| coadquantum.coadvantage.com/ | 128.136.19.229 | 302 Found | 151 B |
URL User Request GET HTTP/1.1coadquantum.coadvantage.com/ IP128.136.19.229:443
CertificateIssuerGoDaddy.com, Inc. Subject*.coadvantage.com Fingerprint49:B5:5A:C7:24:78:33:15:78:F9:68:F5:82:3F:76:71:FF:02:E4:F9 ValiditySat, 02 Mar 2024 17:41:59 GMT - Thu, 03 Apr 2025 17:41:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash28be5076565915b54eeea7f88be5c559 69356577458ef4c8c553634b283e2a3d239b0770 c9f21cce3e98a18b8b94e41239bf3aa4f2c319b929a07f68a16a802323829eb9
GET / HTTP/1.1
Host: coadquantum.coadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Login/LoginRedirect?ReturnUrl=%2f
X-StackifyID: V2|73c97420-6c9e-4dcb-9708-dab9dd24bc51|C79906|CD17
X-Trace: 2B72CFB6D3A8B4BF4011CE747A94411BB1D370E2F0A88993419EC79DA800
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Thu, 09 May 2024 19:18:08 GMT
Content-Length: 151
Set-Cookie: BIGipServerProduction_CoAdQuantum_Web.app~Production_CoAdQuantum_Web_pool=!FJs+lwCt4q3y4DQHa7vcTcGpWNSfYdD7E2M20++ZEUr8WDdO/sFwY3s9NZinZ2IPPynYriBq/gNikA==; path=/; Httponly; Secure
Vary: Accept-Encoding
|
|
| coadquantum.coadvantage.com/Login/LoginRedirect?ReturnUrl=%2f | 128.136.19.229 | 302 Found | 364 B |
URL User Request GET HTTP/1.1coadquantum.coadvantage.com/Login/LoginRedirect?ReturnUrl=%2f IP128.136.19.229:443
CertificateIssuerGoDaddy.com, Inc. Subject*.coadvantage.com Fingerprint49:B5:5A:C7:24:78:33:15:78:F9:68:F5:82:3F:76:71:FF:02:E4:F9 ValiditySat, 02 Mar 2024 17:41:59 GMT - Thu, 03 Apr 2025 17:41:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash72121ff6575161bddbae4ae2f97e3420 2b7338d7319301a5e861eb3abce6c22d79d411ad d6547d49d49b306e1df13ef71b3fef6fef4a2cbf673d986b26ff7808ecc80dda
GET /Login/LoginRedirect?ReturnUrl=%2f HTTP/1.1
Host: coadquantum.coadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: BIGipServerProduction_CoAdQuantum_Web.app~Production_CoAdQuantum_Web_pool=!FJs+lwCt4q3y4DQHa7vcTcGpWNSfYdD7E2M20++ZEUr8WDdO/sFwY3s9NZinZ2IPPynYriBq/gNikA==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://auth.coadvantage.com/adfs/ls/?wtrealm=https://sso.coadvantage.com/&wa=wsignin1.0&wreply=https://sso.coadvantage.com/&RedirectToIdentityProvider=https://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SIGNIN_SAML
X-StackifyID: V2|e49b684b-a1dc-4417-84d4-cf7454d8bb26|C79906|CD17
Set-Cookie: ASP.NET_SessionId=!FO005RLygIXEcggHa7vcTcGpWNSfYcYYR/1Bz6/59zBtJ29AyTfT2MCc+xCM663pVFAd7zTOgDd3H/kXOEU=; path=/; HttpOnly; SameSite=Lax
X-Trace: 2B96CB8F329E9AE88689C5276496F54CE31A877A449077576B9B0025FB00
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Thu, 09 May 2024 19:18:08 GMT
Content-Length: 364
Vary: Accept-Encoding
|
|
| auth.coadvantage.com/adfs/ls/?wtrealm=https://sso.coadvantage.com/&wa=wsignin1.0&wreply=https://sso.coadvantage.com/&RedirectToIdentityProvider=https://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SIGNIN_SAML | 128.136.19.203 | 302 Found | 0 B |
URL User Request GET HTTP/1.1auth.coadvantage.com/adfs/ls/?wtrealm=https://sso.coadvantage.com/&wa=wsignin1.0&wreply=https://sso.coadvantage.com/&RedirectToIdentityProvider=https://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SIGNIN_SAML IP128.136.19.203:443
CertificateIssuerGoDaddy.com, Inc. Subject*.coadvantage.com Fingerprint49:B5:5A:C7:24:78:33:15:78:F9:68:F5:82:3F:76:71:FF:02:E4:F9 ValiditySat, 02 Mar 2024 17:41:59 GMT - Thu, 03 Apr 2025 17:41:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adfs/ls/?wtrealm=https://sso.coadvantage.com/&wa=wsignin1.0&wreply=https://sso.coadvantage.com/&RedirectToIdentityProvider=https://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SIGNIN_SAML HTTP/1.1
Host: auth.coadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: https://coadazureprod.b2clogin.com:443/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256
Server: Microsoft-HTTPAPI/2.0
Include-Referred-Token-Binding-ID: true
P3P: ADFS doesn't have P3P policy, please contact your site's admin for more details
Set-Cookie: MSISIPSelectionSession=!qbMpVAKYZm6/WOgHa7vcTcGpWNSfYYIqiUWRmBo7Mqtqn+37dQmad1O2C6jnqWHuUaNWNp7bYWuUxymDKw2NNVaVngxTVMgoh4XjZcBPDpuOL6oH6f83+n5xJ4QPXeOOaukJWKDp4c5qrEZ8BDfNkdqt6LYhNo86uPmKXppiEmz5BuVgDi8N6Cvpq+xfuGAxB3yqOg88yKb9AmZ2QqI=; path=/adfs; HttpOnly; Secure; SameSite=None
MSISContexteaad368d-18fe-4d22-a040-d74387d2f3d2=!eHYJ8p2c7TgkLJ4Ha7vcTcGpWNSfYXnc8XJYxyeA+53la19hxYXLHS+sp6TsRdpDXYcUpAQ3uuo7U2hjeB75qtksE/v6dYvxt7IWOwfA4ykGe5mb4nozlTeCQpuJasN0F3H127mF7WVExrRgkuhGoEC79ajDtI/RjQMFOwHnp7u8lD+qagTJc/9+9lZGXDMCPlCvVkU1VvI4o8yZLa6b0accKCV1mtxx0kr/MjvvIOx9A8sjIlJGbcKq6uXFjMyp4zbGdLPmE40JEOP94i9q+VDBi2FY52cXdYpNfKlJvjNyAz6AL2mpkiO2bIutCJ9KHxwlY1mue2jBFUX31ScKUZAbDYrv7WcJlpk7ghngxLcFUxpRvb8j4s3EuyQZQUrjPTfOaJnrz5ca4pX+8+lJDN93mcvnzRz98HOEDE8V4JUfry9vyohg9Glu79wnon8cHA052WAs7/X/FM8hhd4hvOCE4GiCg8NuroqN0UP6qLef9U2BRTkDpUJvr4taAYP7FAM=; expires=Thu, 09 May 2024 19:28:09 GMT; path=/adfs; HttpOnly; Secure; SameSite=None
Date: Thu, 09 May 2024 19:18:09 GMT
|
|
| coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 | 20.190.181.0 | 200 OK | 65 kB |
URL User Request GET HTTP/1.1coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 IP20.190.181.0:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintFB:87:54:3C:68:29:E8:00:C1:C5:F3:67:ED:40:12:DF:5C:DF:09:11 ValidityWed, 10 Apr 2024 00:00:00 GMT - Thu, 10 Apr 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (61604), with CRLF, LF line terminators Hashb70631d7f1a13ed9745e79e7f288f248 af8315899ac5546b87fac6b6f8ba99d1da85b549 f9d29c598284a08b106d1b14bd2f650d8deebf8df7cabf63cd591a29478af1ac
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 HTTP/1.1
Host: coadazureprod.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
x-ms-gateway-requestid: 3816f9db-a817-4898-8d5a-5a00aeee5906
X-UA-Compatible: IE=edge
X-Request-ID: a5362d0b-1875-450a-8f5b-adc861b10bb9
X-Build: 1.1.150.0
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-csrf=YXdyMWNnZklOV09RSkc4MW1aOVRrRkZieHRYb2QrSHJUa2JzS2hOMno1N1NMYVJyMmxKMnk5WXAzQTlxdXBYdnFyTTBUZ01vTzlLY2tFSTA2SU9zV2c9PTsyMDI0LTA1LTA5VDE5OjE4OjEwLjI2NjY3MDJaOzZKVUpYc2hIYXJUK3IyS1NtSWptcHc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=coadazureprod.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|cy02pxuyckwpw63iybeluq_0=m1.GvMSNr04y3omasqo.WJVVRkp6W4bTBHsMqZkPug==.0.95p98uILiYFp3YlPzkc6jGbQxGQNNk2q4Y/4D7SZGFqHeENnkcYcJMYXZcQih4mOKB5L39wnq5P82zDD/j1Mr87pA+03StJq1ofUxl8PNLGTy020jqbx36Fa3WMxeMGmIgCy9AlRIb8NDZlAYX/1EBeq3ETeEnEJT72nWMdLZy9tpLOWVPwgOFn0t/oWVcDzhym8JyIPdJ+2lE5Fx43DQE01qGluDtIENikINWrtApB7YxEXe4zpzL6HPeut6oiJ3JTBNPB6lnj0SCo9HOHEbQyIUlDuZGFpLVCjerPE0GcaSyAsmYqAWx076B110uF1j7RDV8lifzh0OQjNmyyWYgx1/YFsXSR6pTr8PCcVN/gEd2wi/g/k/TpQjPnViYeM5LJ4W/i//LN5eKeIBUrP8G0BQdikFqoQSzWSk50/H3pwOqhQaQcveRWtmDrZW81Brk9JO5OCx8o4V5JIwkmhXepen1To8FnLqCjTiXz4qDyM215vXfGnTO+ZFbSf8FccXmiw3aRTS2nwmOmrqSQ2JuOSps+d6NVcUFifQ06kDIw2N1RUNi278fTi1Pi65xvwC81dqDenRgylIubA90xX844yTBMmwL+kyr5HzjLPZDNeYoOi3dMlFMRyArmQ9uFninaYsLR6EcVoH40S1wjCzOS7DWmHRme+HhTKP08MI5A8wfLKedkYPySj97kwP5Wpl18fxZMbzU829n4PrW1S1Jdz0GnruxzGFguXsavQZl5X9ocCfGr6/dcpYmpYZJdJ633mYv47wkcANU9jq/V+X84LMgVEipvDa6CN4unNwp8NqCHK7ffLV483fzbFlQtb9DbpQA==; domain=coadazureprod.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6ImE1MzYyZDBiLTE4NzUtNDUwYS04ZjViLWFkYzg2MWIxMGJiOSIsIlQiOiJjb2FkYXp1cmVwcm9kLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJCMkNfMUFfU2lnbkluX1NhbWwiLCJDIjoiIiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiJodHRwczovL2F1dGguY29hZHZhbnRhZ2UuY29tL2FkZnMvc2VydmljZXMvdHJ1c3QifV0sIkNfSUQiOiJhNTM2MmQwYi0xODc1LTQ1MGEtOGY1Yi1hZGM4NjFiMTBiYjkifQ==; domain=coadazureprod.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-geo=NA; expires=Thu, 09 May 2024 20:18:10 GMT; path=/; secure; samesite=none; httponly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Thu, 09 May 2024 19:18:09 GMT
Content-Length: 65050
|
|
| stcoadb2c.blob.core.windows.net/prod-html/signin.html | 52.239.169.4 | 200 OK | 45 kB |
URL GET HTTP/1.1stcoadb2c.blob.core.windows.net/prod-html/signin.html IP52.239.169.4:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 CertificateIssuerMicrosoft Corporation Subject*.blob.core.windows.net Fingerprint63:74:22:1E:97:1B:0F:44:DB:86:19:EE:D7:86:B9:26:7D:3D:6B:CE ValidityWed, 27 Sep 2023 12:59:54 GMT - Fri, 27 Sep 2024 12:59:54 GMT
File typeHTML document, ASCII text, with very long lines (2710), with CRLF line terminators Hash94fe770b3ae5b6d4af228bf271488288 3d2aa0a82e338353c69db779bf5b27273c49bbb6 bc077748138b1995bbdf23b340fcb3467f059ba590650d9109db5f2ad9f8d602
GET /prod-html/signin.html HTTP/1.1
Host: stcoadb2c.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coadazureprod.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 45186
Content-Type: text/html
Content-MD5: lP53CzrlttSvIovycUiCiA==
Last-Modified: Fri, 30 Dec 2022 03:52:07 GMT
ETag: 0x8DAEA193908829F
Vary: Origin
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 92684a10-a01e-0078-7f45-a2349e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: https://coadazureprod.b2clogin.com
Access-Control-Allow-Credentials: true
Date: Thu, 09 May 2024 19:18:11 GMT
|
|
| ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css | 152.199.19.160 | 200 OK | 20 kB |
URL GET HTTP/2ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css IP152.199.19.160:443
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 CertificateIssuerDigiCert Inc Subject*.vo.msecnd.net Fingerprint86:E0:37:E4:B1:31:51:81:DD:54:33:82:FF:4D:EB:D1:15:5F:65:C4 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (65371) Hash5d5357cb3704e1f43a1f5bfed2aebf42 08df9a96752852f2cbd310c30facd934e348c2c5 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
GET /ajax/bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 3949025
cache-control: public,max-age=31536000
content-type: text/css
date: Thu, 09 May 2024 19:18:11 GMT
etag: "80254bf0cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:15 GMT
server: ECAcc (ska/F7A3)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19759
X-Firefox-Spdy: h2
|
|
| stcoadb2c.blob.core.windows.net/prod-html/custom.css | 52.239.169.4 | 200 OK | 4.7 kB |
URL GET HTTP/1.1stcoadb2c.blob.core.windows.net/prod-html/custom.css IP52.239.169.4:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 CertificateIssuerMicrosoft Corporation Subject*.blob.core.windows.net Fingerprint63:74:22:1E:97:1B:0F:44:DB:86:19:EE:D7:86:B9:26:7D:3D:6B:CE ValidityWed, 27 Sep 2023 12:59:54 GMT - Fri, 27 Sep 2024 12:59:54 GMT
File typeASCII text, with CRLF line terminators Hashe5765316872dfa324a057f9893a1eb39 94060a115e77571710ffb9fe74c2db87ef5881b7 4eab5d103ca9dc13913b0eca0dd9ebbdfce4f9dc0f40f10addafa59cbf5e3f75
GET /prod-html/custom.css HTTP/1.1
Host: stcoadb2c.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coadazureprod.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 4650
Content-Type: text/css
Content-MD5: 5XZTFoct+jJKBX+Yk6HrOQ==
Last-Modified: Tue, 26 Oct 2021 12:06:53 GMT
ETag: 0x8D99879196FD6AC
Vary: Origin
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 92684bb2-a01e-0078-0545-a2349e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: https://coadazureprod.b2clogin.com
Access-Control-Allow-Credentials: true
Date: Thu, 09 May 2024 19:18:11 GMT
|
|
| aadcdn.msftauthimages.net/dbd5a2dd-lej3tqse7-pwnz5q7pt6hkonbyorubo8r0-y35oeh8/logintenantbranding/0/bannerlogo?ts=637686740298796182 | 13.107.246.53 | 200 OK | 10 kB |
URL GET HTTP/2aadcdn.msftauthimages.net/dbd5a2dd-lej3tqse7-pwnz5q7pt6hkonbyorubo8r0-y35oeh8/logintenantbranding/0/bannerlogo?ts=637686740298796182 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 CertificateIssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT
File typePNG image data, 400 x 62, 8-bit/color RGBA, non-interlaced Hash36dca0eb79d3b4f36c3b86df3d4d88d6 2be82af060b5d4257913cfbe4164ee07041511b6 d99546ad6d28d6e93fef9737a64a471af01de2218fa0c8566fc49574e2397f03
GET /dbd5a2dd-lej3tqse7-pwnz5q7pt6hkonbyorubo8r0-y35oeh8/logintenantbranding/0/bannerlogo?ts=637686740298796182 HTTP/1.1
Host: aadcdn.msftauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:18:12 GMT
content-type: image/*
content-length: 9970
cache-control: public, max-age=86400
last-modified: Fri, 01 Oct 2021 08:33:50 GMT
etag: 0x8D984B631D4FF3D
x-ms-request-id: d7d9ec16-801e-003b-0c45-a242f7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240509T191811Z-er15bb998b77n2vxrv9h3q5wzw00000004t0000000005cqz
x-fd-int-roxy-purgeid: 50755578
x-cache: TCP_MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/client/perftrace?tx=StateProperties=eyJUSUQiOiJhNTM2MmQwYi0xODc1LTQ1MGEtOGY1Yi1hZGM4NjFiMTBiYjkifQ&p=B2C_1A_SignIn_Saml | 20.190.181.0 | 200 OK | 0 B |
URL POST HTTP/1.1coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/client/perftrace?tx=StateProperties=eyJUSUQiOiJhNTM2MmQwYi0xODc1LTQ1MGEtOGY1Yi1hZGM4NjFiMTBiYjkifQ&p=B2C_1A_SignIn_Saml IP20.190.181.0:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintFB:87:54:3C:68:29:E8:00:C1:C5:F3:67:ED:40:12:DF:5C:DF:09:11 ValidityWed, 10 Apr 2024 00:00:00 GMT - Thu, 10 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
POST /coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/client/perftrace?tx=StateProperties=eyJUSUQiOiJhNTM2MmQwYi0xODc1LTQ1MGEtOGY1Yi1hZGM4NjFiMTBiYjkifQ&p=B2C_1A_SignIn_Saml HTTP/1.1
Host: coadazureprod.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-CSRF-TOKEN: YXdyMWNnZklOV09RSkc4MW1aOVRrRkZieHRYb2QrSHJUa2JzS2hOMno1N1NMYVJyMmxKMnk5WXAzQTlxdXBYdnFyTTBUZ01vTzlLY2tFSTA2SU9zV2c9PTsyMDI0LTA1LTA5VDE5OjE4OjEwLjI2NjY3MDJaOzZKVUpYc2hIYXJUK3IyS1NtSWptcHc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
X-Requested-With: XMLHttpRequest
Content-Length: 3878
Origin: https://coadazureprod.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256
Cookie: x-ms-cpim-csrf=YXdyMWNnZklOV09RSkc4MW1aOVRrRkZieHRYb2QrSHJUa2JzS2hOMno1N1NMYVJyMmxKMnk5WXAzQTlxdXBYdnFyTTBUZ01vTzlLY2tFSTA2SU9zV2c9PTsyMDI0LTA1LTA5VDE5OjE4OjEwLjI2NjY3MDJaOzZKVUpYc2hIYXJUK3IyS1NtSWptcHc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|cy02pxuyckwpw63iybeluq_0=m1.GvMSNr04y3omasqo.WJVVRkp6W4bTBHsMqZkPug==.0.95p98uILiYFp3YlPzkc6jGbQxGQNNk2q4Y/4D7SZGFqHeENnkcYcJMYXZcQih4mOKB5L39wnq5P82zDD/j1Mr87pA+03StJq1ofUxl8PNLGTy020jqbx36Fa3WMxeMGmIgCy9AlRIb8NDZlAYX/1EBeq3ETeEnEJT72nWMdLZy9tpLOWVPwgOFn0t/oWVcDzhym8JyIPdJ+2lE5Fx43DQE01qGluDtIENikINWrtApB7YxEXe4zpzL6HPeut6oiJ3JTBNPB6lnj0SCo9HOHEbQyIUlDuZGFpLVCjerPE0GcaSyAsmYqAWx076B110uF1j7RDV8lifzh0OQjNmyyWYgx1/YFsXSR6pTr8PCcVN/gEd2wi/g/k/TpQjPnViYeM5LJ4W/i//LN5eKeIBUrP8G0BQdikFqoQSzWSk50/H3pwOqhQaQcveRWtmDrZW81Brk9JO5OCx8o4V5JIwkmhXepen1To8FnLqCjTiXz4qDyM215vXfGnTO+ZFbSf8FccXmiw3aRTS2nwmOmrqSQ2JuOSps+d6NVcUFifQ06kDIw2N1RUNi278fTi1Pi65xvwC81dqDenRgylIubA90xX844yTBMmwL+kyr5HzjLPZDNeYoOi3dMlFMRyArmQ9uFninaYsLR6EcVoH40S1wjCzOS7DWmHRme+HhTKP08MI5A8wfLKedkYPySj97kwP5Wpl18fxZMbzU829n4PrW1S1Jdz0GnruxzGFguXsavQZl5X9ocCfGr6/dcpYmpYZJdJ633mYv47wkcANU9jq/V+X84LMgVEipvDa6CN4unNwp8NqCHK7ffLV483fzbFlQtb9DbpQA==; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6ImE1MzYyZDBiLTE4NzUtNDUwYS04ZjViLWFkYzg2MWIxMGJiOSIsIlQiOiJjb2FkYXp1cmVwcm9kLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJCMkNfMUFfU2lnbkluX1NhbWwiLCJDIjoiIiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiJodHRwczovL2F1dGguY29hZHZhbnRhZ2UuY29tL2FkZnMvc2VydmljZXMvdHJ1c3QifV0sIkNfSUQiOiJhNTM2MmQwYi0xODc1LTQ1MGEtOGY1Yi1hZGM4NjFiMTBiYjkifQ==; x-ms-cpim-geo=NA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
x-ms-gateway-requestid: c450dd4f-e0d3-44de-ab5e-3d6d4d067d83
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Thu, 09 May 2024 19:18:11 GMT
Content-Length: 0
|
|
| aadcdn.msftauthimages.net/dbd5a2dd-lej3tqse7-pwnz5q7pt6hkonbyorubo8r0-y35oeh8/logintenantbranding/0/illustration?ts=637686740285537504 | 13.107.246.53 | 200 OK | 119 kB |
URL GET HTTP/2aadcdn.msftauthimages.net/dbd5a2dd-lej3tqse7-pwnz5q7pt6hkonbyorubo8r0-y35oeh8/logintenantbranding/0/illustration?ts=637686740285537504 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256 CertificateIssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3 Size119 kB (119131 bytes) Hash30b5e955fd5d88d486b5cc7e99dc6494 5e9343c28e6fd4e8395e1c3068c17b1f5ec86bc3 19c13c885f2fa9084e4b1dfff0204d1c4ddd654f2cc31a5ed53afd7e0d273c98
GET /dbd5a2dd-lej3tqse7-pwnz5q7pt6hkonbyorubo8r0-y35oeh8/logintenantbranding/0/illustration?ts=637686740285537504 HTTP/1.1
Host: aadcdn.msftauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:18:12 GMT
content-type: image/*
content-length: 119131
cache-control: public, max-age=86400
last-modified: Fri, 01 Oct 2021 08:33:49 GMT
etag: 0x8D984B63121EAD5
x-ms-request-id: b3bf9ecb-f01e-0053-6f45-a22467000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240509T191811Z-er15bb998b77n2vxrv9h3q5wzw00000004t0000000005cqy
x-fd-int-roxy-purgeid: 0
x-cache: TCP_MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| stcoadb2c.blob.core.windows.net/prod-html/src/backgrounds/1-1.png | 0.0.0.0 | | 0 B |
URL GET stcoadb2c.blob.core.windows.net/prod-html/src/backgrounds/1-1.png IP0.0.0.0:0
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /prod-html/src/backgrounds/1-1.png HTTP/1.1
Host: stcoadb2c.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| stcoadb2c.blob.core.windows.net/prod-html/src/images/logo.svg | 0.0.0.0 | | 0 B |
URL GET stcoadb2c.blob.core.windows.net/prod-html/src/images/logo.svg IP0.0.0.0:0
Requested byhttps://coadazureprod.b2clogin.com/coadazureprod.onmicrosoft.com/B2C_1A_SignIn_Saml/samlp/sso/login?SAMLRequest=fVJLT8MwDP4rUe5tkm5jNOoqlU1IlQAhhjhwmbI03SK1SYnT8fj1ZKk4ANKutj9%2fD7sA0XcDr0Z%2fNE%2fqbVTgUb1ZYd0kbDnPZ0uWJ4uGZsmcZm2Sz9g%2baSljV1TuGRVLjF6UA23NCmcpxagGGFVtwAvjQ4lm84QuEpo%2fs5yza07zdMYWrxhtAo82wkfk0fsBOCHSikZ8jU4NzjbpPpOdPWiTStv%2faVnTa%2bks2NbH7k223rFqt9UHU5vdNjgi0RYBsCQuwWhtDaizqNEZbgVo4Eb0CriXfFvd3%2fGgn8tpiI8GBiV1q1WD0UffGeBx4WV00OattB0ui5iDm6CXQQJAuXMOuPzJQYRjpGfHp5CiOKjoUTQtkDB60lIB8W4EX5CJpiymIz6E5fXm0XZafqJb63pxwS5LWayEQ7dx9Lfpquvs%2b9op4dUKBzaFESkL8v9bym8%3d&RelayState=eaad368d-18fe-4d22-a040-d74387d2f3d2&Signature=NihqynStqk1v8nWBN%2f0flICXUQFWp%2bZ%2fIZ4mqgZfdSQOhYmLSgN3lFzyZ1J%2fMmru6ZAbPaxEAefCgAWIcq%2f7qq%2f%2bCxRWouDpgagQrdX4cQ%2f7vXJjQ4iW%2bv0o3%2b2b1UvvQhpKuGHhqyNl5kKMB5FOw7NYSeWcgzPBiPyUMz%2fc8iZfckKl%2bFGQq1Tl0pZDU7Ls9uPUqthdHs9dat31nDev3rCGrQlz3UiVSKmbOzKR%2bgmCl6Eo5hKOkutL1A251bzpDiBNEfVuBnzHU3ig7QdU0d45f5ypRoITU%2bRucQovGULqkxpIPCBZ7nznuWtjZsVXaNVYYzI7TlO4VUh1QkZY5Q%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2001%2f04%2fxmldsig-more%23rsa-sha256
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /prod-html/src/images/logo.svg HTTP/1.1
Host: stcoadb2c.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coadazureprod.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|