfrjp34am4d6asnjg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
48 KB
14 KB
Fetch
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_zpibxgfrjp34am4d6asnjg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8ddab297-11af-4f76-b704-c18a1d2b702f/saml2?SAMLRequest=hZJRT8IwFIX%2FytL3rVsHDBpGgvAgCSpx0wdfTNd10Ni1s7cD%2FfduTA2%2B4FuTnn7nnnM7B1arhi5bd9CP4r0V4LyPWmmg54sUtVZTw0AC1awWQB2n2fJuS0kQ0sYaZ7hRyFsCCOuk0Sujoa2FzYQ9Si6eHrcpOjjXAMVY1RAcpebyZOwbBNzUmNeAs4MsCqOEOwQABvd0gncPWY68dTeO1KwHX2DMXuqgltwaMJUzWkktzrRpWbKCzBI%2Filjlj6pk4hdJOPJ5NGVRSbozqXCfiyBvs07RK6lKFrOQsHjMy1kSF0SQWTXmE1ZGSTHqZQCt2GhwTLsUkZDEfgckYR6NaTijYfKCvN13DTdSl1Lvr3dWDCKgt3m%2B84eYz8LCOWInQIt5PyE9G9uLXVzHsp8FoMU%2FdcNv3XN84TTYNvS%2BQ2%2FWO6Mk%2F%2FSWSpnTygrmRIoihBfDk7%2F%2FZfEF&RelayState=ss%3Amem%3A700b584b3fb066aa14d346590c2f5a4a6888e08c08882d585009161a4229af6b&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A3) /
Resource Hash
c59383b69e1688a184c78f308ef34dd667222f00c4066d6f0e22ebb20e9d1e24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Apr 2023 15:09:13 GMT
content-encoding
gzip
content-md5
3sp4sOk2blnM0+UcecVkTQ==
age
2675847
x-cache
HIT
content-length
14179
x-ms-lease-status
unlocked
last-modified
Fri, 17 Mar 2023 00:56:52 GMT
server
ECAcc (lhd/35A3)
etag
0x8DB26827F4237EC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
88274bd4-d01e-0064-3443-5bb7da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d boolean| __convergedlogin_pfetchsessionsprogress_acf6fa8e3cf2ed1f4a24 boolean| __convergedlogin_pstringcustomizationhelper_12d145c6db04e5f655d1

17 Cookies

Domain/Path Name / Value
lms.vinciworks.com/cms Name: CKClientDateTime
Value: 0
lms.vinciworks.com/cms Name: CKGMTClienta
Value: 0
lms.vinciworks.com/cms Name: CKGmtTimeZone
Value: GMT)
lms.vinciworks.com/ Name: ASP.NET_SessionId
Value: x0iwfqvr5nrs2m45qdgl04fl
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AXQAl7Laja8Rdk-3BMGKHStwL_lmrw9nLTJLh4ng2KYjfEN0AAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrPtCt7YFiwdK2iBe-xq1k_-j-Vue6s_9wfBLNNadveCfTeQwY6a9qLGHJQQ6_N-_mcJC4eGoJw9loY1V5rrUltN4ss4EM7zV7t8TprtgfIlogAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrYu5Nu7-8RjFAselVjIYBKo5nDtSBsMzIhD-gCpn3yu_fu2SgC72inpeCFc5fmbeQcOrvpsXXBOEIM9tkpTfOjZ5fgO2506Uqri4PXrWfJnn7OaWDFVjCUxOsQAqptpcgSOX7wbTKJeBSl_1tXlvNfGvsfopQOrslyS2nN673_Tvd-nDS_z8-fXAu_98vif1QVc_N4q4ChMrNKeu-9SkInhe8T2FTHTZDO-weVzOZgLEgAA
login.microsoftonline.com/ Name: fpc
Value: Ark_eVpxVqlPvJJp_v4wA1WOTB3DAQAAAJRM09sOAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 3fac68c0afc24430ab545fff5b865084
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1682003348&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: Au-UnxDJNDdKgc_QNwEbFxM
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/8ddab297-11af-4f76-b704-c18a1d2b702f/winauth/ssoprobe?client-request-id=2d9b0ee4-e542-4604-90c4-24743e8329cd&_=1682003348854
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
code.jquery.com
lms.vinciworks.com
login.live.com
login.microsoftonline.com
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
13.107.213.45
152.199.23.37
172.217.18.8
185.13.246.154
20.190.160.17
40.126.31.69
40.126.32.68
69.16.175.10
0475171785bc7ab2d22a42a8d2e8d219c25e18cb7c0b48c5bfbabf4e4070afe9
04d66a69c7f76c033e356bd2bbd366566ffafbf8f86de5eb8421b4a55a9d2349
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
5c3262829ee080da4f3a9e8792a4a4dc6d83ff25e5112d582f9a469e86a3440a
63208f374321428494b35beefbc5a80b325c319c3a5d71311879159ec52ea5e8
67769a6666da049160418b9bc23f1b5ef80b8e64f31adfeae07609c1323a8df4
684b00f00affae290934eecbe42eb5eda60e464ad42f84fcfbeacc44ea94e058
6d40a22b506531fada853b6d1af8a131fa919c93fa2eb615881d8f1440bb25a1
799b42f84688315f9c8b6335807c56bb3ca1db4717a0fa8d48617ca0e82c6175
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9117dff0d75bef15fd5913f514c8684572ff630e9d65e5a19eb654f62b866fbe
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c59383b69e1688a184c78f308ef34dd667222f00c4066d6f0e22ebb20e9d1e24
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d5bdbabd88fad6b66c1aff21c3fa280c70b8d737d8722ed2db626f386c28e0d6
e1c0517cfeb663b994a053b84d9c260ee44ec93af83ff83c7001f0ddc979edaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855