urlscan.io logo urlscan.io
SecurityTrails logo

b2csandboxdemo.b2clogin.com Open in urlscan Pro
40.126.32.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://demo.dev.mycostrack.app/
Effective URL: https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-...
Submission: On December 12 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 40.126.32.74, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is b2csandboxdemo.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 13th 2024. Valid for: 6 months.
This is the only time b2csandboxdemo.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 20.8.24.149 8075 (MICROSOFT...)
4 142.250.184.202 15169 (GOOGLE)
2 13.107.253.45 8075 (MICROSOFT...)
5 20.19.27.128 8075 (MICROSOFT...)
2 40.126.32.136 8075 (MICROSOFT...)
1 3 40.126.32.74 8075 (MICROSOFT...)
2 20.190.160.17 ()
3 20.60.13.225 ()
1 152.199.19.160 ()
36 10
10    20.8.24.149 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
demo.dev.mycostrack.app
ashy-forest-0d0826003.5.azurestaticapps.net
4    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    13.107.253.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
5    20.19.27.128 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
francecentral-1.in.applicationinsights.azure.com
2    40.126.32.136 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b2csandboxdemo.b2clogin.com
3    40.126.32.74 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b2csandboxdemo.b2clogin.com
2    20.190.160.17 (None, )

ASN- ()
b2csandboxdemo.b2clogin.com
3    20.60.13.225 (None, )

ASN- ()
saprodfrceuib.blob.core.windows.net
1    152.199.19.160 (None, )

ASN- ()
ajax.aspnetcdn.com
Domain Requested by
7 b2csandboxdemo.b2clogin.com 1 redirects demo.dev.mycostrack.app
ashy-forest-0d0826003.5.azurestaticapps.net
b2csandboxdemo.b2clogin.com
5 ashy-forest-0d0826003.5.azurestaticapps.net demo.dev.mycostrack.app
ashy-forest-0d0826003.5.azurestaticapps.net
5 francecentral-1.in.applicationinsights.azure.com demo.dev.mycostrack.app
ashy-forest-0d0826003.5.azurestaticapps.net
5 demo.dev.mycostrack.app demo.dev.mycostrack.app
4 fonts.googleapis.com demo.dev.mycostrack.app
ashy-forest-0d0826003.5.azurestaticapps.net
3 saprodfrceuib.blob.core.windows.net b2csandboxdemo.b2clogin.com
2 js.monitor.azure.com demo.dev.mycostrack.app
ashy-forest-0d0826003.5.azurestaticapps.net
1 ajax.aspnetcdn.com b2csandboxdemo.b2clogin.com
36 8

This site contains no links.

Subject Issuer Validity Valid
demo.dev.mycostrack.app
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-12-12 -
2025-06-12		 6 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-11-19 -
2025-05-18		 6 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-11-30 -
2025-05-29		 6 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-10-13 -
2025-04-13		 6 months crt.sh
*.5.azurestaticapps.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-11-08 -
2025-05-07		 6 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-10-27 -
2025-04-25		 6 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: D196F98949F0AD792C8665C4A6E61402
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rocket Platform

Page URL History Show full URLs

  1. https://demo.dev.mycostrack.app/ Page URL
  2. https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id... HTTP 302
    https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/ Page URL
  3. https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id... Page URL

Page Statistics

36
Requests

86 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

10
IPs

3
Countries

18049 kB
Transfer

73293 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://demo.dev.mycostrack.app/ Page URL
  2. https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdemo.dev.mycostrack.app%2Fsession%2F&client-request-id=0193bb30-f8b2-7647-afef-a89590d06453&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=exelRfsjnSkyV5rYKO2BDGAJ3Sqyqst0HhGjv05QpTQ&code_challenge_method=S256&nonce=0193bb30-f8b6-7fdb-bab7-fd37dfe66548&state=eyJpZCI6IjAxOTNiYjMwLWY4YjMtNzBlNi05Y2E1LWViMzg0ZDBhYzRjZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D HTTP 302
    https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/ Page URL
  3. https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdemo.dev.mycostrack.app%2Fsession%2F&client-request-id=0193bb30-f8b2-7647-afef-a89590d06453&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=exelRfsjnSkyV5rYKO2BDGAJ3Sqyqst0HhGjv05QpTQ&code_challenge_method=S256&nonce=0193bb30-f8b6-7fdb-bab7-fd37dfe66548&state=eyJpZCI6IjAxOTNiYjMwLWY4YjMtNzBlNi05Y2E1LWViMzg0ZDBhYzRjZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D HTTP 302
  • https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
demo.dev.mycostrack.app/ 		650 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://demo.dev.mycostrack.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7cebda79ee2881034b1fd7edb2cb60f0991fab8954be7453c7a4eed8c7669878
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Thu, 12 Dec 2024 14:06:04 GMT
etag
"68087307"
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
main.4819cd86.js
demo.dev.mycostrack.app/static/js/ 		35 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02c555cc1b37992620a2e223d686c2aa69c181535f8fb31b029f58151dd93fe3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.dev.mycostrack.app/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 12 Dec 2024 14:06:04 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
vary
Accept-Encoding
main.e93eeb00.css
demo.dev.mycostrack.app/static/css/ 		1005 B
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.dev.mycostrack.app/static/css/main.e93eeb00.css
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
541d51b5e4d8aadb1cfe7f207eb239ab06e817cf54726c29b0fd6db71693bd2e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.dev.mycostrack.app/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 12 Dec 2024 14:06:03 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/css/main.e93eeb00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
dae65e43ce0ffcb9722f0ac5dc5a774548f0134883a1e046b981aed48b69dfa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:06:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 12:21:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		7 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/css/main.e93eeb00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
3c16906c4ccf4fd25089643418eef09c372ca75dc2b06a7ef51f9fba6e644eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:06:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 13:17:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
3ab00133-a771-4f60-962b-1f867b63be75
https://demo.dev.mycostrack.app/ 		0
0
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://demo.dev.mycostrack.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
traceparent
access-control-allow-methods
GET
access-control-allow-origin
https://demo.dev.mycostrack.app
access-control-max-age
86400
content-length
0
date
Thu, 12 Dec 2024 14:06:08 GMT
x-azure-ref
20241212T140608Z-178564dc65bmbvn6hC1PARpfh000000005x00000000013c6
x-cache
TCP_MISS
x-ms-request-id
f07c6c62-801e-002a-3b9e-4cf251000000
x-ms-version
2014-02-14
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		1 KB
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
traceparent
00-eab9f25ea51246bba04a297a79cf9125-7ab76ab1e5eb44f6-01
Referer

Response headers

x-azure-ref
20241212T140608Z-178564dc65bmbvn6hC1PARpfh000000005x00000000013ca
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
77c8617d-201e-00b7-0c66-46ed75000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
1.0.0
date
Thu, 12 Dec 2024 14:06:08 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Tue, 02 Apr 2024 18:24:43 GMT
translation.json
demo.dev.mycostrack.app/locales/en/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://demo.dev.mycostrack.app/locales/en/translation.json
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
traceparent
00-eab9f25ea51246bba04a297a79cf9125-312c430faafa42d0-01
Referer
https://demo.dev.mycostrack.app/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 12 Dec 2024 14:06:08 GMT
x-xss-protection
1; mode=block
content-type
application/json
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
vary
Accept-Encoding
track
francecentral-1.in.applicationinsights.azure.com/v2/ 		62 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com/v2/track
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Thu, 12 Dec 2024 14:06:09 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
francecentral-1.in.applicationinsights.azure.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://demo.dev.mycostrack.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 12 Dec 2024 14:06:08 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
demo.dev.mycostrack.app/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://demo.dev.mycostrack.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.dev.mycostrack.app/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
7406
date
Thu, 12 Dec 2024 14:06:08 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
openid-configuration
b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/openid-configuration
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
traceparent
00-eab9f25ea51246bba04a297a79cf9125-efd78cbf3e514a05-01
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
78dc18fa-5fd5-4527-a602-413b93c409ba
Public
OPTIONS,TRACE,GET,HEAD,POST
Access-Control-Allow-Methods
GET, OPTIONS
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
Access-Control-Allow-Origin
https://demo.dev.mycostrack.app
Content-Length
1498
X-XSS-Protection
1; mode=block
Date
Thu, 12 Dec 2024 14:06:08 GMT
Content-Type
application/json; charset=utf-8
X-Frame-Options
SAMEORIGIN
openid-configuration
b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://demo.dev.mycostrack.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://demo.dev.mycostrack.app
Access-Control-Expose-Headers
Content-Length,Content-Encoding
Allow
OPTIONS TRACE GET HEAD POST
Content-Length
0
Date
Thu, 12 Dec 2024 14:06:08 GMT
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
/
ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/
Redirect Chain
  • https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft....
  • https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/
650 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7cebda79ee2881034b1fd7edb2cb60f0991fab8954be7453c7a4eed8c7669878
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Thu, 12 Dec 2024 14:06:09 GMT
etag
"68087307"
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block

Redirect headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Length
656
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Dec 2024 14:06:09 GMT
Location
https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/#error=redirect_uri_mismatch&error_description=AADB2C90006%3a+The+redirect+URI+%27https%3a%2f%2fdemo.dev.mycostrack.app%2fsession%2f%27+provided+in+the+request+is+not+registered+for+the+client+id+%273114e667-e1ce-4f9c-8542-f7a92a75c75f%27.%0d%0aCorrelation+ID%3a+3f07d27a-c64d-4fdb-9de1-ece5e1391d63%0d%0aTimestamp%3a+2024-12-12+14%3a06%3a09Z%0d%0a&state=eyJpZCI6IjAxOTNiYjMwLWY4YjMtNzBlNi05Y2E1LWViMzg0ZDBhYzRjZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
fbc32c92-34c9-462e-9198-c14a62c74d68
track
francecentral-1.in.applicationinsights.azure.com/v2/ 		62 B
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com/v2/track
Requested by
Host: demo.dev.mycostrack.app
URL: https://demo.dev.mycostrack.app/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Thu, 12 Dec 2024 14:06:09 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
main.4819cd86.js
ashy-forest-0d0826003.5.azurestaticapps.net/static/js/ 		35 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ashy-forest-0d0826003.5.azurestaticapps.net/static/js/main.4819cd86.js
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02c555cc1b37992620a2e223d686c2aa69c181535f8fb31b029f58151dd93fe3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 12 Dec 2024 14:06:10 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
vary
Accept-Encoding
main.e93eeb00.css
ashy-forest-0d0826003.5.azurestaticapps.net/static/css/ 		1005 B
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ashy-forest-0d0826003.5.azurestaticapps.net/static/css/main.e93eeb00.css
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
541d51b5e4d8aadb1cfe7f207eb239ab06e817cf54726c29b0fd6db71693bd2e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 12 Dec 2024 14:06:09 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/static/css/main.e93eeb00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
dae65e43ce0ffcb9722f0ac5dc5a774548f0134883a1e046b981aed48b69dfa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:06:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:06:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 13:08:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		7 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/static/css/main.e93eeb00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
3c16906c4ccf4fd25089643418eef09c372ca75dc2b06a7ef51f9fba6e644eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:06:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:06:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 12:44:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
effe99fb-f547-48c0-bd2d-d17f66eb0568
https://ashy-forest-0d0826003.5.azurestaticapps.net/ 		0
0
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		0
0
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		0
0
translation.json
ashy-forest-0d0826003.5.azurestaticapps.net/locales/en/ 		0
0
track
francecentral-1.in.applicationinsights.azure.com/v2/ 		62 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com/v2/track
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Thu, 12 Dec 2024 14:06:14 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
francecentral-1.in.applicationinsights.azure.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ashy-forest-0d0826003.5.azurestaticapps.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 12 Dec 2024 14:06:14 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
ashy-forest-0d0826003.5.azurestaticapps.net/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ashy-forest-0d0826003.5.azurestaticapps.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
7406
date
Thu, 12 Dec 2024 14:06:14 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
openid-configuration
b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/openid-configuration
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/static/js/main.4819cd86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.160.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
traceparent
00-1592b308f9904412b3228784ba6f2ce4-0610edef3c7849a7-01
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
042c8647-820a-413c-ad4a-ddbdb220acd7
Public
OPTIONS,TRACE,GET,HEAD,POST
Access-Control-Allow-Methods
GET, OPTIONS
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
Access-Control-Allow-Origin
https://ashy-forest-0d0826003.5.azurestaticapps.net
Content-Length
1498
X-XSS-Protection
1; mode=block
Date
Thu, 12 Dec 2024 14:06:14 GMT
Content-Type
application/json; charset=utf-8
X-Frame-Options
SAMEORIGIN
openid-configuration
b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/v2.0/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.160.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://ashy-forest-0d0826003.5.azurestaticapps.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://ashy-forest-0d0826003.5.azurestaticapps.net
Access-Control-Expose-Headers
Content-Length,Content-Encoding
Allow
OPTIONS TRACE GET HEAD POST
Content-Length
0
Date
Thu, 12 Dec 2024 14:06:14 GMT
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
Primary Request authorize
b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/ 		206 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/static/js/main.4819cd86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ed86741e6f61841075fd558828aebca14cdd0e0c9ffcd2046f190a3cca40b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
86494
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Dec 2024 14:06:14 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.307.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
61be10cd-7669-4be7-9217-c787d70e5942
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
9a41dd15-905e-4deb-b188-bb8024a1b5ff
translation.json
ashy-forest-0d0826003.5.azurestaticapps.net/locales/en/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ashy-forest-0d0826003.5.azurestaticapps.net/locales/en/translation.json
Requested by
Host: ashy-forest-0d0826003.5.azurestaticapps.net
URL: https://ashy-forest-0d0826003.5.azurestaticapps.net/static/js/main.4819cd86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.8.24.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
traceparent
00-1592b308f9904412b3228784ba6f2ce4-c1f85aaf1aea4a2d-01
Referer
https://ashy-forest-0d0826003.5.azurestaticapps.net/dashboard/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"68087307"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 12 Dec 2024 14:06:13 GMT
x-xss-protection
1; mode=block
content-type
application/json
last-modified
Fri, 15 Nov 2024 10:27:10 GMT
vary
Accept-Encoding
selfAsserted.html
saprodfrceuib.blob.core.windows.net/www/ 		37 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://saprodfrceuib.blob.core.windows.net/www/selfAsserted.html
Requested by
Host: b2csandboxdemo.b2clogin.com
URL: https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.13.225 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f40182e5d8b3d6c2bb2633302b137c54a10407801963e44c9980441ee5a501b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2csandboxdemo.b2clogin.com/

Response headers

Content-MD5
y8s+nRB+8Jr2/TWOR1vFug==
x-ms-blob-type
BlockBlob
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCFD934AE3F22C
Access-Control-Allow-Credentials
true
x-ms-request-id
4bc633cf-101e-000d-6a9f-4c7a06000000
Access-Control-Allow-Origin
https://b2csandboxdemo.b2clogin.com
Content-Length
37785
Date
Thu, 12 Dec 2024 14:06:14 GMT
Content-Type
text/html
Last-Modified
Tue, 05 Nov 2024 12:13:43 GMT
Vary
Origin
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Logo_placeholder.svg
saprodfrceuib.blob.core.windows.net/assets/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saprodfrceuib.blob.core.windows.net/assets/Logo_placeholder.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.13.225 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8c16353ca9d334e373b360188a7ccaf209c381038336a6269553d318551721ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2csandboxdemo.b2clogin.com/

Response headers

Content-MD5
+JNWKzhao4RQ6gPiR6Ztng==
x-ms-blob-type
BlockBlob
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCDD669AB79A90
x-ms-request-id
ebdf186f-f01e-00ac-1e9f-4ca17b000000
Content-Length
6458
Date
Thu, 12 Dec 2024 14:06:14 GMT
Content-Type
image/svg+xml
Last-Modified
Wed, 25 Sep 2024 13:33:13 GMT
Vary
Origin
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: b2csandboxdemo.b2clogin.com
URL: https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 -, , ASN (),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2csandboxdemo.b2clogin.com/

Response headers

content-encoding
gzip
etag
"80254bf0cb33d21:0"
age
22757287
x-content-type-options
nosniff
x-cache
HIT
date
Thu, 12 Dec 2024 14:06:15 GMT
content-type
text/css
last-modified
Mon, 31 Oct 2016 23:10:15 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
19759
x-xss-protection
1; mode=block
server
ECAcc (ama/4893)
Inter.ttf
saprodfrceuib.blob.core.windows.net/assets/ 		854 KB
855 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saprodfrceuib.blob.core.windows.net/assets/Inter.ttf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.13.225 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0be2399ea925f1f83ff974764761da9860ec50742ed29a5d4c1ffd0c5c7ac3a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://b2csandboxdemo.b2clogin.com
Referer
https://b2csandboxdemo.b2clogin.com/

Response headers

Content-MD5
CnfiOo/b5srv1TywTCb6vA==
x-ms-blob-type
BlockBlob
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCDEC08F1E443F
Access-Control-Allow-Credentials
true
x-ms-request-id
4bc63424-101e-000d-399f-4c7a06000000
Access-Control-Allow-Origin
https://b2csandboxdemo.b2clogin.com
Content-Length
874708
Date
Thu, 12 Dec 2024 14:06:14 GMT
Content-Type
application/octet-stream
Last-Modified
Fri, 27 Sep 2024 06:49:39 GMT
Vary
Origin
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
perftrace
b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/B2C_1A_SI_HRD/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/B2C_1A_SI_HRD/client/perftrace?tx=StateProperties=eyJUSUQiOiI2MWJlMTBjZC03NjY5LTRiZTctOTIxNy1jNzg3ZDcwZTU5NDIifQ&p=B2C_1A_SI_HRD
Requested by
Host: b2csandboxdemo.b2clogin.com
URL: https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
V1BmNnRta01EdEl6VElWRmNGS2VORENFc2VrdVlNMCtabTJKOGx5TWVBeXh4dnFlclcxUlo2Q0pRc3NJQlFTaGVJb2htZTBuUXBsVzRUTk1rbXIyWmc9PTsyMDI0LTEyLTEyVDE0OjA2OjE0LjU4MDgzMjFaO3RWS3NXOGZCOW9vTFBkNFdFb2VzbHc9PTt7IlRhcmdldEVudGl0eSI6IlNpZ25pbkVtYWlsRXhjaGFuZ2UiLCJPcmNoZXN0cmF0aW9uU3RlcCI6MX0=
Referer
https://b2csandboxdemo.b2clogin.com/b2csandboxdemo.onmicrosoft.com/b2c_1a_si_hrd/oauth2/v2.0/authorize?client_id=3114e667-e1ce-4f9c-8542-f7a92a75c75f&scope=https%3A%2F%2Fb2csandboxdemo.onmicrosoft.com%2Forcostra-prod%2Faccess_as_user%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fashy-forest-0d0826003.5.azurestaticapps.net%2Fsession%2F&client-request-id=0193bb31-0d28-76a8-b30a-7d1cca80b723&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.14.0&client_info=1&code_challenge=ohR_bTmZZwZ7Y3D3JvU2fzT-pQAXNRrXKDDONtFm71M&code_challenge_method=S256&nonce=0193bb31-0d2a-7269-af37-45223dabad40&state=eyJpZCI6IjAxOTNiYjMxLTBkMjktNzg4My1iY2U5LWZkZjMyZDljYmNlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
1be46054-291e-4c7b-be3a-20770d1884ce
Public
OPTIONS,TRACE,GET,HEAD,POST
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
Content-Length
0
X-XSS-Protection
1; mode=block
Date
Thu, 12 Dec 2024 14:06:14 GMT
X-Frame-Options
DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demo.dev.mycostrack.app
URL
blob:https://demo.dev.mycostrack.app/3ab00133-a771-4f60-962b-1f867b63be75
Domain
ashy-forest-0d0826003.5.azurestaticapps.net
URL
blob:https://ashy-forest-0d0826003.5.azurestaticapps.net/effe99fb-f547-48c0-bd2d-d17f66eb0568
Domain
js.monitor.azure.com
URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Domain
js.monitor.azure.com
URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Domain
ashy-forest-0d0826003.5.azurestaticapps.net
URL
https://ashy-forest-0d0826003.5.azurestaticapps.net/locales/en/translation.json

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| K8e function| Q8e function| $8e function| r2e function| q8e function| W8e function| Y8e function| e9e function| voe function| t9e function| KC function| G8e function| wl function| qd function| zg function| i2e function| e0 function| xoe function| Z8e function| J8e function| X8e object| webpackChunkrocket_frontend object| gcGlobal function| DsDataViewer function| clearImmediate function| setImmediate function| GcImageViewer function| DsImageViewer object| PDFJSDev number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| GcPdfDocViewer function| GcPdfPane object| wijmo function| GcPdfViewer function| DsPdfViewer function| _ string| __THREE__ object| __tsUtils$gblCfg object| __dynProto$Gbl

3 Cookies

Domain/Path Name / Value
demo.dev.mycostrack.app/ Name: ai_user
Value: l7T9Wm/B5xGrB8ikoVrzI8|2024-12-12T14:06:08.530Z
demo.dev.mycostrack.app/ Name: ai_session
Value: WI/+v/ImdIuy4kG910EXRg|1734012369049|1734012369049
ashy-forest-0d0826003.5.azurestaticapps.net/ Name: ai_user
Value: bsbnm0gqxhKv4fQgcD1lMT|2024-12-12T14:06:13.817Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block