urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1037:1:128::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://consumption.estimatorsit.microsoft.com/
Effective URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1de-ae5f-4d79-8a8c-bce...
Submission: On September 04 via automatic, source certstream-suspicious — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2603:1037:1:128::7, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 18.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 21st 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.212.64.13 8075 (MICROSOFT...)
6 2620:1ec:bdf::70 8075 (MICROSOFT...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:2800:247... 15133 (EDGECAST)
2 23.198.100.95 20940 (AKAMAI-ASN1)
2 4.227.249.197 8075 (MICROSOFT...)
1 2 20.125.62.241 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2603:1037:1:1... 8075 (MICROSOFT...)
1 40.78.253.204 8075 (MICROSOFT...)
1 2606:2800:247... ()
26 11
4    20.212.64.13 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
consumption.estimatorsit.microsoft.com
6    2620:1ec:bdf::70 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
easyacc-nonprod.azureedge.net
www.clarity.ms
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:2800:247:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
res.cdn.office.net
2    23.198.100.95 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-198-100-95.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
2    4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
2    20.125.62.241 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    2603:1037:1:128::7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    40.78.253.204 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    2606:2800:247:8f3c:39fe:2753:7a35:e3da (None, )

ASN- ()
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 900
u.clarity.ms — Cisco Umbrella Rank: 7457
c.clarity.ms — Cisco Umbrella Rank: 1455
27 KB
4 azureedge.net
easyacc-nonprod.azureedge.net
17 KB
4 microsoft.com
consumption.estimatorsit.microsoft.com
2 MB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 18
15 KB
2 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2716
67 KB
1 msftauth.net
aadcdn.msftauth.net
48 KB
1 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 772
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
765 B
1 office.net
res.cdn.office.net — Cisco Umbrella Rank: 390
7 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
30 KB
26 10
Domain Requested by
4 easyacc-nonprod.azureedge.net consumption.estimatorsit.microsoft.com
4 consumption.estimatorsit.microsoft.com consumption.estimatorsit.microsoft.com
3 login.microsoftonline.com consumption.estimatorsit.microsoft.com
aadcdn.msftauth.net
2 c.clarity.ms 1 redirects
2 u.clarity.ms consumption.estimatorsit.microsoft.com
www.clarity.ms
2 static2.sharepointonline.com consumption.estimatorsit.microsoft.com
2 www.clarity.ms consumption.estimatorsit.microsoft.com
www.clarity.ms
1 aadcdn.msftauth.net login.microsoftonline.com
1 dc.services.visualstudio.com consumption.estimatorsit.microsoft.com
1 c.bing.com 1 redirects
1 res.cdn.office.net consumption.estimatorsit.microsoft.com
1 cdn.jsdelivr.net consumption.estimatorsit.microsoft.com
26 12

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2023-08-01 -
2024-06-27		 a year crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 02		 2023-07-18 -
2024-06-27		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.public.cdn.office.net
DigiCert SHA2 Secure Server CA		 2023-01-17 -
2024-01-17		 a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-08-21 -
2024-08-21		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-01-31 -
2024-01-31		 a year crt.sh

This page contains 1 frames:

Frame: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1de-ae5f-4d79-8a8c-bcee17f0b24c&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fconsumption.estimatorsit.microsoft.com&client-request-id=2df53f3f-0b2b-4dc3-a935-a5ac2530813c&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.34.0&client_info=1&code_challenge=Mt6dPLE72TzAGAJIfMuk7tSefZt6RV3PW9HxKv7FiyQ&code_challenge_method=S256&prompt=select_account&nonce=d4791c7a-1020-4457-8ca5-60340714a793&state=eyJpZCI6Ijk4MDhmMWMzLTNmZTEtNGE2NC05ZWM1LWIyM2IwNTk3NzYyMiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true
Frame ID: 184DA1F1BC038A6694EAFB37173CE5DB
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://consumption.estimatorsit.microsoft.com/ Page URL
  2. https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

26
Requests

65 %
HTTPS

55 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

1980 kB
Transfer

6073 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://consumption.estimatorsit.microsoft.com/ Page URL
  2. https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1de-ae5f-4d79-8a8c-bcee17f0b24c&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fconsumption.estimatorsit.microsoft.com&client-request-id=2df53f3f-0b2b-4dc3-a935-a5ac2530813c&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.34.0&client_info=1&code_challenge=Mt6dPLE72TzAGAJIfMuk7tSefZt6RV3PW9HxKv7FiyQ&code_challenge_method=S256&prompt=select_account&nonce=d4791c7a-1020-4457-8ca5-60340714a793&state=eyJpZCI6Ijk4MDhmMWMzLTNmZTEtNGE2NC05ZWM1LWIyM2IwNTk3NzYyMiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=76C82B515453452DA209AD9B880BAFC3&RedC=c.clarity.ms&MXFR=37F7F5E871A76DF93311E66A75A763E3 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76C82B515453452DA209AD9B880BAFC3&MUID=37F7F5E871A76DF93311E66A75A763E3

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
consumption.estimatorsit.microsoft.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consumption.estimatorsit.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.13 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4243417a621572782ffe69a812d1839c4aa534a83e3178ef3ad6869329f0f06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
816
Content-Type
text/html
Date
Mon, 04 Sep 2023 16:24:29 GMT
ETag
"0f1df8ab1d5d91:0"
Last-Modified
Wed, 23 Aug 2023 11:04:10 GMT
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
web-components-stencil.esm.js
easyacc-nonprod.azureedge.net/assets/stencilPoc1/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/web-components-stencil.esm.js
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d38a9d98e8f7bc8518ab696ba04385c25d3c5e2006296fde77b7eb4f1f8e54c1

Request headers

Referer
https://consumption.estimatorsit.microsoft.com/
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:31 GMT
content-encoding
br
last-modified
Tue, 09 Feb 2021 03:31:03 GMT
vary
Accept-Encoding
x-azure-ref
20230904T162429Z-sewyuy75cx5xmek89pc7beaty400000008kg000000004mdy
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1761bd1a-201e-00aa-574c-dfc5eb000000
x-cache
TCP_MISS
x-ms-version
2009-09-19
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Sep 2023 16:24:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
437868
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-maa10231-MAA
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
main.60d63e90.js
consumption.estimatorsit.microsoft.com/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.13 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
498fbb6ac69ec55ed8a1585f1f8b4128ed29f945d9ab41bc94aa7614d15c0dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 16:24:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 23 Aug 2023 11:04:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0f1df8ab1d5d91:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Frame-Options
SAMEORIGIN
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges
bytes
main.20d5ce41.css
consumption.estimatorsit.microsoft.com/static/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consumption.estimatorsit.microsoft.com/static/css/main.20d5ce41.css
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.13 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e905acbfa170f27c1e53b29ab7f520b61ff087624096afe5d46515b1c17068b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 16:24:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 23 Aug 2023 11:04:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0f1df8ab1d5d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges
bytes
Content-Length
2948
p-ac6f7314.js
easyacc-nonprod.azureedge.net/assets/stencilPoc1/ 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/p-ac6f7314.js
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bcc7f264065062bc06180c245acc151bcf541b3d69f9541fee472db1aa3e196d

Request headers

Referer
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/web-components-stencil.esm.js
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:31 GMT
content-encoding
br
last-modified
Tue, 09 Feb 2021 03:31:02 GMT
vary
Accept-Encoding
x-azure-ref
20230904T162431Z-sewyuy75cx5xmek89pc7beaty400000008kg000000004mm9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2152ff75-d01e-0015-564c-df3ab0000000
x-cache
TCP_MISS
x-ms-version
2009-09-19
p-62d15a4b.js
easyacc-nonprod.azureedge.net/assets/stencilPoc1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/p-62d15a4b.js
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4bf182bd1e244f6b4412315aa4d9b1c4d071b895fd3719acd1f81e16ea0b4228

Request headers

Referer
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/web-components-stencil.esm.js
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:31 GMT
content-encoding
br
last-modified
Tue, 09 Feb 2021 03:31:01 GMT
vary
Accept-Encoding
x-azure-ref
20230904T162431Z-sewyuy75cx5xmek89pc7beaty400000008kg000000004mma
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e179c6ba-001e-0000-304c-df0d98000000
x-cache
TCP_MISS
x-ms-version
2009-09-19
p-53fc5600.js
easyacc-nonprod.azureedge.net/assets/stencilPoc1/ 		68 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/p-53fc5600.js
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27c9ae4372696d058f204aa8cc04772a0f5ec0960455b6eae781753bc8075f35

Request headers

Referer
https://easyacc-nonprod.azureedge.net/assets/stencilPoc1/web-components-stencil.esm.js
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:31 GMT
last-modified
Tue, 09 Feb 2021 03:31:00 GMT
etag
0x8D8CCAB1F30C837
x-azure-ref
20230904T162431Z-sewyuy75cx5xmek89pc7beaty400000008kg000000004mmb
x-cache
TCP_REMOTE_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
789f2e7c-001e-00fc-5bec-de5cd4000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
68
hi2btrm6ax
www.clarity.ms/tag/ 		650 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/hi2btrm6ax
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
486d6a5e587c2ab5fc278839f69c877949468d76fbf8a1ba1616f7b94f9f8f16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
-1
date
Mon, 04 Sep 2023 16:24:32 GMT
x-azure-ref
20230904T162432Z-8811m8svzd0pma9p55qzqh92vc00000000a000000001gtn6
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
fabric-icons-a13498cf.woff
res.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/icons/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/icons/fabric-icons-a13498cf.woff
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7B7) /
Resource Hash
43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://consumption.estimatorsit.microsoft.com/
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:24:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
age
288116
x-cache
HIT
content-length
6784
last-modified
Tue, 15 Aug 2023 21:20:06 GMT
server
ECAcc (nwa/E7B7)
x-cdn-provider
Verizon
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
font/woff
access-control-allow-origin
*
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=&ASN=59253&Country=SG&Region=&RequestIdentifier=435297346908107994516768109648879243586"}],"include_subdomains ":true}
access-control-expose-headers
date,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=31536000
x-ms-request-id
c08f8353-601e-005a-67ad-dcac26000000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.100.95 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-100-95.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer
https://consumption.estimatorsit.microsoft.com/
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:32 GMT
last-modified
Mon, 22 Jun 2020 16:25:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8EA13B786
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
096417a2-001e-002d-2b79-163368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=20777946
x-ms-version
2009-09-19
content-length
31824
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hi2btrm6ax
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:24:32 GMT
content-encoding
br
last-modified
Sun, 03 Sep 2023 09:54:41 GMT
etag
W/"0x8DBAC63CB8CA026"
vary
Accept-Encoding
x-azure-ref
20230904T162432Z-8811m8svzd0pma9p55qzqh92vc00000000a000000001gtpv
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
339663e3-401e-0057-0262-de80e8000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
u.clarity.ms/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://consumption.estimatorsit.microsoft.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://consumption.estimatorsit.microsoft.com
Date
Mon, 04 Sep 2023 16:24:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
OSE-SVG.svg
consumption.estimatorsit.microsoft.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumption.estimatorsit.microsoft.com/images/OSE-SVG.svg
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.13 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02956a0e8a6ee3871de076ae06e6268d87efb2a14ed46ab824991ec978366648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 16:24:32 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Aug 2023 08:52:36 GMT
Server
Microsoft-IIS/10.0
ETag
"022af299fd5d91:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges
bytes
Content-Length
5185
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=76C82B515453452DA209AD9B880BAFC3&RedC=c.clarity.ms&MXFR=37F7F5E871A76DF93311E66A75A763E3
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76C82B515453452DA209AD9B880BAFC3&MUID=37F7F5E871A76DF93311E66A75A763E3
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76C82B515453452DA209AD9B880BAFC3&MUID=37F7F5E871A76DF93311E66A75A763E3
Protocol
H2
Server
20.125.62.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 16:24:33 GMT
last-modified
Wed, 30 Aug 2023 08:44:09 GMT
server
Microsoft-IIS/10.0
etag
"41be6e241edbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 16:24:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9BD63A068B1D48E9B4CA88CC555FEC31 Ref B: SIN30EDGE0712 Ref C: 2023-09-04T16:24:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76C82B515453452DA209AD9B880BAFC3&MUID=37F7F5E871A76DF93311E66A75A763E3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
u.clarity.ms/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://consumption.estimatorsit.microsoft.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://consumption.estimatorsit.microsoft.com
Date
Mon, 04 Sep 2023 16:24:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.100.95 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-100-95.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://consumption.estimatorsit.microsoft.com/
Origin
https://consumption.estimatorsit.microsoft.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:34 GMT
last-modified
Thu, 14 Jun 2018 15:58:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D5D20FB145CFD1
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
188dc7e4-f01e-0074-3679-16b4eb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=20777874
x-ms-version
2009-09-19
content-length
36344
instance
login.microsoftonline.com/common/discovery/ 		980 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1037:1:128::7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0bc66bfe3b29a7b11c80245bec4acbf3e4cd5a5ae60a20d51220bb88013f976c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 04 Sep 2023 16:24:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
581f8be2-3a7a-427b-aa59-bb68ff960600
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
Content-Length
980
x-ms-ests-server
2.1.16150.3 - WUS2 ProdSlices
X-XSS-Protection
0
openid-configuration
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0/.well-known/openid-configuration
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1037:1:128::7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f5f94cae004539327369a42995493f7afb35c456c0e96e45b00f3c0476c9c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://consumption.estimatorsit.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 04 Sep 2023 16:24:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
95694121-90d8-41e8-8a3c-1008525a9700
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
Content-Length
1753
x-ms-ests-server
2.1.16209.3 - SCUS ProdSlices
X-XSS-Protection
0
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.78.253.204 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://consumption.estimatorsit.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 04 Sep 2023 16:24:35 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		0
0
Primary Request authorize
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1de-ae5f-4d79-8a8c-bcee17f0b24c&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fconsumption.estimatorsit.microsoft.com&client-request-id=2df53f3f-0b2b-4dc3-a935-a5ac2530813c&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.34.0&client_info=1&code_challenge=Mt6dPLE72TzAGAJIfMuk7tSefZt6RV3PW9HxKv7FiyQ&code_challenge_method=S256&prompt=select_account&nonce=d4791c7a-1020-4457-8ca5-60340714a793&state=eyJpZCI6Ijk4MDhmMWMzLTNmZTEtNGE2NC05ZWM1LWIyM2IwNTk3NzYyMiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: consumption.estimatorsit.microsoft.com
URL: https://consumption.estimatorsit.microsoft.com/static/js/main.60d63e90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1037:1:128::7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a131f17c00aeb09618caed9b30418e23ef35e86909726d12e8dbad60ffac79c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://consumption.estimatorsit.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9169
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 16:24:35 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.16209.3 - NCUS ProdSlices
x-ms-request-id
5f6a0f1b-5561-4b10-aa75-2d0154db9700
collect
u.clarity.ms/ 		0
0
collect
u.clarity.ms/ 		0
0
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1de-ae5f-4d79-8a8c-bcee17f0b24c&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fconsumption.estimatorsit.microsoft.com&client-request-id=2df53f3f-0b2b-4dc3-a935-a5ac2530813c&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.34.0&client_info=1&code_challenge=Mt6dPLE72TzAGAJIfMuk7tSefZt6RV3PW9HxKv7FiyQ&code_challenge_method=S256&prompt=select_account&nonce=d4791c7a-1020-4457-8ca5-60340714a793&state=eyJpZCI6Ijk4MDhmMWMzLTNmZTEtNGE2NC05ZWM1LWIyM2IwNTk3NzYyMiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:8f3c:39fe:2753:7a35:e3da -, , ASN (),
Reverse DNS
Software
ECAcc (nwa/E79E) /
Resource Hash
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 16:24:36 GMT
content-encoding
gzip
content-md5
Mwomsrfm/E5wVC4ntDZsmw==
age
4459410
x-cache
HIT
content-length
48719
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 10:42:34 GMT
server
ECAcc (nwa/E79E)
etag
0x8DB82C4B39B426F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
67292aff-c01e-0086-3fbd-b6c001000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
authorize
login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dc.services.visualstudio.com
URL
https://dc.services.visualstudio.com/v2/track
Domain
u.clarity.ms
URL
https://u.clarity.ms/collect
Domain
u.clarity.ms
URL
https://u.clarity.ms/collect
Domain
login.microsoftonline.com
URL
https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize?client_id=738fe1de-ae5f-4d79-8a8c-bcee17f0b24c&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fconsumption.estimatorsit.microsoft.com&client-request-id=2df53f3f-0b2b-4dc3-a935-a5ac2530813c&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.34.0&client_info=1&code_challenge=Mt6dPLE72TzAGAJIfMuk7tSefZt6RV3PW9HxKv7FiyQ&code_challenge_method=S256&prompt=select_account&nonce=d4791c7a-1020-4457-8ca5-60340714a793&state=eyJpZCI6Ijk4MDhmMWMzLTNmZTEtNGE2NC05ZWM1LWIyM2IwNTk3NzYyMiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

14 Cookies

Domain/Path Name / Value
.consumption.estimatorsit.microsoft.com/ Name: ARRAffinity
Value: f9f9aa66e3c1e64af9df48555cb8485690e990052dc3ad5bd418a2ffad3aabcb
.consumption.estimatorsit.microsoft.com/ Name: ARRAffinitySameSite
Value: f9f9aa66e3c1e64af9df48555cb8485690e990052dc3ad5bd418a2ffad3aabcb
consumption.estimatorsit.microsoft.com/ Name: ai_user
Value: B4wpOSVJRtlK+e4+DnQjJI|2023-09-04T16:24:32.082Z
consumption.estimatorsit.microsoft.com/ Name: ai_session
Value: 4ok+Ra4K6sRbWVz0ttsSvi|1693844672272|1693844672272
www.clarity.ms/ Name: CLID
Value: 6fb4826c439246ac97b8fd75bd55935d.20230904.20240903
.microsoft.com/ Name: _clck
Value: 1kkxxli|2|feq|0|1342
.microsoft.com/ Name: _clsk
Value: 1rwsfn5|1693844673358|1|1|u.clarity.ms/collect
.clarity.ms/ Name: MUID
Value: 37F7F5E871A76DF93311E66A75A763E3
.bing.com/ Name: MUID
Value: 37F7F5E871A76DF93311E66A75A763E3
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 37F7F5E871A76DF93311E66A75A763E3
.c.clarity.ms/ Name: SM
Value: C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
consumption.estimatorsit.microsoft.com
dc.services.visualstudio.com
easyacc-nonprod.azureedge.net
login.microsoftonline.com
res.cdn.office.net
static2.sharepointonline.com
u.clarity.ms
www.clarity.ms
dc.services.visualstudio.com
login.microsoftonline.com
u.clarity.ms
20.125.62.241
20.212.64.13
23.198.100.95
2603:1037:1:128::7
2606:2800:247:1cb7:261b:1f9c:2074:3c
2606:2800:247:8f3c:39fe:2753:7a35:e3da
2620:1ec:bdf::70
2620:1ec:c11::200
2a04:4e42:600::485
4.227.249.197
40.78.253.204
02956a0e8a6ee3871de076ae06e6268d87efb2a14ed46ab824991ec978366648
0bc66bfe3b29a7b11c80245bec4acbf3e4cd5a5ae60a20d51220bb88013f976c
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
27c9ae4372696d058f204aa8cc04772a0f5ec0960455b6eae781753bc8075f35
4243417a621572782ffe69a812d1839c4aa534a83e3178ef3ad6869329f0f06d
43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627
486d6a5e587c2ab5fc278839f69c877949468d76fbf8a1ba1616f7b94f9f8f16
498fbb6ac69ec55ed8a1585f1f8b4128ed29f945d9ab41bc94aa7614d15c0dfe
4bf182bd1e244f6b4412315aa4d9b1c4d071b895fd3719acd1f81e16ea0b4228
5f5f94cae004539327369a42995493f7afb35c456c0e96e45b00f3c0476c9c1c
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a131f17c00aeb09618caed9b30418e23ef35e86909726d12e8dbad60ffac79c6
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
bcc7f264065062bc06180c245acc151bcf541b3d69f9541fee472db1aa3e196d
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c
d38a9d98e8f7bc8518ab696ba04385c25d3c5e2006296fde77b7eb4f1f8e54c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e905acbfa170f27c1e53b29ab7f520b61ff087624096afe5d46515b1c17068b4