urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:d8::4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://swassembly-test.go2advertising.com/
Effective URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1Ws...
Submission: On June 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 2603:1027:1:d8::4, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 209.249.119.176 6461 (ZAYO-6461)
2 2a00:1450:400... 15169 (GOOGLE)
2 2603:1027:1:d... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
7 2606:2800:233... 15133 (EDGECAST)
1 20.190.159.73 8075 (MICROSOFT...)
23 8
7    209.249.119.176 (United States)

ASN6461 (ZAYO-6461, US)
swassembly-test.go2advertising.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2603:1027:1:d8::4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
aadcdn.msftauthimages.net
7    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.159.73 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Apex Domain
Subdomains		 Transfer
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1065
263 KB
7 go2advertising.com
swassembly-test.go2advertising.com
1 MB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
27 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com Failed
21 KB
1 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 4481
8 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1015
49 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
92 KB
0 comcast.net Failed
edge.static-assets.top.comcast.net Failed
23 9
Domain Requested by
7 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
7 swassembly-test.go2advertising.com 1 redirects swassembly-test.go2advertising.com
2 login.microsoftonline.com swassembly-test.go2advertising.com
aadcdn.msauth.net
2 www.google-analytics.com swassembly-test.go2advertising.com
www.google-analytics.com
1 aadcdn.msftauthimages.net
1 login.live.com login.microsoftonline.com
1 aadcdn.msauth.net login.microsoftonline.com
1 www.googletagmanager.com www.google-analytics.com
0 region1.google-analytics.com Failed www.googletagmanager.com
0 edge.static-assets.top.comcast.net Failed
23 10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
swassembly-test.go2advertising.com
R10		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-05-27 -
2025-05-27		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-04-30 -
2025-04-30		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-05-12 -
2025-05-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Frame ID: 892D926EDC22F520F00BF95575BDBB19
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://swassembly-test.go2advertising.com/ Page URL
  2. https://swassembly-test.go2advertising.com/saml/auth/init/sherwin/i497PTcfb8AiM96hT?originalUrl=https://swassembly-test... HTTP 302
    https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxG... Page URL
  3. https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxG... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

91 %
HTTPS

71 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

1493 kB
Transfer

5599 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://swassembly-test.go2advertising.com/ Page URL
  2. https://swassembly-test.go2advertising.com/saml/auth/init/sherwin/i497PTcfb8AiM96hT?originalUrl=https://swassembly-test.go2advertising.com/ HTTP 302
    https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D Page URL
  3. https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://swassembly-test.go2advertising.com/saml/auth/init/sherwin/i497PTcfb8AiM96hT?originalUrl=https://swassembly-test.go2advertising.com/ HTTP 302
  • https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
swassembly-test.go2advertising.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://swassembly-test.go2advertising.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.249.119.176 , United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
/ Express Phusion Passenger(R) 6.0.18
Resource Hash
240a2876ad65e93e9e689972adc159d836e707a2905be85e98f0ed2e733d0922

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 08:03:33 GMT
status
200 OK
vary
Accept-Encoding
x-powered-by
Express Phusion Passenger(R) 6.0.18
66f41b60f0317c8b6637ddd31779b63e0bc542c7.css
swassembly-test.go2advertising.com/ 		298 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swassembly-test.go2advertising.com/66f41b60f0317c8b6637ddd31779b63e0bc542c7.css?meteor_css_resource=true
Requested by
Host: swassembly-test.go2advertising.com
URL: https://swassembly-test.go2advertising.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.249.119.176 , United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
/ Phusion Passenger(R) 6.0.18
Resource Hash
f192b0c7077a2d1732fc066844234c906a4d77b08499b3b95db0137b39396f8f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 08:03:33 GMT
content-encoding
gzip
etag
"66f41b60f0317c8b6637ddd31779b63e0bc542c7"
x-powered-by
Phusion Passenger(R) 6.0.18
vary
User-Agent, Accept-Encoding
content-type
text/css; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
868aa0f82039896693f39990773a1d70c4177c1b.js
swassembly-test.go2advertising.com/ 		4 MB
979 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swassembly-test.go2advertising.com/868aa0f82039896693f39990773a1d70c4177c1b.js?meteor_js_resource=true
Requested by
Host: swassembly-test.go2advertising.com
URL: https://swassembly-test.go2advertising.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.249.119.176 , United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
/ Phusion Passenger(R) 6.0.18
Resource Hash
2b5d42b3d8dc13b0ddf410a1dcafe2a94e4b092078a5ece312b130264a1e874a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 08:03:33 GMT
content-encoding
gzip
etag
"868aa0f82039896693f39990773a1d70c4177c1b"
x-powered-by
Phusion Passenger(R) 6.0.18
vary
User-Agent, Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: swassembly-test.go2advertising.com
URL: https://swassembly-test.go2advertising.com/868aa0f82039896693f39990773a1d70c4177c1b.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Jun 2024 06:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5670
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 22 Jun 2024 08:29:07 GMT
info
swassembly-test.go2advertising.com/sockjs/ 		78 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://swassembly-test.go2advertising.com/sockjs/info?cb=eg0_lcrwu8
Requested by
Host: swassembly-test.go2advertising.com
URL: https://swassembly-test.go2advertising.com/868aa0f82039896693f39990773a1d70c4177c1b.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.249.119.176 , United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
/ Phusion Passenger(R) 6.0.18
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

status
200 OK
access-control-allow-origin
*
date
Sat, 22 Jun 2024 08:03:37 GMT
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
x-powered-by
Phusion Passenger(R) 6.0.18
vary
Origin
content-type
application/json; charset=UTF-8
saml2
login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/
Redirect Chain
  • https://swassembly-test.go2advertising.com/saml/auth/init/sherwin/i497PTcfb8AiM96hT?originalUrl=https://swassembly-test.go2advertising.com/
  • https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoEl...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D
Requested by
Host: swassembly-test.go2advertising.com
URL: https://swassembly-test.go2advertising.com/868aa0f82039896693f39990773a1d70c4177c1b.js?meteor_js_resource=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab8fddea3582df5f34b91b9da225edcafac13aa4a79304c367cab311b523be3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://swassembly-test.go2advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8947
Content-Type
text/html; charset=utf-8
Date
Sat, 22 Jun 2024 08:03:37 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18298.5 - SCUS ProdSlices
x-ms-request-id
5c65fe62-1870-48c1-9fb5-5c55ad526500
x-ms-srs
1.P

Redirect headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 08:03:37 GMT
location
https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D
status
302 Found
x-powered-by
Express Phusion Passenger(R) 6.0.18
header-logo.svg
swassembly-test.go2advertising.com/swassembly/ 		71 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swassembly-test.go2advertising.com/swassembly/header-logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.249.119.176 , United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
/ Phusion Passenger(R) 6.0.18
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 08:03:37 GMT
content-encoding
gzip
etag
"60a049c49a7ae46b31ac7cefdefc45eac6fc87de"
x-powered-by
Phusion Passenger(R) 6.0.18
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=0
accept-ranges
bytes
footer-logo.svg
swassembly-test.go2advertising.com/swassembly/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swassembly-test.go2advertising.com/swassembly/footer-logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.249.119.176 , United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
/ Phusion Passenger(R) 6.0.18
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 08:03:37 GMT
content-encoding
gzip
etag
"a24630299a34a7cbeddf27b161098d173e39f5fc"
x-powered-by
Phusion Passenger(R) 6.0.18
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=0
accept-ranges
bytes
XfinityStandard-Regular.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ 		0
0
collect
www.google-analytics.com/j/ 		15 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2053780310&t=pageview&_s=1&dl=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=SW%20Assembly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=193767665&gjid=137203444&cid=1446471158.1719043418&tid=UA-71467696-2&_gid=119505808.1719043418&_r=1&_slc=1&z=813319310
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 08:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://swassembly-test.go2advertising.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X1HD276ES0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://swassembly-test.go2advertising.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 08:03:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93893
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 22 Jun 2024 08:03:38 GMT
collect
region1.google-analytics.com/g/ 		0
0
BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:38 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49696
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 22:13:21 GMT
etag
0x8DC7C3EB8EDBF94
x-azure-ref
20240622T080338Z-17d856f5577cxnqp6sqe5vudh800000005b000000000826b
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
48af03e4-f01e-005d-645f-c259b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/ 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4218c935b89793ce1b3fbe0bf8367be600d39e4344731992c03c1939bc9f12d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14509
Content-Type
text/html; charset=utf-8
Date
Sat, 22 Jun 2024 08:03:38 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18298.5 - EUS ProdSlices
x-ms-request-id
315ae42d-73fb-4034-9abb-64e6c5b17400
x-ms-srs
1.P
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8E) /
Resource Hash
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-encoding
gzip
content-md5
Xt+D0D6ntnvS81Ry5DXRfg==
age
2808803
x-cache
HIT
content-length
20390
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 00:59:03 GMT
server
ECAcc (frc/4C8E)
etag
0x8DC7543615A617D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
20adcbed-001e-005b-2dee-aa1c02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		437 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
ff6c4857f6f1ae8d2c56a40cc68c6263b805aff89a08ec297fff38714d122544

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-encoding
gzip
content-md5
OEJPopoH0FE0M0A7xJMu5Q==
age
2030638
x-cache
HIT
content-length
121711
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 22:12:35 GMT
server
ECAcc (frc/4CA2)
etag
0x8DC7C3E9D835E19
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dd0a3fc0-e01e-003d-4902-b2a42c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C87) /
Resource Hash
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-encoding
gzip
content-md5
hMQnnlZDgFUCnuSdMmb7Ag==
age
1998561
x-cache
HIT
content-length
17574
x-ms-lease-status
unlocked
last-modified
Wed, 29 May 2024 00:50:38 GMT
server
ECAcc (frc/4C87)
etag
0x8DC7F795BADC172
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6b9f72bd-901e-0032-444d-b22d33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C84) /
Resource Hash
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-encoding
gzip
content-md5
P5ihddUjL2Zb7/wjNS1xdg==
age
6924570
x-cache
HIT
content-length
54318
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:23:30 GMT
server
ECAcc (frc/4C84)
etag
0x8DC4F6D50F3D2E7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0d451fae-201e-00dd-7d80-85b15b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
7791778
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
server
ECAcc (frc/4CBA)
etag
0x8D8731240E548EB
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
debb0496-801e-00bf-299d-7da57d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-nfsbzkmuxbmqzono61nnirtwx9xsqsqybv-qhns-2ws/logintenantbranding/0/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-nfsbzkmuxbmqzono61nnirtwx9xsqsqybv-qhns-2ws/logintenantbranding/0/bannerlogo?ts=636879909303556012
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3535b00ff0dd14ef17c4438eba514bec0700d9a5bea61411207ab3c1f1abe70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:40 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
50755578
content-length
7293
x-ms-lease-status
unlocked
last-modified
Tue, 12 Mar 2019 12:35:30 GMT
etag
0x8D6A6E736F1D487
x-azure-ref
20240622T080340Z-17d856f55777sdqp2b367qq49g000000051g00000000r4x6
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
2d8f74ef-501e-0038-7280-c2a393000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_7cCuNdJ3E-hQqbT-gOnvng2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9C) /
Resource Hash
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-encoding
gzip
content-md5
/PcUcu/J5hSxDf1JmAX3KQ==
age
6924569
x-cache
HIT
content-length
35807
x-ms-lease-status
unlocked
last-modified
Thu, 28 Mar 2024 21:23:33 GMT
server
ECAcc (frc/4C9C)
etag
0x8DC4F6D5254E400
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
af16a545-201e-00b5-6680-85ab68000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.microsoftonline.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 22 Jun 2024 08:03:39 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
7791820
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frc/4CA2)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cc0763e7-101e-0082-0a9c-7d5b77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.static-assets.top.comcast.net
URL
https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1HD276ES0&gtm=45je46j0v9125847620za200&_p=1719043417966&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1446471158.1719043418&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&dp=%2F&dt=SW%20Assembly&sid=1719043418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5265&_z=fetch

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8

16 Cookies

Domain/Path Name / Value
.go2advertising.com/ Name: _ga
Value: GA1.2.1446471158.1719043418
.go2advertising.com/ Name: _gid
Value: GA1.2.119505808.1719043418
.go2advertising.com/ Name: _gat
Value: 1
.go2advertising.com/ Name: _ga_X1HD276ES0
Value: GS1.2.1719043418.1.0.1719043418.0.0.0
.login.microsoftonline.com/ Name: esctx-91RqN3jmEz0
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYDcIWEz4pdJPidfDtTQXkEDW3h6Smw4tk6TpwVyygeOFqdRuM1OWGPQJFOFGQ0DbvYCUsP5mN0RAzqqAgpzRjlDnXIf1bHM9cjdUhS-hHZn-Rtmv9ofmhfTgMWIX0DFOaN09bHX841QdmxD40ze_w1CAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ARcAZ5q3RHLZukmRZ46wX3VKGkRExc5FoUNKmrav8WA97cwXAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYwYEgQ0H8mIM_Kgpc04IPaDab12lmVDXBR0vB4UDhjyjw5iqFlEMvl4HNR-v6x-J9fzANqYKQ5DgDtDfe81wUYpgUEEI0u8wEOvAlxykOFNwgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYek0NaIr7FLd9NjMDx4Omaj5lTHOkhHlgKsqMSfJdsZv7LYn4-kjOExot5AjzmbNHuuSFScHau0mPgGtyfXCKoON2TQF6GbRaIj9a2HIvYVBIbbpKSIlzssSoOdecgPRE1doQY0xPszs59rRSjfFneNRXO_ZsOBvhNSslNYYOpLwgAA
.login.microsoftonline.com/ Name: esctx-nkDKWTTzr4
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYzFO0HW4jpOOlgeppEKim8ckj3tAm5Iynx6-O0i8N87Ho2KUya7jn1osgOolxEpLXu6EGk9iXSwMrZ0uO8an0b4hRCkMHWA3NhX4l7CyUZSB-SjlY3RPdkBmUlOaUgF4hE-eQMYvws7sKQF4czH6tsCAA
login.microsoftonline.com/ Name: fpc
Value: AimcwRz9e7VJj-afgfnpogdHe4RTAQAAAFp8CN4OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 9f4a6cffec2f4a498403a29ef1435270
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1719043419&co=1

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login.microsoftonline.com/44b79a67-d972-49ba-9167-8eb05f754a1a/saml2?SAMLRequest=nVNbT8IwGH33Vyx934UxGGvYkikaiYoLTE18Md1WsEnXzn4diL%2FeMi%2FBBImxT72c75zvnLZjIDVvcNrqZzGnLy0Fbb3WXADuDmLUKoElAQZYkJoC1iVepDfX2Hc83CipZSk5OrEOjOkkRk9v2Xy4nk3O80U%2FZA%2Bz4eDq4eow%2FJ4qYFLEyDD%2FQgjQ0qkATYQ2MM8PbG9o%2B37ujbDXx%2F3w8XBd9tnmKRMVE6vjnooPEODLPM%2Fs7HaRHyZNAajSpuEzKaCtqVpQtWYlvZtfx%2BhZ6waw68KGGFhd8K2tTbLOSvqkWu%2FqwGg4pazdXcwuMfG7TDCNrInBMUF0F8UXD5crJpyalUqCXGopOBO0Kw%2BCIozIMLSrKPTtICqIHfXMckQLb7AMBwHpkU7DR4nxMd5NcRek2rvn45GQL6so%2Bbuxsbsn9S3d4Jmhn04yyVm5%2FcdLsy6kqon%2BHd1zet0Oq%2BxlB8WtgIaWbMlohayUc7k5U5RoGiOtWorc5OSj15%2B%2FIHkH&RelayState=https%3A%2F%2Fswassembly-test.go2advertising.com%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=T7LxrXiVMT9VHEKds9narqpAC%2F2vDxq7tVQsBWTnbhOMHMOQikGHfU6nEkHuXPl%2Bv%2F3uTbuiZ9jnn%2Fo31082xwM454vog1osCDCqf5j6Zg388wW9h41l80ChkbpF%2BB92iI3ccEUthehQPnVQHaBEZ7NJ%2FggTgrUonXMpdlwskxJMKRdO9Yy%2FXNF8kdfZaxf2mJu02s0Cg28v%2BN4HRxTBp%2B6CAajuJUkwSmeSYqf80xk4g%2B5JIS2y7fA8If3bEJF6PslSkjL7dWxy5xd%2FjULwmPo9YA3aDSQs10PcDxLWvYIvAzdBbyKmyVazAfYM2D4I3Q7rVBVcROO8bCfIm8Imwg%3D%3D&sso_reload=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
edge.static-assets.top.comcast.net
login.live.com
login.microsoftonline.com
region1.google-analytics.com
swassembly-test.go2advertising.com
www.google-analytics.com
www.googletagmanager.com
edge.static-assets.top.comcast.net
region1.google-analytics.com
20.190.159.73
209.249.119.176
2603:1027:1:d8::4
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
240a2876ad65e93e9e689972adc159d836e707a2905be85e98f0ed2e733d0922
2b5d42b3d8dc13b0ddf410a1dcafe2a94e4b092078a5ece312b130264a1e874a
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
4218c935b89793ce1b3fbe0bf8367be600d39e4344731992c03c1939bc9f12d0
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
ab8fddea3582df5f34b91b9da225edcafac13aa4a79304c367cab311b523be3b
b3535b00ff0dd14ef17c4438eba514bec0700d9a5bea61411207ab3c1f1abe70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f192b0c7077a2d1732fc066844234c906a4d77b08499b3b95db0137b39396f8f
ff6c4857f6f1ae8d2c56a40cc68c6263b805aff89a08ec297fff38714d122544