| | 20.118.147.147 | 200 OK | 1.0 kB |
URL User Request GET HTTP/2IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1755), with no line terminators Hash0d4a551de8752b86bc6970caa3e5ed4e 45edb175be9915b91630f29e66fb10e76acb032d ef631133d872fc98ea3be212e7a3cfac14447d4cf4743b0bddeddabbb5833c47
GET / HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: text/html
content-length: 1004
accept-ranges: bytes
content-encoding: gzip
etag: "0a848becb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:32 GMT
set-cookie: ARRAffinity=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
vary: Accept-Encoding
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/fonts/founders-grotesk-regular.woff | 20.118.147.147 | 200 OK | 12 kB |
URL GET HTTP/2portal.mossadams.com/fonts/founders-grotesk-regular.woff IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 12158, version 1.0 Hash5bb671f73f419e902d6a28645d155acf 1f925f18d8bfe787e54500051caa37f00eb73667 adad4e73d497cfe900fb428e063e32ee16ae447ff31b6b7881fafcaf911a3298
GET /fonts/founders-grotesk-regular.woff HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.mossadams.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: application/x-font-woff
content-length: 12158
accept-ranges: bytes
etag: "02abc0cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:36 GMT
set-cookie: ARRAffinity=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/fonts/founders-grotesk-condensed-medium.woff | 20.118.147.147 | 200 OK | 13 kB |
URL GET HTTP/2portal.mossadams.com/fonts/founders-grotesk-condensed-medium.woff IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 13206, version 1.0 Hasheffa97a1e34c04229491c5ce4df88769 db7a3c1834a428bb5b98c0ebcf483e4f84b9d84d 87260f34afecaf48b309d37fdbeba17d9b9e7dbcb503a6f3d59231df40ab173b
GET /fonts/founders-grotesk-condensed-medium.woff HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.mossadams.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: application/x-font-woff
content-length: 13206
accept-ranges: bytes
etag: "02abc0cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:36 GMT
set-cookie: ARRAffinity=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/fonts/BerlingskeSerif-Bd.woff2 | 20.118.147.147 | 200 OK | 29 kB |
URL GET HTTP/2portal.mossadams.com/fonts/BerlingskeSerif-Bd.woff2 IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28612, version 1.393 Hasheb43ddb2d43064cd0ac101c76f5218c4 fb7ce08a1c7a90765bbe394cddfefd6924df33a4 0efc812ace7a4ac6819b3bf0762e2ef1563bd4e0eebceb4f1a176ed736cf19bb
GET /fonts/BerlingskeSerif-Bd.woff2 HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.mossadams.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: application/x-font-woff2
content-length: 28612
accept-ranges: bytes
etag: "02abc0cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:36 GMT
set-cookie: ARRAffinity=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/fonts/founders-grotesk-medium.woff | 20.118.147.147 | 200 OK | 12 kB |
URL GET HTTP/2portal.mossadams.com/fonts/founders-grotesk-medium.woff IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 12269, version 1.0 Hash81b990711b1dbd59925d6416a63bf31c 70ed9a279a865adc7be668ecf2379c740e7a5edd 1d24ff545b9d541bf815f69c3564a9f14e11cc2b37d58cbbfc313e89e6993972
GET /fonts/founders-grotesk-medium.woff HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.mossadams.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: application/x-font-woff
content-length: 12269
accept-ranges: bytes
etag: "02abc0cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:36 GMT
set-cookie: ARRAffinity=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/fonts.css | 20.118.147.147 | 200 OK | 283 B |
URL GET HTTP/2portal.mossadams.com/fonts.css IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash1ed63c2e874b9d402204097c5e521063 54d95324f57ccd366453e64e9b674261895f5119 9cdff577f455ba2e9ba36d0a005e99b1534b0a415bd948ad1aa547f642e20bf7
GET /fonts.css HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: text/css
content-length: 283
accept-ranges: bytes
content-encoding: gzip
etag: "07b17bdcb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:30 GMT
set-cookie: ARRAffinity=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
vary: Accept-Encoding
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/static/css/main.7ca09a0f.css | 20.118.147.147 | 200 OK | 28 kB |
URL GET HTTP/2portal.mossadams.com/static/css/main.7ca09a0f.css IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashfd9cba8526c0c4700a75cdf2249c1b8a 8c679de70de86d36146ffb552b161ed4edb1082a 4a3a539dae96bb1ce17144727c37c1a83468d52e4237d9c0f3a28fd9c12dedf7
GET /static/css/main.7ca09a0f.css HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: text/css
content-length: 28065
accept-ranges: bytes
content-encoding: gzip
etag: "05cdc3cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:40 GMT
set-cookie: ARRAffinity=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
vary: Accept-Encoding
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/fonts/BerlingskeSerif-DBd.woff | 20.118.147.147 | 200 OK | 42 kB |
URL GET HTTP/2portal.mossadams.com/fonts/BerlingskeSerif-DBd.woff IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 42320, version 1.393 Hash4cc3a177dd781fa507c24f519a898fdc d8550e3a70767ccab1c7f1465f3b8c747a001749 2f77300cef7d3f7b2343bfd2c2c042b1c003e8d8b046a8fb568a9817a2b7b70a
GET /fonts/BerlingskeSerif-DBd.woff HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.mossadams.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: application/x-font-woff
content-length: 42320
accept-ranges: bytes
etag: "02abc0cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:36 GMT
set-cookie: ARRAffinity=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/static/js/main.2b7bad63.js | 20.118.147.147 | 200 OK | 1.1 MB |
URL GET HTTP/2portal.mossadams.com/static/js/main.2b7bad63.js IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65465) Size1.1 MB (1101119 bytes) Hashacd6bc323791630badd4d7f57631cc5a 2a75e2e1e1cdfeca00a97a88e13cba1d519baf02 4ba472f55549671ad71a781a632fe3445c680d9634483463f5f6a2d85874ed9c
GET /static/js/main.2b7bad63.js HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:13 GMT
content-type: application/x-javascript
content-length: 1101119
accept-ranges: bytes
content-encoding: gzip
etag: "0785bd1cb80da1:0"
last-modified: Thu, 28 Mar 2024 04:53:04 GMT
set-cookie: ARRAffinity=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=e93d6db6e8de0b77b9b7266b2199e09e3cb29f99423a5dd9b79f3222f2609f9c;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
vary: Accept-Encoding
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| portal.mossadams.com/favicon.ico | 20.118.147.147 | 200 OK | 50 kB |
URL GET HTTP/2portal.mossadams.com/favicon.ico IP20.118.147.147:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectportal.mossadams.com Fingerprint53:95:ED:FD:17:FC:E6:4B:C3:FF:5B:16:2F:56:42:27:71:74:E6:04 ValidityThu, 02 May 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hash405e2c2cf72e42a1c932a80452b87a8f 157c537733c2f8d566bfdccb2c3c28ab7d6a90f3 cc95cd58cb187478cb693bfc213ac394a5423e53cd88a7c24ce1fdd5a65c7f6d
GET /favicon.ico HTTP/1.1
Host: portal.mossadams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:15 GMT
content-type: image/x-icon
content-length: 50423
accept-ranges: bytes
etag: "0a848becb80da1:0"
last-modified: Thu, 28 Mar 2024 04:52:32 GMT
set-cookie: ARRAffinity=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
ARRAffinitySameSite=d0d0a49a2c77c49e6c1271d26603f382fc00b02328220ca48d8ef825fe6ff314;Path=/;HttpOnly;SameSite=None;Secure;Domain=clientportal-p-r1-app00-app.azurewebsites.net
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mossadamsapps.b2clogin.com/tfp/mossadamsapps.onmicrosoft.com/b2c_1_login/v2.0/.well-known/openid-configuration | 20.190.177.149 | 200 OK | 1.4 kB |
URL GET HTTP/1.1mossadamsapps.b2clogin.com/tfp/mossadamsapps.onmicrosoft.com/b2c_1_login/v2.0/.well-known/openid-configuration IP20.190.177.149:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://portal.mossadams.com/ CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
Hash2871a7a5faf1f48d11c86dc94563fc66 d4b1efa17ccc8644dc9db367d7679cb6a0748f96 f6724f644e576001251bdd35d6172eed8bd53194c6a8941cfcaf3bc44eb1e743
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /tfp/mossadamsapps.onmicrosoft.com/b2c_1_login/v2.0/.well-known/openid-configuration HTTP/1.1
Host: mossadamsapps.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portal.mossadams.com/
Origin: https://portal.mossadams.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: application/json; charset=utf-8
x-ms-gateway-requestid: eff033da-778b-4330-96f9-4742f004f1b7
Access-Control-Allow-Origin: https://portal.mossadams.com
Access-Control-Allow-Methods: GET, OPTIONS
X-Frame-Options: SAMEORIGIN
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-trans=; domain=mossadamsapps.b2clogin.com; expires=Thu, 08-May-2014 16:45:16 GMT; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-geo=NA; expires=Wed, 08 May 2024 17:45:16 GMT; path=/; secure; samesite=none; httponly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 08 May 2024 16:45:15 GMT
Content-Length: 1419
|
|
| mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D | 20.190.177.19 | 200 OK | 66 kB |
URL User Request GET HTTP/1.1mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D IP20.190.177.19:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (61518), with CRLF, LF line terminators Hashca45d6c9d6f4fa14b65d324fc30270ff 896623831e0f8e6d89ab4b6441117f0aaad071f7 577ff9a4d8b8e0112612c5066b62a378e0b83f5e789d3bc1f373445235625fa0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D HTTP/1.1
Host: mossadamsapps.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
x-ms-gateway-requestid: d52df902-37e4-4e90-a2f7-2a78dc48c2d9
X-UA-Compatible: IE=edge
X-Request-ID: 3b49db39-0861-45d5-8f1d-7153f3f54674
X-Build: 1.1.150.0
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-sso:mossadamsapps.onmicrosoft.com_0=m1.pxobUxK9HCIR4mUH.CllQuKqWyRFv/elAQIUGAA==.0.gViWsQA8PJ7gITSIi6SVz9w8XwmQdyZUoY3PFuSTyJQ22Q6PywKKUAO7COlSQ6Msu/XhQsCKgqTEz5sDF1Ht62KVEAJsNAQ4OqP9ErdjRpFuF2zsngoVWe8lCYsB69vO+VAEh8NAYuGNPLk6DKrq+BNnY3mmE/P7cUTTPaW7uz519dMaonOw7iOfQev70A8c9XIoywkfJSH1FxqEweUInLOPQQhC4BebhSghoLHoPH7xgqP6XRLkn+ubn6+SaY/f7weCBO8a9/BEXtaqrwI3ttRZ1E7yKuaBpYAXIMZkrtLX3KJmGYWAUftVtCphOuLIGhtN+7OeCLnKhz4i8wOcJYOsSkevRhDe; domain=mossadamsapps.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-csrf=Ym90SkNSWUZoNjI2a3hZQW04ZWQrV2NZTTErQlBKQUE0cmltZW00USt0UG50VG12TDR4dXRlV0taY2d6T1lEdy9lZXU5bzR4cWFFTVBJY0tiZ1NCYnc9PTsyMDI0LTA1LTA4VDE2OjQ1OjE3LjM4MzQ4ODZaOzJKYXV0NjZIb0VKOGlxYXJUbWpwZ2c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=mossadamsapps.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|odtjo2ei1uwphxft8_vgda_0=m1.D/0XCxZWt4j0T3Nd.QTB9u1hL9IFj196PLwgDrg==.0.KYJywoYfaCAp2Oe+Fj6UCa/A66WaL4mQT65wOg3JuI9lgzHKCF3RHU9ZbBZuJSKzWaHUFeWprfVxU33g6bY24s4WPFPISI4/kfkeF1rkh+/kRUqHAnPS/yXCHVzP0EOxXj4mdsVCGj4STBVpTuOPtD6OSTs+Zo/+uxVWmuXR/RKlc0ZFiKEtorGVA0vmnKzJ1Wz/iZwcUqbw+79tI0vVlzk57tFpF/dZL6eX+sFW85tseL/jupmqurucJOL97/aBFsdyEQFgve6lizCraH3Cuyt064/lQcRXZy9vwhBp/dSgBfuGgleu54kHe97QL92n5FOGmckYGp/EQgycxCgX9DleksQtGZ+4LU8LFWSCEDWJ0l+zUaaYSUnatXPyxQq/61KOSYwJZO/4mmecJsy2tWv/IryRR8XcTx/bV9QYkUVxO7kaqcHYvTPcY8VPHTQbiL3wbG65bkrZ3yKeKIeM2Kxqs9pyLoDtFurlJVmwlAwZ/ulz12XZb8SKNzasDZJOxKjLUfKt7BFgPDEZss2W5thSCS6ffbl5V5CJg/1MO2cqHELmc8wvjZDRT38hY9cK0ufI/9RjCcvOSVOcHpq5WkayE64sz+M0MfgZh5EL/1/giFmF15AhjEACGUEgcOYC8cexI/06xnmfxk9CGiBsJSKBSYD4wxrjkfO2p5s6s3De2GxdDxvqnuPSAki9NwEUiBIXKxciOpnDhuJQr/p1Z6BE+xR4XBOufw2WMQn9p91bIImhIbsSpsNt5I4a6zm3znLUv0m4fNs0P+dAvvoWDVMnn2r4EUVvpcwD6cWjqS9sVyHl3X3uB2nYI3kQA8+D7iFWofFx0cfgedJbm7o3RiDcePmhredRGoD4NDMdhAzhYqJFUpWiKmXnRVLcAKixWwD8GhlrOvdBx7iET92Vhc4f0GkEzGzDEHafzW/Bz/YYUEwVt5Fmsmsvu2x/l2+hhBh83ZlR1GYNo6O3kTuRWu5xn68ThIX8aNu45SwdkoawuVwW5rc/ZtZUK7H6h4HOSmDuzCu4FLNc563lt7C7+IsWJYc1It8oeVPLGBw+/NoIK0fQ4DfnCfiIUfxqYTHQ7dmmL++IKWhwWE/erH91k39wz/RL7KeBI8512NUakTeJU/i/v+FWhoKkF0Flfk0XpWTFQHdzcc1QRuSJtImW/NL0QWODkIW6MZvzHXsDU78ehs62JNF64EZ7qsG8r2D78nzGjBaFuAh4pHDNkRNghhGWg6CpKbJO+pRBpwT0DBOJlF1ZlkcmvPXmnmN/tD2LvZK4F7hXFoDn19G0Jx+NyWxmY+cvh6fZEihlOIYrfmsRfgfRfj3QL+WZBosAykB7wruXLAmG/m5BOggdcAEfXeMAVfwsCy4KOjBgs/SVVpBVkwQMo2LntiXSbvOh6S3gxBBMgFg=; domain=mossadamsapps.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjNiNDlkYjM5LTA4NjEtNDVkNS04ZjFkLTcxNTNmM2Y1NDY3NCIsIlQiOiJtb3NzYWRhbXNhcHBzLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9sb2dpbiIsIkMiOiJkMjVhYjU2Zi05YzZmLTQzNmEtOGUwMS04ODg2MDY5MzM4MDkiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjNiNDlkYjM5LTA4NjEtNDVkNS04ZjFkLTcxNTNmM2Y1NDY3NCJ9; domain=mossadamsapps.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-geo=NA; expires=Wed, 08 May 2024 17:45:17 GMT; path=/; secure; samesite=none; httponly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 08 May 2024 16:45:16 GMT
Content-Length: 66403
|
|
| mossadamsappsdr000st.blob.core.windows.net/b2c-custom-pages/signin.html?ui_locales=en | 52.239.236.68 | 200 OK | 27 kB |
URL GET HTTP/1.1mossadamsappsdr000st.blob.core.windows.net/b2c-custom-pages/signin.html?ui_locales=en IP52.239.236.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D CertificateIssuerMicrosoft Corporation Subject*.blob.core.windows.net Fingerprint97:1C:0B:AF:C9:56:9E:E4:FF:87:A8:F8:7C:68:FD:6E:08:2F:74:F4 ValidityFri, 12 Apr 2024 18:27:32 GMT - Mon, 07 Apr 2025 18:27:32 GMT
File typeJavaScript source, ASCII text, with very long lines (20467), with CRLF line terminators Hashf6cfd849128960719a169d1fb616b0c0 0a318171e757ae9032c3442db5bcdea35c5c2377 3f368147936121cc6b460ffe08811ed7a2b1dc910a6c00ce19225b9778651aa4
GET /b2c-custom-pages/signin.html?ui_locales=en HTTP/1.1
Host: mossadamsappsdr000st.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mossadamsapps.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://mossadamsapps.b2clogin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 26878
Content-Type: text/html
Content-MD5: 9s/YSRKJYHGaFp0fthawwA==
Last-Modified: Mon, 21 Feb 2022 20:56:17 GMT
ETag: 0x8D9F57C9B3E3E55
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5287ede1-a01e-002e-6f67-a161ec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Wed, 08 May 2024 16:45:17 GMT
|
|
| mossadamsappsdr000st.blob.core.windows.net/b2c-custom-pages/moss-adams-logo.png | 52.239.236.68 | 200 OK | 15 kB |
URL GET HTTP/1.1mossadamsappsdr000st.blob.core.windows.net/b2c-custom-pages/moss-adams-logo.png IP52.239.236.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D CertificateIssuerMicrosoft Corporation Subject*.blob.core.windows.net Fingerprint97:1C:0B:AF:C9:56:9E:E4:FF:87:A8:F8:7C:68:FD:6E:08:2F:74:F4 ValidityFri, 12 Apr 2024 18:27:32 GMT - Mon, 07 Apr 2025 18:27:32 GMT
File typePNG image data, 600 x 174, 8-bit/color RGBA, non-interlaced Hashfd4c83c2e9f5b3aeb668141099b0f086 fe6577a17b1455922afaae14eb736d4351502c81 58d61da93ea6eebb0ec7f7c19278b0b501f6890699adb8f5b06e0d123b9214d2
GET /b2c-custom-pages/moss-adams-logo.png HTTP/1.1
Host: mossadamsappsdr000st.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mossadamsapps.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 15203
Content-Type: image/png
Content-MD5: /UyDwun1s662aBQQmbDwhg==
Last-Modified: Mon, 21 Feb 2022 17:08:22 GMT
ETag: 0x8D9F55CC4450164
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8ea1eb33-801e-001b-6c67-a1cfb9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Wed, 08 May 2024 16:45:19 GMT
|
|
| mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/B2C_1_Login/client/perftrace?tx=StateProperties=eyJUSUQiOiIzYjQ5ZGIzOS0wODYxLTQ1ZDUtOGYxZC03MTUzZjNmNTQ2NzQifQ&p=B2C_1_Login | 20.190.177.19 | 200 OK | 0 B |
URL POST HTTP/1.1mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/B2C_1_Login/client/perftrace?tx=StateProperties=eyJUSUQiOiIzYjQ5ZGIzOS0wODYxLTQ1ZDUtOGYxZC03MTUzZjNmNTQ2NzQifQ&p=B2C_1_Login IP20.190.177.19:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintA1:AB:1F:86:66:CB:8E:63:92:58:C2:0E:EF:93:6E:CF:DA:AF:FE:DD ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
POST /mossadamsapps.onmicrosoft.com/B2C_1_Login/client/perftrace?tx=StateProperties=eyJUSUQiOiIzYjQ5ZGIzOS0wODYxLTQ1ZDUtOGYxZC03MTUzZjNmNTQ2NzQifQ&p=B2C_1_Login HTTP/1.1
Host: mossadamsapps.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-CSRF-TOKEN: Ym90SkNSWUZoNjI2a3hZQW04ZWQrV2NZTTErQlBKQUE0cmltZW00USt0UG50VG12TDR4dXRlV0taY2d6T1lEdy9lZXU5bzR4cWFFTVBJY0tiZ1NCYnc9PTsyMDI0LTA1LTA4VDE2OjQ1OjE3LjM4MzQ4ODZaOzJKYXV0NjZIb0VKOGlxYXJUbWpwZ2c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
X-Requested-With: XMLHttpRequest
Content-Length: 2607
Origin: https://mossadamsapps.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Cookie: x-ms-cpim-sso:mossadamsapps.onmicrosoft.com_0=m1.pxobUxK9HCIR4mUH.CllQuKqWyRFv/elAQIUGAA==.0.gViWsQA8PJ7gITSIi6SVz9w8XwmQdyZUoY3PFuSTyJQ22Q6PywKKUAO7COlSQ6Msu/XhQsCKgqTEz5sDF1Ht62KVEAJsNAQ4OqP9ErdjRpFuF2zsngoVWe8lCYsB69vO+VAEh8NAYuGNPLk6DKrq+BNnY3mmE/P7cUTTPaW7uz519dMaonOw7iOfQev70A8c9XIoywkfJSH1FxqEweUInLOPQQhC4BebhSghoLHoPH7xgqP6XRLkn+ubn6+SaY/f7weCBO8a9/BEXtaqrwI3ttRZ1E7yKuaBpYAXIMZkrtLX3KJmGYWAUftVtCphOuLIGhtN+7OeCLnKhz4i8wOcJYOsSkevRhDe; x-ms-cpim-csrf=Ym90SkNSWUZoNjI2a3hZQW04ZWQrV2NZTTErQlBKQUE0cmltZW00USt0UG50VG12TDR4dXRlV0taY2d6T1lEdy9lZXU5bzR4cWFFTVBJY0tiZ1NCYnc9PTsyMDI0LTA1LTA4VDE2OjQ1OjE3LjM4MzQ4ODZaOzJKYXV0NjZIb0VKOGlxYXJUbWpwZ2c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|odtjo2ei1uwphxft8_vgda_0=m1.D/0XCxZWt4j0T3Nd.QTB9u1hL9IFj196PLwgDrg==.0.KYJywoYfaCAp2Oe+Fj6UCa/A66WaL4mQT65wOg3JuI9lgzHKCF3RHU9ZbBZuJSKzWaHUFeWprfVxU33g6bY24s4WPFPISI4/kfkeF1rkh+/kRUqHAnPS/yXCHVzP0EOxXj4mdsVCGj4STBVpTuOPtD6OSTs+Zo/+uxVWmuXR/RKlc0ZFiKEtorGVA0vmnKzJ1Wz/iZwcUqbw+79tI0vVlzk57tFpF/dZL6eX+sFW85tseL/jupmqurucJOL97/aBFsdyEQFgve6lizCraH3Cuyt064/lQcRXZy9vwhBp/dSgBfuGgleu54kHe97QL92n5FOGmckYGp/EQgycxCgX9DleksQtGZ+4LU8LFWSCEDWJ0l+zUaaYSUnatXPyxQq/61KOSYwJZO/4mmecJsy2tWv/IryRR8XcTx/bV9QYkUVxO7kaqcHYvTPcY8VPHTQbiL3wbG65bkrZ3yKeKIeM2Kxqs9pyLoDtFurlJVmwlAwZ/ulz12XZb8SKNzasDZJOxKjLUfKt7BFgPDEZss2W5thSCS6ffbl5V5CJg/1MO2cqHELmc8wvjZDRT38hY9cK0ufI/9RjCcvOSVOcHpq5WkayE64sz+M0MfgZh5EL/1/giFmF15AhjEACGUEgcOYC8cexI/06xnmfxk9CGiBsJSKBSYD4wxrjkfO2p5s6s3De2GxdDxvqnuPSAki9NwEUiBIXKxciOpnDhuJQr/p1Z6BE+xR4XBOufw2WMQn9p91bIImhIbsSpsNt5I4a6zm3znLUv0m4fNs0P+dAvvoWDVMnn2r4EUVvpcwD6cWjqS9sVyHl3X3uB2nYI3kQA8+D7iFWofFx0cfgedJbm7o3RiDcePmhredRGoD4NDMdhAzhYqJFUpWiKmXnRVLcAKixWwD8GhlrOvdBx7iET92Vhc4f0GkEzGzDEHafzW/Bz/YYUEwVt5Fmsmsvu2x/l2+hhBh83ZlR1GYNo6O3kTuRWu5xn68ThIX8aNu45SwdkoawuVwW5rc/ZtZUK7H6h4HOSmDuzCu4FLNc563lt7C7+IsWJYc1It8oeVPLGBw+/NoIK0fQ4DfnCfiIUfxqYTHQ7dmmL++IKWhwWE/erH91k39wz/RL7KeBI8512NUakTeJU/i/v+FWhoKkF0Flfk0XpWTFQHdzcc1QRuSJtImW/NL0QWODkIW6MZvzHXsDU78ehs62JNF64EZ7qsG8r2D78nzGjBaFuAh4pHDNkRNghhGWg6CpKbJO+pRBpwT0DBOJlF1ZlkcmvPXmnmN/tD2LvZK4F7hXFoDn19G0Jx+NyWxmY+cvh6fZEihlOIYrfmsRfgfRfj3QL+WZBosAykB7wruXLAmG/m5BOggdcAEfXeMAVfwsCy4KOjBgs/SVVpBVkwQMo2LntiXSbvOh6S3gxBBMgFg=; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjNiNDlkYjM5LTA4NjEtNDVkNS04ZjFkLTcxNTNmM2Y1NDY3NCIsIlQiOiJtb3NzYWRhbXNhcHBzLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMV9sb2dpbiIsIkMiOiJkMjVhYjU2Zi05YzZmLTQzNmEtOGUwMS04ODg2MDY5MzM4MDkiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjNiNDlkYjM5LTA4NjEtNDVkNS04ZjFkLTcxNTNmM2Y1NDY3NCJ9; x-ms-cpim-geo=NA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
x-ms-gateway-requestid: 47c860a5-fc58-4354-b826-41718f743be9
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Wed, 08 May 2024 16:45:18 GMT
Content-Length: 0
|
|
| mossadamsappsdr000st.blob.core.windows.net/b2c-custom-pages/walk2.jpg | 52.239.236.68 | 200 OK | 511 kB |
URL GET HTTP/1.1mossadamsappsdr000st.blob.core.windows.net/b2c-custom-pages/walk2.jpg IP52.239.236.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://mossadamsapps.b2clogin.com/mossadamsapps.onmicrosoft.com/b2c_1_login/oauth2/v2.0/authorize?client_id=d25ab56f-9c6f-436a-8e01-888606933809&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fportal.mossadams.com&client-request-id=192f6efc-bbf7-4a55-b2ff-9b39db7f33db&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.21.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=ZLsv7HFypmJzat7HchKmq2Tl5UzEZfrUPLN9NPX2dwg&code_challenge_method=S256&nonce=a31666a8-0dde-4c96-8036-1fc195c5cb10&state=eyJpZCI6ImY1NWEzN2Y1LWEyYWQtNDEzMS1iZTI1LWRjOGU5Y2NlMDNiMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D CertificateIssuerMicrosoft Corporation Subject*.blob.core.windows.net Fingerprint97:1C:0B:AF:C9:56:9E:E4:FF:87:A8:F8:7C:68:FD:6E:08:2F:74:F4 ValidityFri, 12 Apr 2024 18:27:32 GMT - Mon, 07 Apr 2025 18:27:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 1587x1190, components 3 Size511 kB (510618 bytes) Hash077fd1e0fe105efc26e8d487c02d707f 2da5e622171b5af3173285ee972a625ed319461a fac4f4a878448a1f860e651c45dd10f7101986f774bee8a392fabf042b74cd5e
GET /b2c-custom-pages/walk2.jpg HTTP/1.1
Host: mossadamsappsdr000st.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mossadamsapps.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 510618
Content-Type: image/jpeg
Content-MD5: B3/R4P4QXvwm6NSHwC1wfw==
Last-Modified: Mon, 21 Feb 2022 08:03:44 GMT
ETag: 0x8D9F510AEC08BF3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b60687e0-801e-0010-2567-a1d7cd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Wed, 08 May 2024 16:45:18 GMT
|
|
| by2.uservoice.com/t2/820869/web/track.js?_=1715186716228&s=0&c=__uvSessionData0&d=eyJ1Ijp7Im8iOjAsImFjY291bnQiOnt9fSwiZSI6eyJ1IjoiaHR0cHM6Ly9wb3J0YWwubW9zc2FkYW1zLmNvbS8iLCJyIjoiIn19 | 104.17.30.92 | 200 OK | 66 B |
URL GET HTTP/2by2.uservoice.com/t2/820869/web/track.js?_=1715186716228&s=0&c=__uvSessionData0&d=eyJ1Ijp7Im8iOjAsImFjY291bnQiOnt9fSwiZSI6eyJ1IjoiaHR0cHM6Ly9wb3J0YWwubW9zc2FkYW1zLmNvbS8iLCJyIjoiIn19 IP104.17.30.92:443
Requested byhttps://portal.mossadams.com/ CertificateIssuerCloudflare, Inc. Subjectuservoice.com Fingerprint54:7E:E0:37:99:0A:9F:F9:BB:72:D5:F8:2F:AA:EC:7A:A4:62:5E:11 ValiditySat, 24 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash05df17cc9f22c3a3e06514fa78463361 6689a6ad5c29f6b0ebc3ad97cfc23414ee028494 9109c7570e04467f8facd868865a6ba9a73c43340874c0afae102f401079df84
GET /t2/820869/web/track.js?_=1715186716228&s=0&c=__uvSessionData0&d=eyJ1Ijp7Im8iOjAsImFjY291bnQiOnt9fSwiZSI6eyJ1IjoiaHR0cHM6Ly9wb3J0YWwubW9zc2FkYW1zLmNvbS8iLCJyIjoiIn19 HTTP/1.1
Host: by2.uservoice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
strict-transport-security: max-age=31536000; includeSubDomains
expires: Wed, 08 May 2024 16:45:15 GMT
cf-cache-status: DYNAMIC
set-cookie: uvts=141bf898-e6d2-498f-51e7-50706eb95ebd; Path=/; Domain=by2.uservoice.com; Secure; SameSite=None
uvts=141bf898-e6d2-498f-51e7-50706eb95ebd; Path=/; Domain=by2.uservoice.com; Secure; SameSite=None; Partitioned
__cf_bm=zvdLVaS8f1z4j2wCUldn0cf6kyJYoMvmXOOadJ6izvI-1715186716-1.0.1.1-iqSd5ugm7feRGpSm7bEaxeWLrjumvUAsdnqk7vvYo8d8WK04HqZoTlrkbQjJ_CD4LfAH4ymgpKquw7tXB8Zgpw; path=/; expires=Wed, 08-May-24 17:15:16 GMT; domain=.uservoice.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 880aeb512f4a5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mossadams.uservoice.com/widget_environment/VPFaXIjI7RekA4FNgdY1CQ.js | 104.17.30.92 | 200 OK | 72 kB |
URL GET HTTP/2mossadams.uservoice.com/widget_environment/VPFaXIjI7RekA4FNgdY1CQ.js IP104.17.30.92:443
Requested byhttps://portal.mossadams.com/ CertificateIssuerCloudflare, Inc. Subjectuservoice.com Fingerprint54:7E:E0:37:99:0A:9F:F9:BB:72:D5:F8:2F:AA:EC:7A:A4:62:5E:11 ValiditySat, 24 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (34873) Hashb98fb9efd1ef5c5edcdca7b9343b1c62 f6da6cb7f89e32b7f3a94f4962870cc6e4adceed 2ff1e217ade469a7de13338f8bf8cda22a9980a0a8ab48d95ff0b0b0d963416b
GET /widget_environment/VPFaXIjI7RekA4FNgdY1CQ.js HTTP/1.1
Host: mossadams.uservoice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portal.mossadams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:45:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
etag: W/"dcb3b805c1190095cffc0861d20cf180"
cache-control: public, max-age=14400
content-security-policy:
x-request-id: 12d3c52fccc9d0f00f59cbc68ac47c2d
cf-cache-status: MISS
expires: Wed, 08 May 2024 20:45:16 GMT
set-cookie: __cf_bm=LjWgfrcMoLkyflP629bYlOVwqhN..KgWctPcA.SwLeo-1715186716-1.0.1.1-S64ih9UfK0yTJ9EJGowdNGYp0EOvYDaXLe80XwuA.eB1u0mkt1cl1BsQeyJy4DdEbjQP1rBLzPkCfcrKnIannw; path=/; expires=Wed, 08-May-24 17:15:16 GMT; domain=.uservoice.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 880aeb4b1e8e5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|